Filtered by vendor Uniong
Subscriptions
Filtered by product Webitr
Subscriptions
Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13770 | 1 Uniong | 1 Webitr | 2025-12-01 | 6.5 Medium |
| WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. | ||||
| CVE-2025-13768 | 1 Uniong | 1 Webitr | 2025-12-01 | 7.5 High |
| WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability. | ||||
| CVE-2025-13769 | 1 Uniong | 1 Webitr | 2025-12-01 | 6.5 Medium |
| WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents. | ||||
| CVE-2025-13771 | 1 Uniong | 1 Webitr | 2025-12-01 | 6.5 Medium |
| WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files. | ||||
| CVE-2025-9254 | 1 Uniong | 1 Webitr | 2025-11-06 | 9.8 Critical |
| WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality. | ||||
| CVE-2025-9255 | 1 Uniong | 1 Webitr | 2025-11-06 | 7.5 High |
| WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. | ||||
| CVE-2025-9256 | 1 Uniong | 1 Webitr | 2025-11-06 | 6.5 Medium |
| WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. | ||||
| CVE-2025-9257 | 1 Uniong | 1 Webitr | 2025-11-06 | 6.5 Medium |
| WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. | ||||
| CVE-2025-9258 | 1 Uniong | 1 Webitr | 2025-11-06 | 6.5 Medium |
| WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. | ||||
| CVE-2025-9259 | 1 Uniong | 1 Webitr | 2025-11-06 | 6.5 Medium |
| WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. | ||||
| CVE-2024-8586 | 1 Uniong | 1 Webitr | 2024-09-16 | 6.1 Medium |
| WebITR from Uniong has an Open Redirect vulnerability, which allows unauthorized remote attackers to exploit this vulnerability to forge URLs. Users, believing they are accessing a trusted domain, can be redirected to another page, potentially leading to phishing attacks. | ||||
Page 1 of 1.