A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability has been found in 70mai X200 up to 20251010. Affected by this vulnerability is an unknown functionality of the component HTTP Web Server. The manipulation leads to use of default credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Unsafe deserialization in ChurchCRM setup/routes/setup.php allows remote attackers to manipulate DB_PASSWORD, ROOT_PATH, or URL parameters, leading to arbitrary code execution with limited impact. The vulnerability affects versions up to 5.18.0 and has publicly available exploit code, though EPSS exploitation probability remains low at 0.10% percentile, suggesting real-world exploitation is constrained by high attack complexity and difficult exploitability factors.
Path traversal in e107 CMS up to version 2.3.3 allows authenticated remote attackers to manipulate the multiaction[] parameter in the Avatar Handler (/e107_admin/image.php) to access or modify arbitrary files on the server. The vulnerability requires valid user credentials but has low CVSS impact (2.1) and extremely low exploitation probability (EPSS 0.11%), though publicly available exploit code exists and the vendor has not provided a response or patch.
Path traversal in ChurchCRM's Backup Restore Handler allows high-privileged remote attackers to manipulate the restoreFile argument and access arbitrary files on the system. The vulnerability affects ChurchCRM up to version 5.18.0, requires administrative privileges (PR:H), and has publicly available exploit code. While CVSS score is low (2.0) due to privilege requirements, the limited scope impact and vendor non-response elevate practical risk for deployments with exposed admin interfaces.
SQL injection in Vvveb up to version 1.0.7.3 allows authenticated high-privileged remote attackers to execute arbitrary SQL queries through the Raw SQL Handler import function in admin/controller/tools/import.php. The vulnerability requires administrative credentials and has been publicly disclosed with exploit code available, though EPSS modeling indicates low real-world exploitation probability at 0.04%.
Cross-site scripting (XSS) in LogicalDOC Community Edition up to 9.2.1 allows authenticated attackers with user interaction to inject malicious scripts via contact form fields (First Name, Last Name, Company, Address, Phone, Mobile) on the /frontend.jsp Add Contact Page. Publicly available exploit code exists; EPSS score of 0.03% reflects low real-world exploitation probability despite public POC, likely due to authentication and user interaction requirements.
Stored cross-site scripting (XSS) in AFFiNE up to version 0.24.1 allows authenticated users to inject malicious scripts via the Avatar Upload Image endpoint, which are executed in the browsers of other users viewing the attacker's profile. The vulnerability requires user interaction (victim must view the malicious avatar) and authenticated access, resulting in limited but confirmed integrity impact. Public exploit code exists; vendor contact attempts yielded no response.
Heap-based buffer overflow in bftpd up to version 6.2 within the expand_groups function of the configuration file handler allows local authenticated attackers to cause limited memory corruption with high attack complexity. Public exploit code is available, though the vulnerability requires local access and elevated privileges (PR:L), significantly limiting real-world exploitation potential compared to its CVSS score. The vendor did not respond to early disclosure.