Latest CVE Feed
-
6.3
MEDIUMCVE-2025-9401
A vulnerability has been found in HuangDou UTCMS 9. This vulnerability affects unknown code of the file app/modules/ut-frame/admin/login.php of the component Login. Such manipulation of the argument code leads to incorrect comparison. The attack can be ex... Read more
Affected Products : usualtoolcms- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Authentication
-
9.8
CRITICALCVE-2025-53118
An authentication bypass vulnerability exists which allows an unauthenticated attacker to control administrator backup functions, leading to compromise of passwords, secrets, and application session tokens stored by the Unified PAM.... Read more
Affected Products :- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Authentication
-
9.4
CRITICALCVE-2025-53120
A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.... Read more
Affected Products :- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Path Traversal
-
9.8
CRITICALCVE-2025-45968
An issue in System PDV v1.0 allows a remote attacker to obtain sensitive information via the hash parameter in a URL. The application contains an Insecure Direct Object Reference (IDOR) vulnerability, which occurs due to a lack of proper authorization che... Read more
Affected Products :- Published: Aug. 25, 2025
- Modified: Aug. 25, 2025
- Vuln Type: Authorization