A vulnerability described as problematic has been identified in Unisoc T8100, T9100, T8200 and T8300. Affected by this vulnerability is
Vulnerabilities
CVE-2025-13811 | jsnjfz WebStack-Guns 1.0 PageFactory.java sort sql injection
A vulnerability was found in jsnjfz WebStack-Guns 1.0 and classified as critical. This vulnerability affects unknown code of the file
CVE-2025-13795 | codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01 Edit Student Info Page /student-view.php First Name cross site scripting
A vulnerability has been found in codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01 and classified as problematic. Affected is an
CVE-2025-13796 | deco-cx apps up to 0.120.1 Parameter analyticsScript.ts AnalyticsScript url server-side request forgery (ID 1360)
A vulnerability was found in deco-cx apps up to 0.120.1 and classified as critical. Affected by this vulnerability is the
CVE-2025-13797 | ADSLR B-QE2W401 250814-r037c /send_order.cgi parameterdel_swifimac command injection
A vulnerability was found in ADSLR B-QE2W401 250814-r037c. It has been classified as critical. Affected by this issue is the
CVE-2025-13798 | ADSLR NBR1005GPEV2 250814-r037c /send_order.cgi ap_macfilter_add mac command injection
A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. It has been declared as critical. This affects the function ap_macfilter_add of
CVE-2025-13799 | ADSLR NBR1005GPEV2 250814-r037c /send_order.cgi ap_macfilter_del mac command injection
A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. It has been rated as critical. This vulnerability affects the function ap_macfilter_del
CVE-2025-13800 | ADSLR NBR1005GPEV2 250814-r037c /send_order.cgi set_mesh_disconnect mac command injection
A vulnerability categorized as critical has been discovered in ADSLR NBR1005GPEV2 250814-r037c. This issue affects the function set_mesh_disconnect of the
CVE-2025-13802 | jairiidriss RestaurantWebsite up to e7911f12d035e8e2f9a75e7a28b59e4ef5c1d654 Make a Reservation selected_date cross site scripting
A vulnerability identified as problematic has been detected in jairiidriss RestaurantWebsite up to e7911f12d035e8e2f9a75e7a28b59e4ef5c1d654. Impacted is an unknown function of
CVE-2025-13803 | MediaCrush 1.0.0/1.0.1 Header /mediacrush/paths.py Host http headers for scripting syntax
A vulnerability labeled as problematic has been found in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the
CVE-2025-13804 | nutzam NutzBoot up to 2.6.0-SNAPSHOT Ethereum Wallet EthModule.java information disclosure
A vulnerability marked as problematic has been reported in nutzam NutzBoot up to 2.6.0-SNAPSHOT. The impacted element is an unknown
CVE-2025-13805 | nutzam NutzBoot up to 2.6.0-SNAPSHOT LiteRpc-Serializer HttpServletRpcEndpoint.java getInputStream deserialization
A vulnerability described as problematic has been identified in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This affects the function getInputStream of
CVE-2025-13806 | nutzam NutzBoot up to 2.6.0-SNAPSHOT Transaction API EthModule.java from/to/wei improper authorization
A vulnerability classified as critical has been found in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of
CVE-2025-13807 | orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1 API MachineKeyController.java MachineKeyController improper authorization
A vulnerability classified as problematic was found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected is the function MachineKeyController of the
CVE-2025-13808 | orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1 User Profile UserController.java update ID improper authorization
A vulnerability, which was classified as critical, has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this vulnerability
CVE-2025-13809 | orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1 SSH Connection MachineInfoController.java host/sshPort/username/password/authType server-side request forgery
A vulnerability, which was classified as critical, was found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is
CVE-2025-13615 | phpface StreamTube Core Plugin up to 4.78 on WordPress Password Change authorization
A vulnerability identified as critical has been detected in phpface StreamTube Core Plugin up to 4.78 on WordPress. This affects
CVE-2025-66433 | wisc HTCondor up to 24.12.13/25.0.2/25.3.0 authorization (HTCONDOR-2025-0002)
A vulnerability labeled as problematic has been found in wisc HTCondor up to 24.12.13/25.0.2/25.3.0. This vulnerability affects unknown code. The
CVE-2025-66422 | Tryton trytond up to 6.0.69/7.0.39/7.4.20/7.6.10 transmission of private resources into a new sphere (‘resource leak’) (Issue 14354)
A vulnerability marked as problematic has been reported in Tryton trytond up to 6.0.69/7.0.39/7.4.20/7.6.10. This issue affects some unknown processing.
CVE-2025-66423 | Tryton trytond up to 6.0.69/7.0.39/7.4.20/7.6.10 HTML Editor authorization (Issue 14364)
A vulnerability described as critical has been identified in Tryton trytond up to 6.0.69/7.0.39/7.4.20/7.6.10. Impacted is an unknown function of
CVE-2025-66424 | Tryton trytond up to 6.0.69/7.0.39/7.4.20/7.6.10 Data Export authorization (Issue 14366)
A vulnerability classified as problematic has been found in Tryton trytond up to 6.0.69/7.0.39/7.4.20/7.6.10. The affected element is an unknown
CVE-2025-66432 | Oxide Omicron up to 17.0 API Token unprotected alternate channel
A vulnerability classified as problematic was found in Oxide Omicron up to 17.0. The impacted element is an unknown function
CVE-2025-66420 | Tryton sao up to 6.0.66/7.0.37/7.4.18/7.6.8 HTML Attachment HTML injection (Issue 14290)
A vulnerability, which was classified as problematic, has been found in Tryton sao up to 6.0.66/7.0.37/7.4.18/7.6.8. This affects an unknown
CVE-2025-66421 | Tryton sao up to 6.0.68/7.0.39/7.4.20/7.6.10 Completion cross site scripting (Issue 14363)
A vulnerability, which was classified as problematic, was found in Tryton sao up to 6.0.68/7.0.39/7.4.20/7.6.10. This impacts an unknown function
Fedora 42: migrate 4.19.0 Critical CVE Fix RHSA-2025-57302ba8ea
Update to 4.19.0 Address CVEs by rebuilding with Go 1.24.10LinuxSecurity – Security AdvisoriesRead More
Fedora 41: RNP Critical PKESK Decryption Issue CVE-2025-13402
Version 0.18.1 Security Fixed critical issue where PKESK (public-key encrypted) session keys were generated as all-zero, allowing trivial decryption of
openSUSE: PostgreSQL 17.7 Moderate Security Advisory 2025:15786-1
An update that solves 2 vulnerabilities can now be installed.LinuxSecurity – Security AdvisoriesRead More
openSUSE Tumbleweed: libcoap-devel Moderate Security Update 2025:15780-1
An update that solves 9 vulnerabilities can now be installed.LinuxSecurity – Security AdvisoriesRead More
openSUSE: postgresql15 Moderate Update for 2 Vulnerabilities 2025:15784-1
An update that solves 2 vulnerabilities can now be installed.LinuxSecurity – Security AdvisoriesRead More
Fedora 42: Update for linux-firmware Advisory FEDORA-2025-a45a370014
Update to 20251125: Revert “amdgpu: update GC 11.0.1 firmware” QCA: Add Bluetooth firmware for WCN685x uart interface qcom: Add ADSP
CVE-2025-13787 | ZenTao up to 21.7.6-8564 File module/file/control.php file::delete fileID privileges management
A vulnerability, which was classified as critical, was found in ZenTao up to 21.7.6-8564. The affected element is the function
CVE-2025-13788 | Chanjet CRM up to 20251106 upgradeattribute.php gblOrgID sql injection
A vulnerability has been found in Chanjet CRM up to 20251106 and classified as critical. The impacted element is an
CVE-2025-13789 | ZenTao up to 21.7.6-8564 module/ai/model.php makeRequest Base server-side request forgery
A vulnerability was found in ZenTao up to 21.7.6-8564 and classified as critical. This affects the function makeRequest of the
CVE-2025-13790 | Scada-LTS up to 2.7.8.1 cross-site request forgery
A vulnerability was found in Scada-LTS up to 2.7.8.1. It has been classified as problematic. This impacts an unknown function.
CVE-2025-13791 | Scada-LTS up to 2.7.8.1 Project Import ZIPProjectManager.java Common.getHomeDir path traversal
A vulnerability was found in Scada-LTS up to 2.7.8.1. It has been declared as critical. Affected is the function Common.getHomeDir
CVE-2025-13792 | Qualitor 8.20/8.24 getResumo.php eval passageiros code injection
A vulnerability was found in Qualitor 8.20/8.24. It has been rated as critical. Affected by this vulnerability is the function
CVE-2025-13793 | winston-dsouza Ecommerce-Website up to 87734c043269baac0b4cfe9664784462138b1b2e GET Parameter header_menu.php Error cross site scripting
A vulnerability categorized as problematic has been discovered in winston-dsouza Ecommerce-Website up to 87734c043269baac0b4cfe9664784462138b1b2e. Affected by this issue is some
Debian 11: Important Race Condition in qtbase-opensource-src DLA-4387-1
A race condition was discovered in Qt, a cross-platform C++ application framework. Code to make security-relevant decisions about an established
CVE-2025-13782 | taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665 SlideController SlideController.class.php delete ids sql injection
A vulnerability marked as critical has been reported in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Affected by this issue is the
CVE-2025-13783 | taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665 CommentadminController CommentadminController.class.php check/uncheck/delete ids sql injection
A vulnerability described as critical has been identified in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. This affects the function check/uncheck/delete of
CVE-2025-13784 | yungifez Skuul School Management System up to 2.6.5 SVG File edit cross site scripting
A vulnerability classified as problematic has been found in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects
CVE-2025-13785 | yungifez Skuul School Management System up to 2.6.5 Image /user/profile information disclosure
A vulnerability classified as problematic was found in yungifez Skuul School Management System up to 2.6.5. This issue affects some
CVE-2025-13786 | taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665 /index.php fetch content code injection
A vulnerability, which was classified as critical, has been found in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Impacted is the function
CVE-2025-66034 | fontTools up to 4.60.1 fontTools.varLib.main xml injection (GHSA-768j-98cg-p3fv)
A vulnerability classified as critical has been found in fontTools up to 4.60.1. This affects the function fontTools.varLib.main. Performing manipulation
CVE-2025-66217 | jvde-github AIS-catcher up to 0.63 MQTT Parser Topic Length heap-based overflow (GHSA-93mj-c8q3-69rg)
A vulnerability classified as critical was found in jvde-github AIS-catcher up to 0.63. This impacts an unknown function of the
CVE-2025-66225 | OrangeHRM up to 5.7 Username password recovery (GHSA-5ghw-9775-v263 / EUVD-2025-199906)
A vulnerability, which was classified as critical, has been found in OrangeHRM up to 5.7. Affected is an unknown function.
CVE-2025-66289 | OrangeHRM up to 5.7 session expiration (GHSA-99qp-xh4q-pr9x / EUVD-2025-199905)
A vulnerability, which was classified as critical, was found in OrangeHRM up to 5.7. Affected by this vulnerability is an
CVE-2025-66027 | lukevella rallly up to 4.5.5 /api/trpc/polls.get information disclosure (GHSA-65wg-8xgw-f3fg)
A vulnerability has been found in lukevella rallly up to 4.5.5 and classified as problematic. Affected by this issue is
CVE-2025-13683 | Devolutions Server/Remote Desktop Manager up to 2025.3.8.0 on Windows information disclosure (DEVO-2025-0017)
A vulnerability was found in Devolutions Server and Remote Desktop Manager up to 2025.3.8.0 on Windows and classified as problematic.
CVE-2025-64715 | Cilium up to 1.16.16/1.17.9/1.18.3 CiliumNetworkPolicys toCIDRset access control (GHSA-38pp-6gcp-rqvm)
A vulnerability was found in Cilium up to 1.16.16/1.17.9/1.18.3. It has been classified as problematic. This vulnerability affects unknown code
CVE-2025-66224 | OrangeHRM up to 5.7 Mail Configuration code injection (GHSA-2w7w-h5wv-xr55 / EUVD-2025-199907)
A vulnerability was found in OrangeHRM up to 5.7. It has been declared as critical. This issue affects some unknown
CVE-2025-66290 | OrangeHRM up to 5.7 Recruitment improper authorization (GHSA-qf8r-c54j-jw88 / EUVD-2025-199904)
A vulnerability was found in OrangeHRM up to 5.7. It has been rated as critical. Impacted is an unknown function
CVE-2025-66291 | OrangeHRM up to 5.7 Recruitment improper authorization (GHSA-v32g-r8xx-4g6g / EUVD-2025-199903)
A vulnerability categorized as critical has been discovered in OrangeHRM up to 5.7. The affected element is an unknown function
CVE-2025-53899 | Kiteworks MFT up to 9.0.x incorrectly specified destination in a communication channel (GHSA-5gx5-vcpp-8cr5)
A vulnerability identified as problematic has been detected in Kiteworks MFT up to 9.0.x. The impacted element is an unknown
CVE-2025-65113 | MacWarrior clipbucket-v5 up to 5.5.1 allocation of resources (GHSA-9f8v-vph8-pq6q)
A vulnerability labeled as critical has been found in MacWarrior clipbucket-v5 up to 5.5.1. This affects an unknown function. Such
CVE-2025-53900 | Kiteworks MFT up to 9.0.x privilege defined with unsafe actions (GHSA-gjq3-8v6p-2h6h / EUVD-2025-199895)
A vulnerability marked as problematic has been reported in Kiteworks MFT up to 9.0.x. This impacts an unknown function. Performing
CVE-2025-53939 | Kiteworks Core up to 9.0.x Shared Folder permission (GHSA-hpf5-6376-2565 / EUVD-2025-199894)
A vulnerability described as critical has been identified in Kiteworks Core up to 9.0.x. Affected is an unknown function of
CVE-2025-66221 | Pallets Werkzeug up to 3.1.3 on Windows windows device names (GHSA-hgf8-39gv-g3f2 / EUVD-2025-199893)
A vulnerability classified as problematic has been found in Pallets Werkzeug up to 3.1.3 on Windows. Affected by this vulnerability
CVE-2025-66223 | OpenObserve up to 0.15.x Organization Invitation Token session expiration (GHSA-c856-2xpx-gw75 / EUVD-2025-199890)
A vulnerability classified as problematic was found in OpenObserve up to 0.15.x. Affected by this issue is some unknown functionality
CVE-2025-53896 | Kiteworks MFT up to 9.0.x session expiration (GHSA-23h2-3jj8-58hm)
A vulnerability, which was classified as problematic, has been found in Kiteworks MFT up to 9.0.x. This affects an unknown
CVE-2025-53897 | kiteworks MFT up to 9.0.x cross-site request forgery (GHSA-cxwc-7899-3h4m)
A vulnerability, which was classified as problematic, was found in kiteworks MFT up to 9.0.x. This vulnerability affects unknown code.
CVE-2025-66216 | jvde-github AIS-catcher up to 0.63 AIS::Message buffer size (GHSA-v53x-f5hh-g2g6)
A vulnerability has been found in jvde-github AIS-catcher up to 0.63 and classified as critical. This issue affects the function
CVE-2025-66219 | shama willitmerge up to 0.2.1 User Control command injection (GHSA-j9wj-m24m-7jj6)
A vulnerability was found in shama willitmerge up to 0.2.1 and classified as critical. Impacted is an unknown function of
CVE-2025-65112 | ricardoboss PubNet up to 1.1.2 /api/storage/upload author-id authorization (GHSA-pg82-fqrg-q6j5)
A vulnerability was found in ricardoboss PubNet up to 1.1.2. It has been classified as critical. The affected element is
CVE-2025-66201 | danny-avila LibreChat up to 0.8.1-rc1 OpenAPI server-side request forgery (GHSA-7m2q-fjwr-5x8v)
A vulnerability was found in danny-avila LibreChat up to 0.8.1-rc1. It has been declared as critical. The impacted element is
CVE-2025-65892 | krpano up to 1.23.1 URL passQueryParameters xml cross site scripting (EUVD-2025-199902)
A vulnerability was found in krpano up to 1.23.1. It has been rated as problematic. This affects the function passQueryParameters
CVE-2025-65540 | xmall 1.1 cross site scripting (Issue 101 / EUVD-2025-199901)
A vulnerability categorized as problematic has been discovered in xmall 1.1. This impacts an unknown function. Such manipulation leads to
CVE-2025-66036 | Anjaliavv51 Retro up to 2.4.6 cross site scripting (GHSA-gvv6-p6h6-2vj2)
A vulnerability identified as problematic has been detected in Anjaliavv51 Retro up to 2.4.6. Affected is an unknown function. Performing
CVE-2025-6666 | motogadget mo.lock Ignition Lock up to 20251125 NFC hard-coded key
A vulnerability labeled as problematic has been found in motogadget mo.lock Ignition Lock up to 20251125. Affected by this vulnerability
Slackware 15.0: libxslt Critical Patch Type Confusion SSA:2025-332-01
New libxslt packages are available for Slackware 15.0 and -current to fix security issues.LinuxSecurity – Security AdvisoriesRead More
SUSE: Kernel Important TLS Data Capture Fix CVE-2025-38616 2025:4311-1
* bsc#1249537 Cross-References: * CVE-2025-38616LinuxSecurity – Security AdvisoriesRead More
SUSE: Moderate Curl Path Traversal Security Vulnerability CVE-2025-11563
* bsc#1253757 Cross-References: * CVE-2025-11563LinuxSecurity – Security AdvisoriesRead More
SUSE: Grub2 Moderate Fix SEV 2025:4305-1 CVE-2025-54770 CVE-2025-61661
* bsc#1245953 * bsc#1252930 * bsc#1252931 * bsc#1252932 * bsc#1252933LinuxSecurity – Security AdvisoriesRead More
openSUSE: glib2 Moderate Buffer Under-read CVE-2025-7039 Advisory
An update that solves one vulnerability can now be installed.LinuxSecurity – Security AdvisoriesRead More
SUSE: glib2 Moderate Buffer Under-Read Fix CVE-2025-7039 2025:4308-1
* bsc#1249055 Cross-References: * CVE-2025-7039LinuxSecurity – Security AdvisoriesRead More
SUSE: curl Moderate Path Traversal Fix Advisory for CVE-2025-11563
* bsc#1253757 Cross-References: * CVE-2025-11563LinuxSecurity – Security AdvisoriesRead More
Debian 11: Tryton Server Important Info Disclosure Fix DLA-4387-1
Several security vulnerabilities were discovered in the server of the Tryton application platform, which could lead to information disclosure. For
SUSE: libvirt Moderate Info Disclosure DoS Advisory 2025:21082-1
* bsc#1253278 * bsc#1253642 * bsc#1253703 * jsc#PED-9265LinuxSecurity – Security AdvisoriesRead More
SUSE Linux Micro 6.2 Kernel Important Fix 2025:21080-1 CVE-2025-21816
* bsc#1218644 * bsc#1238472 * bsc#1239206 * bsc#1241166 * bsc#1241637LinuxSecurity – Security AdvisoriesRead More
Debian 11: SOGo Important XSS Issue DLA-4386-1 CVE-2025-63498
The SOGo groupware server is vulnerable to Cross Site Scripting (XSS) via the “userName” parameter, allowing arbitrary JavaScript to be
SUSE Linux Micro: runc Important Container Breakout Fix 2025:21072-1
* bsc#1252110 * bsc#1252232 Cross-References: * CVE-2025-31133LinuxSecurity – Security AdvisoriesRead More
SUSE: Kernel Critical Security Update for Micro 6.2 2025:21074-1
* bsc#1215199 * bsc#1218644 * bsc#1230062 * bsc#1234634 * bsc#1234693LinuxSecurity – Security AdvisoriesRead More
SUSE: curl Important Path Traversal Issues CVE-2025-10148 2025:21077-1
* bsc#1249191 * bsc#1249348 * bsc#1249367 * bsc#1253757LinuxSecurity – Security AdvisoriesRead More
CVE-2025-12183 | lz4-java up to 1.8.0 out-of-bounds
A vulnerability described as critical has been identified in lz4-java up to 1.8.0. The impacted element is an unknown function.
openSUSE: Kernel Important Patch for DoS and Crash Issues 2025:4285-1
An update that solves three vulnerabilities can now be installed.LinuxSecurity – Security AdvisoriesRead More
SUSE: Kernel Important Live Patching Fix for Threats 2025:4285-1
* bsc#1250295 * bsc#1251228 * bsc#1251983 Cross-References:LinuxSecurity – Security AdvisoriesRead More
CVE-2025-12638 | Keras up to 3.11.3 keras.utils.get_file path traversal
A vulnerability was found in Keras up to 3.11.3 and classified as critical. Affected is the function keras.utils.get_file. The manipulation
CVE-2025-59790 | Apache Kvrocks up to 2.13.0 privileges management
A vulnerability was found in Apache Kvrocks up to 2.13.0. It has been classified as critical. Affected by this vulnerability
CVE-2025-59792 | Apache Kvrocks up to 2.13.0 MONITOR Command missing encryption
A vulnerability was found in Apache Kvrocks up to 2.13.0. It has been declared as problematic. Affected by this issue
CVE-2025-11156 | Netskope Client up to R131 on Windows null pointer dereference (kpsa-2025-005)
A vulnerability was found in Netskope Client up to R131 on Windows. It has been rated as problematic. This affects
CVE-2025-51735 | HCL Unica 12.0.0 csv injection
A vulnerability categorized as problematic has been discovered in HCL Unica 12.0.0. This vulnerability affects unknown code. Executing manipulation can
CVE-2025-51736 | HCL Unica 12.0.0 unrestricted upload
A vulnerability identified as critical has been detected in HCL Unica 12.0.0. This issue affects some unknown processing. The manipulation
CVE-2025-51733 | HCL Unica 12.0.0 cross-site request forgery
A vulnerability labeled as problematic has been found in HCL Unica 12.0.0. Impacted is an unknown function. The manipulation results
CVE-2025-51734 | HCL Unica 12.0.0 cross site scripting
A vulnerability marked as problematic has been reported in HCL Unica 12.0.0. The affected element is an unknown function. This
CVE-2025-12143 | ABB Terra AC wallbox up to 1.8.33 stack-based overflow (EUVD-2025-199870)
A vulnerability has been found in ABB Terra AC wallbox up to 1.8.33 and classified as critical. This impacts an
CVE-2025-66384 | MISP up to 2.5.23 EventsController.php tmp_name incorrect provision of specified functionality
A vulnerability labeled as problematic has been found in MISP up to 2.5.23. This affects the function tmp_name of the
CVE-2025-66386 | MISP up to 2.5.26 View Picture EventReport.php path traversal
A vulnerability marked as problematic has been reported in MISP up to 2.5.26. This vulnerability affects unknown code of the
CVE-2025-13768 | Uniong WebITR up to 2_1_0_33 authorization
A vulnerability described as critical has been identified in Uniong WebITR up to 2_1_0_33. This issue affects some unknown processing.
CVE-2025-66385 | Cerebrate up to 1.29 UsersController::edit organisation_id external control of assumed-immutable web parameter
A vulnerability classified as problematic has been found in Cerebrate up to 1.29. Impacted is the function UsersController::edit. This manipulation
CVE-2025-13769 | Uniong WebITR up to 2_1_0_33 sql injection
A vulnerability classified as critical was found in Uniong WebITR up to 2_1_0_33. The affected element is an unknown function.
CVE-2025-13770 | Uniong WebITR up to 2_1_0_33 sql injection
A vulnerability, which was classified as critical, has been found in Uniong WebITR up to 2_1_0_33. The impacted element is