CVE-2023-25260
Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion.
CVSS
7.5
Alto
EPSS
0.8%
p54
KEV
—
Exploit Today
16
0-100
Publicado: 28 mar 2023 · Última mod.: 9 jul 2026 · CWE-552
0.8%EPSS · 30 días1.0%
2026-06-302026-07-16
Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion.
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2023-389527.5 ALT82.5%
——25Insecure access control in ZKTeco BioTime through 9.0.1 allows authenticated attackers to escalate their privileges due to the fact that session ids are not validated for the type of user accessing the application by default. Privilege restrictions between non-admin and admin users are not enforced and any authenticated user can leverage admin functions without restriction by making direct requests to administrative endpoints.8dCVE-2023-438567.5 ALT51.8%
——16Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController.java.8dCVE-2022-365527.5 ALT44.6%
——13Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request.8dCVE-2022-241387.8 ALT43.5%
——13IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code execution as a high privilege user (Low Privilege -> high integrity ADMIN).8dCVE-2024-448075.3 MED37.9%
——11A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition before 2.25.1 allows remote attackers to obtain sensitive information by exposing a list of the uploaded files.12dCVE-2026-347857.5 ALT31.0%
——9Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static determines whether a request should be served as a static file using a simple string prefix check. When configured with URL prefixes such as "/css", it matches any request path that begins with that string, including unrelated paths such as "/css-config.env" or "/css-backup.sql". As a result, files under the static root whose names merely share the configured prefix may be served unintentionally, leading to information disclosure. This issue has been patched in versions 2.2.23, 3.1.21, and 3.2.6.2d