CVE-2026-2952
- EPSS 4.52%
- Veröffentlicht 22.02.2026 14:16:02
- Zuletzt bearbeitet 29.04.2026 01:00:01
A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/tree_server.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possi...
CVE-2025-8261
- EPSS 0.6%
- Veröffentlicht 28.07.2025 06:32:05
- Zuletzt bearbeitet 29.04.2026 01:00:01
A weakness has been identified in Vaelsys VaelsysV4 4.1.0. This vulnerability affects unknown code of the file /grid/vgrid_server.php of the component User Creation Handler. Executing a manipulation can lead to improper authorization. The attack may ...
CVE-2025-8260
- EPSS 0.22%
- Veröffentlicht 28.07.2025 06:15:25
- Zuletzt bearbeitet 29.04.2026 01:00:01
A security flaw has been discovered in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. This affects an unknown part of the file /grid/vgrid_server.php of the component Web interface. Performing a manipulation of the argument xajaxargs results in use of weak has...
CVE-2025-8259
- EPSS 3.25%
- Veröffentlicht 28.07.2025 05:32:04
- Zuletzt bearbeitet 29.04.2026 01:00:01
A vulnerability was identified in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. Affected by this issue is the function execute_DataObjectProc of the file /grid/vgrid_server.php of the component Web interface. Such manipulation of the argument xajaxargs leads ...