Filtered by vendor Uniong Subscriptions
Filtered by product Webitr Subscriptions
Total 7 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-9255 1 Uniong 1 Webitr 2025-08-23 7.5 High
WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVE-2025-9258 1 Uniong 1 Webitr 2025-08-23 6.5 Medium
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2025-9254 1 Uniong 1 Webitr 2025-08-23 9.8 Critical
WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality.
CVE-2025-9259 1 Uniong 1 Webitr 2025-08-23 6.5 Medium
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2025-9256 1 Uniong 1 Webitr 2025-08-23 6.5 Medium
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2025-9257 1 Uniong 1 Webitr 2025-08-23 6.5 Medium
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2024-8586 1 Uniong 1 Webitr 2024-09-16 6.1 Medium
WebITR from Uniong has an Open Redirect vulnerability, which allows unauthorized remote attackers to exploit this vulnerability to forge URLs. Users, believing they are accessing a trusted domain, can be redirected to another page, potentially leading to phishing attacks.