Veracore

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-25181 MEDIUM POC KEV THREAT Act Now

A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

SQLi Veracore
NVD
CVSS 3.1
5.8
EPSS
72.1%
CVE-2024-57968 CRITICAL POC KEV THREAT Act Now

Advantive VeraCore warehouse management system allows authenticated users to upload files to unintended directories, enabling web shell deployment through the upload.aspx endpoint.

File Upload Veracore
NVD
CVSS 3.1
9.9
EPSS
44.2%
CVE-2025-25181
EPSS 72% CVSS 5.8
MEDIUM POC KEV THREAT Act Now

A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

SQLi Veracore
NVD
CVE-2024-57968
EPSS 44% CVSS 9.9
CRITICAL POC KEV THREAT Act Now

Advantive VeraCore warehouse management system allows authenticated users to upload files to unintended directories, enabling web shell deployment through the upload.aspx endpoint.

File Upload Veracore
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy