cbcvebase.

Vaelsys Vaelsysv4 vulnerabilities

3 known vulnerabilities affecting vaelsys/vaelsysv4.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1

Vulnerabilities

Page 1 of 1
CVE-2025-8259P2CRITICALCVSS 9.8v5.0v5.1+4 more2025-07-28
CVE-2025-8259 [CRITICAL] CWE-77 CVE-2025-8259: A vulnerability was identified in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. Affected by this issue is the A vulnerability was identified in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. Affected by this issue is the function execute_DataObjectProc of the file /grid/vgrid_server.php of the component Web interface. Such manipulation of the argument xajaxargs leads to os command injection. The attack can be executed remotely. The exploit is publicly available and mi
nvd
CVE-2025-8261P2CRITICALCVSS 9.8v4.1.02025-07-28
CVE-2025-8261 [CRITICAL] CWE-266 CVE-2025-8261: A weakness has been identified in Vaelsys VaelsysV4 4.1.0. This vulnerability affects unknown code o A weakness has been identified in Vaelsys VaelsysV4 4.1.0. This vulnerability affects unknown code of the file /grid/vgrid_server.php of the component User Creation Handler. Executing a manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been made available to the public and could be used for att
nvd
CVE-2025-8260P3HIGHCVSS 7.5v5.0v5.1+4 more2025-07-28
CVE-2025-8260 [HIGH] CWE-327 CVE-2025-8260: A security flaw has been discovered in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. This affects an unknown A security flaw has been discovered in Vaelsys VaelsysV4 up to 5.1.0/5.4.0. This affects an unknown part of the file /grid/vgrid_server.php of the component Web interface. Performing a manipulation of the argument xajaxargs results in use of weak hash. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is in
nvd
Vaelsys Vaelsysv4 vulnerabilities | cvebase