Uniong

Webitr

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-13771

  • EPSS 0.06%
  • Veröffentlicht 28.11.2025 07:49:23
  • Zuletzt bearbeitet 01.12.2025 14:23:55

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

6.5

CVE-2025-13770

  • EPSS 0.04%
  • Veröffentlicht 28.11.2025 07:40:16
  • Zuletzt bearbeitet 01.12.2025 14:38:59

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

6.5

CVE-2025-13769

  • EPSS 0.04%
  • Veröffentlicht 28.11.2025 07:35:48
  • Zuletzt bearbeitet 01.12.2025 13:13:51

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

8.8

CVE-2025-13768

  • EPSS 0.26%
  • Veröffentlicht 28.11.2025 07:31:08
  • Zuletzt bearbeitet 01.12.2025 14:39:31

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability.

6.5

CVE-2025-9259

  • EPSS 0.08%
  • Veröffentlicht 22.08.2025 11:46:53
  • Zuletzt bearbeitet 06.11.2025 22:05:52

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.

6.5

CVE-2025-9258

  • EPSS 0.08%
  • Veröffentlicht 22.08.2025 11:43:44
  • Zuletzt bearbeitet 06.11.2025 22:06:15

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.

6.5

CVE-2025-9257

  • EPSS 0.08%
  • Veröffentlicht 22.08.2025 11:41:36
  • Zuletzt bearbeitet 06.11.2025 22:06:19

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.

6.5

CVE-2025-9256

  • EPSS 0.08%
  • Veröffentlicht 22.08.2025 11:34:04
  • Zuletzt bearbeitet 06.11.2025 22:06:26

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.

7.5

CVE-2025-9255

  • EPSS 0.06%
  • Veröffentlicht 22.08.2025 11:25:34
  • Zuletzt bearbeitet 06.11.2025 22:06:30

WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.

9.8

CVE-2025-9254

  • EPSS 0.28%
  • Veröffentlicht 22.08.2025 11:21:29
  • Zuletzt bearbeitet 06.11.2025 22:06:40

WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality.