CVE-2026-2952
- EPSS 0.32%
- Veröffentlicht 22.02.2026 14:16:02
- Zuletzt bearbeitet 25.02.2026 18:16:24
A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/tree_server.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possi...
CVE-2025-8261
- EPSS 0.1%
- Veröffentlicht 28.07.2025 06:32:05
- Zuletzt bearbeitet 15.04.2026 08:16:16
A weakness has been identified in Vaelsys VaelsysV4 4.1.0. This vulnerability affects unknown code of the file /grid/vgrid_server.php of the component User Creation Handler. Executing a manipulation can lead to improper authorization. The attack may ...
CVE-2025-8260
- EPSS 0.02%
- Veröffentlicht 28.07.2025 06:15:25
- Zuletzt bearbeitet 15.04.2026 08:16:16
A security flaw has been discovered in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. This affects an unknown part of the file /grid/vgrid_server.php of the component Web interface. Performing a manipulation of the argument xajaxargs results in use of weak has...
CVE-2025-8259
- EPSS 0.61%
- Veröffentlicht 28.07.2025 05:32:04
- Zuletzt bearbeitet 15.04.2026 08:16:15
A vulnerability was identified in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. Affected by this issue is the function execute_DataObjectProc of the file /grid/vgrid_server.php of the component Web interface. Such manipulation of the argument xajaxargs leads ...