Monthly
Unauthenticated OS command injection in Notifiarr Dockwatch through version 0.6.567 lets remote attackers run arbitrary shell commands on the host and achieve full compromise, since default deployments mount the Docker socket. The root cause is an Execution-After-Redirect flaw (CWE-698) where loader.php redirects unauthenticated users but fails to call exit(), allowing the attacker to seed the required session flag and then reach shell_exec() in ajax/compose.php with attacker-controlled input. The CVSS 4.0 base score is 9.2 (VC/VI/VA all High); there is no public exploit identified at time of analysis and it is not listed in CISA KEV, though a vendor advisory and upstream fix exist.
Execution After Redirect (EAR) in a4m4's Student-Management-System exposes admin/ endpoints to unauthorized data access via manipulation of the uid parameter, allowing server-side PHP logic to execute and return sensitive output despite issuing an HTTP redirect response. The CVSS vector (PR:N) confirms no authentication is required, and the exploit has been publicly published via a GitHub issue, making this trivially reproducible. No patch exists and the project maintainer has not responded to disclosure, leaving all deployed instances exposed with no vendor remediation timeline.
Unauthenticated remote code execution affects Progress ShareFile Storage Zones Controller versions up to 5.12.3 via unauthorized access to restricted configuration pages. Attackers can modify system configuration remotely without authentication, leading to complete system compromise. Publicly available exploit code exists (watchTowr Labs GitHub). EPSS score of 0.41% suggests relatively low observed exploitation despite critical CVSS 9.8 rating and POC availability. Vendor patch released per ShareFile security advisory.
Unauthenticated attackers can manipulate the Administrative Interface in Free CRM to achieve code execution following a redirect attack. The vulnerability affects Free CRM up to commit b83c40a and requires only network access and low privileges, with public exploit code already available. No patch is currently available, and the vendor has not responded to disclosure attempts.
Asp.Net-Core-Inventory-Order-Management-System versions up to 9.20250118. contains a security vulnerability (CVSS 6.3).
Sarman Soft Software and Technology Services Industry and Trade Ltd. Co. CMS contains a security vulnerability (CVSS 8.7).
A security vulnerability has been detected in ScriptAndTools Real Estate Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.0%.
A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The configuration pages available are not intended to be placed on an Internet facing web server, as they expose file paths to the client, who can be an attacker. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Unauthenticated OS command injection in Notifiarr Dockwatch through version 0.6.567 lets remote attackers run arbitrary shell commands on the host and achieve full compromise, since default deployments mount the Docker socket. The root cause is an Execution-After-Redirect flaw (CWE-698) where loader.php redirects unauthenticated users but fails to call exit(), allowing the attacker to seed the required session flag and then reach shell_exec() in ajax/compose.php with attacker-controlled input. The CVSS 4.0 base score is 9.2 (VC/VI/VA all High); there is no public exploit identified at time of analysis and it is not listed in CISA KEV, though a vendor advisory and upstream fix exist.
Execution After Redirect (EAR) in a4m4's Student-Management-System exposes admin/ endpoints to unauthorized data access via manipulation of the uid parameter, allowing server-side PHP logic to execute and return sensitive output despite issuing an HTTP redirect response. The CVSS vector (PR:N) confirms no authentication is required, and the exploit has been publicly published via a GitHub issue, making this trivially reproducible. No patch exists and the project maintainer has not responded to disclosure, leaving all deployed instances exposed with no vendor remediation timeline.
Unauthenticated remote code execution affects Progress ShareFile Storage Zones Controller versions up to 5.12.3 via unauthorized access to restricted configuration pages. Attackers can modify system configuration remotely without authentication, leading to complete system compromise. Publicly available exploit code exists (watchTowr Labs GitHub). EPSS score of 0.41% suggests relatively low observed exploitation despite critical CVSS 9.8 rating and POC availability. Vendor patch released per ShareFile security advisory.
Unauthenticated attackers can manipulate the Administrative Interface in Free CRM to achieve code execution following a redirect attack. The vulnerability affects Free CRM up to commit b83c40a and requires only network access and low privileges, with public exploit code already available. No patch is currently available, and the vendor has not responded to disclosure attempts.
Asp.Net-Core-Inventory-Order-Management-System versions up to 9.20250118. contains a security vulnerability (CVSS 6.3).
Sarman Soft Software and Technology Services Industry and Trade Ltd. Co. CMS contains a security vulnerability (CVSS 8.7).
A security vulnerability has been detected in ScriptAndTools Real Estate Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.0%.
A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The configuration pages available are not intended to be placed on an Internet facing web server, as they expose file paths to the client, who can be an attacker. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.