CVE-2025-10371 | eCharge Hardy Barth Salia PLCC 2.2.0 /api.php setrfidlist unrestricted upload

Inserito da Angelo Barbosa | Set 12, 2025 | CVE

A vulnerability classified as critical was found in eCharge Hardy Barth Salia PLCC 2.2.0. This issue affects some unknown processing of the file /api.php. The manipulation of the argument setrfidlist results in unrestricted upload.

This vulnerability was named CVE-2025-10371. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-10371 | eCharge Hardy Barth Salia PLCC 2.2.0 /api.php setrfidlist unrestricted upload

Post correlati

CVE-2024-34792 | dexta Dextaz Ping Plugin up to 0.65 on WordPress command injection

CVE-2025-25760 | Sucms 1.0 GET Request admin_webgather.php server-side request forgery

CVE-2024-43255 | Stormhill Media MyBookTable Bookstore Plugin up to 3.3.9 on WordPress cross-site request forgery

CVE-2025-6135 | Projectworlds Life Insurance Management System 1.0 /insertNominee.php client_id/nominee_id sql injection