Shodan
Vulnerabilities
Vulnerable Software
Serosoft:  >> Academia Student Information System  Security Vulnerabilities
CVE-2025-27583
Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account.
CVSS Score
9.1
EPSS Score
0.0
Published
2025-03-03
CVE-2025-27584
A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name parameter at /rest/staffResource/update.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-03-03
CVE-2025-27585
A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Print Name parameter at /rest/staffResource/update.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-03-03
CVE-2025-25950
Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-03-03
CVE-2025-25951
An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to access sensitive user information.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-03-03
CVE-2025-25952
An Insecure Direct Object References (IDOR) in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to access sensitive user information via a crafted API request.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-03-03
CVE-2025-25953
Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 was discovered to contain an Azure JWT access token exposure. This vulnerability allows authenticated attackers to escalate privileges and access sensitive information.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-03-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved