cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-57968,https://securityvulnerability.io/vulnerability/CVE-2024-57968,File Upload Vulnerability in Advantive VeraCore Software,"Advantive VeraCore prior to version 2024.4.2.1 is susceptible to a file upload vulnerability that enables remote authenticated users to upload files to unintended directories. This misconfiguration can lead to unauthorized access to those files by other web users, potentially exposing sensitive information and compromising system integrity. The vulnerability is exploited through the upload.aspx endpoint, which lacks sufficient controls to restrict file placement within the server's directory structure.",Advantive,Veracore,9.9,CRITICAL,0.00044999999227002263,false,,true,true,true,2025-02-10T05:14:51.000Z,false,true,false,,2025-02-03T00:00:00.000Z,3657
CVE-2025-25181,https://securityvulnerability.io/vulnerability/CVE-2025-25181,SQL Injection Vulnerability in Advantive VeraCore,"A SQL injection vulnerability exists in the timeoutWarning.asp file of Advantive VeraCore, affecting versions up to 2025.1.0. This vulnerability enables remote attackers to execute arbitrary SQL commands by injecting malicious input through the PmSess1 parameter. Exploiting this flaw can lead to unauthorized data access, manipulation, or loss, highlighting the importance of securing web applications against SQL injection attacks.",Advantive,Veracore,5.8,MEDIUM,0.00044999999227002263,false,,true,false,true,2025-02-05T16:42:14.000Z,false,false,false,,2025-02-03T00:00:00.000Z,0