intruderlabs/cvex

Releases0

A curated repository dedicated to tracking and documenting Common Vulnerabilities and Exposures (CVEs) discovered during security research, penetration testing, and vulnerability assessments.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-27954 ↗	Jun 2, 2025Monday, 2 June 2025, 18:15	6.5 MEDIUM	—
An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the usertoken function of default.aspx.
CVE-2025-27955 ↗	Jun 2, 2025Monday, 2 June 2025, 18:15	6.5 MEDIUM	—
Clinical Collaboration Platform 12.2.1.5 has a weak logout system where the session token remains valid after logout and allows a remote attacker to obtain sensitive information and execute arbitrary code.
CVE-2025-27956 ↗	Jun 2, 2025Monday, 2 June 2025, 18:15	7.5 HIGH	—
Directory Traversal vulnerability in WebLaudos 24.2 (04) allows a remote attacker to obtain sensitive information via the id parameter.
CVE-2025-27953 ↗	Jun 2, 2025Monday, 2 June 2025, 18:15	6.5 MEDIUM	—
An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the session management component.