Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Uniong Subscribe
Filtered by product Webitr
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-9254 1 Uniong 1 Webitr 2025-09-23 N/A 9.8 CRITICAL
WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality.
CVE-2025-9255 1 Uniong 1 Webitr 2025-09-23 N/A 7.5 HIGH
WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVE-2025-9256 1 Uniong 1 Webitr 2025-09-23 N/A 6.5 MEDIUM
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2025-9257 1 Uniong 1 Webitr 2025-09-23 N/A 6.5 MEDIUM
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2025-9258 1 Uniong 1 Webitr 2025-09-23 N/A 6.5 MEDIUM
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2025-9259 1 Uniong 1 Webitr 2025-09-23 N/A 6.5 MEDIUM
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2024-8586 1 Uniong 1 Webitr 2024-09-16 N/A 6.1 MEDIUM
WebITR from Uniong has an Open Redirect vulnerability, which allows unauthorized remote attackers to exploit this vulnerability to forge URLs. Users, believing they are accessing a trusted domain, can be redirected to another page, potentially leading to phishing attacks.