Skip to main content
CVE-2025-11913 LOW POC Monitor

Path traversal in Streamax Crocus 1.3.40 Download function allows authenticated remote attackers to read arbitrary files via manipulation of the Path parameter in /Service.do?Action=Download requests. The vulnerability has a low CVSS score (2.1) due to requirement for authenticated access and confidentiality-only impact, but publicly available exploit code exists and the vendor has not responded to disclosure efforts.

Path Traversal Streamax Crocus
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-11914 LOW POC Monitor

Path traversal in Streamax Crocus 1.3.40 allows authenticated remote attackers to read arbitrary files via manipulation of the FilePath parameter in the /DeviceFileReport.do?Action=Download endpoint. The vulnerability has publicly available exploit code and affects the file download functionality with low confidentiality impact. Despite a CVSS score of 2.1, the vendor has not responded to disclosure and the exploit is publicly weaponized.

Path Traversal Streamax Crocus
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-11908 LOW POC Monitor

Streamax Crocus 1.3.40 allows authenticated remote attackers to bypass file upload restrictions via manipulation of the File parameter in the /FileDir.do?Action=Upload endpoint, enabling unrestricted file upload with limited direct impact. Publicly available exploit code exists and the vendor has not responded to disclosure attempts. Despite a low CVSS score of 2.1, the combination of public exploit availability and vendor non-response elevates operational risk, particularly if the upload mechanism can be chained with other vulnerabilities to achieve code execution.

Authentication Bypass File Upload Streamax Crocus
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-11905 LOW POC Monitor

Code injection in ChanCMS up to version 3.3.2 via the getArticle function in app/modules/cms/controller/gather.js allows authenticated remote attackers to inject and execute arbitrary code with low impact on confidentiality, integrity, and availability. The exploit is publicly available on GitHub but exploitation probability remains low (EPSS 0.04%) due to authentication requirements and limited impact scope. The vendor did not respond to early disclosure notification.

Code Injection Chancms
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-11912 LOW POC Monitor

SQL injection in Streamax Crocus 1.3.40 allows authenticated remote attackers to manipulate the orderField parameter in the /DeviceState.do?Action=Query endpoint, potentially extracting or modifying database contents. The vulnerability requires valid credentials but carries minimal confidentiality and integrity impact per CVSS scoring. Public exploit code is available, though EPSS exploitation probability remains low at 0.03%, suggesting either limited technical feasibility, narrow applicability, or defensive measures in typical deployments.

SQLi Streamax Crocus
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-11911 LOW POC Monitor

SQL injection in Streamax Crocus 1.3.40 allows authenticated remote attackers to execute arbitrary SQL queries via the sortField parameter in the /DeviceFault.do?Action=Query endpoint. While the CVSS score is low (2.1) due to limited scope and confidentiality impact, publicly available exploit code exists and the vulnerability requires only low-privilege authentication. The vendor has not responded to early disclosure attempts, leaving no patch path available.

SQLi Streamax Crocus
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-11910 LOW POC Monitor

SQL injection in Streamax Crocus 1.3.40 allows authenticated remote attackers to execute arbitrary SQL queries via the orderField parameter in the /MemoryState.do?Action=Query endpoint, potentially exposing or modifying database contents. Publicly available exploit code exists, but the CVSS score of 2.1 reflects low confidentiality, integrity, and availability impact with no scope change. The vendor did not respond to early disclosure.

SQLi Streamax Crocus
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-11909 LOW POC Monitor

SQL injection in Streamax Crocus 1.3.40 allows authenticated remote attackers to manipulate the orderField parameter in the /RepairRecord.do?Action=QueryLast endpoint, enabling database query manipulation with limited confidentiality and integrity impact. Publicly available exploit code exists and the vendor has not responded to early disclosure notification. Despite a low CVSS score of 2.1, the combination of public exploit availability and vendor non-responsiveness increases real-world risk, though exploitation requires valid user credentials and produces only low-severity data exposure.

SQLi Streamax Crocus
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-11903 LOW POC Monitor

SQL injection in ChanCMS up to version 3.3.2 allows authenticated remote attackers to manipulate the cid parameter in the /cms/article/update endpoint, enabling arbitrary database queries with limited confidentiality and integrity impact. The vulnerability requires valid user authentication and has publicly available exploit code, but carries low real-world risk due to the CVSS 2.1 score and minimal EPSS probability (0.02%). The vendor has not responded to early disclosure notifications.

SQLi Chancms
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-11902 LOW POC Monitor

SQL injection in ChanCMS up to version 3.3.2 allows authenticated remote attackers to manipulate the cid parameter in the /cms/article/findField endpoint, enabling arbitrary database queries with limited confidentiality and integrity impact. The vulnerability requires valid user authentication (PR:L in CVSS 4.0) and publicly available exploit code exists, but real-world exploitation risk remains low due to minimal data confidentiality/integrity impact (VC:L/VI:L) and only 0.02% EPSS exploitation probability, suggesting this is a low-priority SQL injection compared to unauthenticated or higher-impact variants.

SQLi Chancms
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-11904 LOW POC Monitor

SQL injection in ChanCMS up to version 3.3.2 allows authenticated remote attackers to execute arbitrary SQL queries via the ID parameter in the /cms/model/hasUse function. The vulnerability has low immediate impact (CVSS 2.1) but carries elevated real-world risk due to publicly available exploit code, authenticated but network-accessible attack vector, and vendor non-responsiveness to disclosure. Exploitation requires valid user credentials but no user interaction or special conditions.

SQLi Chancms
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy