CVE-2025-1144

CRITICAL Year: 2025
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-497
View all →

Vulnerability Description

School Affairs System from Quanxun has an Exposure of Sensitive Information, allowing unauthenticated attackers to view specific pages and obtain database information as well as plaintext administrator credentials.

Related Vulnerabilities

CVE-2020-25179

CRITICAL
CVSS:9.8(Critical)

GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.

CWE-4972020

CVE-2024-36554

CRITICAL
CVSS:9.8(Critical)

Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h and Forever KidsWatch Call Me KW-60 R36CW_YDE_S4_A29_2_V1.0_2023.05.24_22.49.44_cob_b allow a malicious user to gain in...

CWE-4972024

CVE-2022-1902

HIGH
CVSS:8.8(High)

A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were not properly sanitized in the GraphQL API. This flaw allows authenticated ACS users to retrieve Notifier...

CWE-4972022

CVE-2024-39675

HIGH
CVSS:8.8(High)

A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < V4.3.10), RUGGEDCOM RMC30NC (All versions < V4.3.10), RUGGEDCOM RP110 (All versions < V4.3.10), RUGGEDCOM RP110NC (All versions <...

CWE-4972024

CVE-2025-0061

HIGH
CVSS:8.7(High)

SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform session hijacking over the network without any user interaction, due to an information disclosure vulne...

CWE-4972025

CVE-2023-32550

HIGH
CVSS:8.2(High)

Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak further information from the Landscape API.

CWE-4972023