CVE-2025-8261

Medium CVSS: 6.9

A vulnerability was found in Vaelsys 4.1.0 and classified as critical. This issue affects some unknown processing of the file /grid/vgrid_server.php of the component User Creation Handler. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Vaelsys

Product

Vaelsys

CWE

CWE-266

Yayın Tarihi

2025-07-28 07:15:25

Güncelleme

2025-07-31 17:31:32

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-266 Vaelsys MEDIUM Vaelsys 2025

Referanslar

https://github.com/waiwai24/0101/blob/main/CVEs/Vaelsys/Unauthorized_User_Creation_Vulnerability_Exists_in_Vaelsys_V4_Platform.md https://vuldb.com/?ctiid.317849 https://vuldb.com/?id.317849 https://vuldb.com/?submit.616924

Benzer Kayıtlar

Medium

CVE-2026-2952

A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/tree_server.php of the…

Low

CVE-2025-8260

A vulnerability has been found in Vaelsys 4.1.0 and classified as problematic. This vulnerability affects unknown code o…

Medium

CVE-2025-8259

A vulnerability, which was classified as critical, was found in Vaelsys 4.1.0. This affects the function execute_DataObj…