cbcvebase.

Deerwms Deer-Wms-2 vulnerabilities

8 known vulnerabilities affecting deerwms/deer-wms-2.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH7

Vulnerabilities

Page 1 of 1
CVE-2025-8125P2CRITICALCVSS 9.8≤ 3.3v3.0+3 more2025-07-25
CVE-2025-8125 [CRITICAL] CWE-74 CVE-2025-8125: A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been rated as critical. Affected b A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /system/role/authUser/allocatedList. The manipulation of the argument params[dataScope] leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and
nvd
CVE-2025-8162P3HIGHCVSS 8.8≤ 3.3v3.0+3 more2025-07-25
CVE-2025-8162 [HIGH] CWE-74 CVE-2025-8162: A vulnerability, which was classified as critical, has been found in deerwms deer-wms-2 up to 3.3. A A vulnerability, which was classified as critical, has been found in deerwms deer-wms-2 up to 3.3. Affected by this issue is some unknown functionality of the file /system/dept/list. The manipulation of the argument params[dataScope] leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2025-8163P3HIGHCVSS 8.8≤ 3.3v3.0+3 more2025-07-25
CVE-2025-8163 [HIGH] CWE-74 CVE-2025-8163: A vulnerability, which was classified as critical, was found in deerwms deer-wms-2 up to 3.3. This a A vulnerability, which was classified as critical, was found in deerwms deer-wms-2 up to 3.3. This affects an unknown part of the file /system/role/list. The manipulation of the argument params[dataScope] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2025-8126P3HIGHCVSS 8.8≤ 3.3v3.0+3 more2025-07-25
CVE-2025-8126 [HIGH] CWE-74 CVE-2025-8126: A vulnerability classified as critical has been found in deerwms deer-wms-2 up to 3.3. This affects A vulnerability classified as critical has been found in deerwms deer-wms-2 up to 3.3. This affects an unknown part of the file /system/user/export. The manipulation of the argument params[dataScope] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2025-8161P3HIGHCVSS 8.8≤ 3.3v3.0+3 more2025-07-25
CVE-2025-8161 [HIGH] CWE-74 CVE-2025-8161: A vulnerability classified as critical was found in deerwms deer-wms-2 up to 3.3. Affected by this v A vulnerability classified as critical was found in deerwms deer-wms-2 up to 3.3. Affected by this vulnerability is an unknown functionality of the file /system/role/export. The manipulation of the argument params[dataScope] leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2025-8124P3HIGHCVSS 8.8≤ 3.3v3.0+3 more2025-07-25
CVE-2025-8124 [HIGH] CWE-74 CVE-2025-8124: A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been declared as critical. Affecte A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/unallocatedList. The manipulation of the argument params[dataScope] leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the pub
nvd
CVE-2025-8127P3HIGHCVSS 8.8≤ 3.3v3.0+3 more2025-07-25
CVE-2025-8127 [HIGH] CWE-74 CVE-2025-8127: A vulnerability classified as critical was found in deerwms deer-wms-2 up to 3.3. This vulnerability A vulnerability classified as critical was found in deerwms deer-wms-2 up to 3.3. This vulnerability affects unknown code of the file /system/user/list. The manipulation of the argument params[dataScope] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2025-8123P3HIGHCVSS 8.8≤ 3.3v3.0+3 more2025-07-24
CVE-2025-8123 [HIGH] CWE-74 CVE-2025-8123: A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been classified as critical. Affec A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been classified as critical. Affected is an unknown function of the file /system/dept/edit. The manipulation of the argument ancestors leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
nvd
Deerwms Deer-Wms-2 vulnerabilities | cvebase