Filtered by vendor Newtype Infortech
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-10266 | 1 Newtype Infortech | 1 Nup Portal | 2025-09-15 | 9.8 Critical |
| NUP Pro developed by NewType Infortech has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. | ||||
| CVE-2025-10267 | 1 Newtype Infortech | 1 Nup Portal | 2025-09-15 | 5.3 Medium |
| NUP Portal developed by NewType Infortech has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly upload files. If the attacker manages to bypass the file extension restrictions, they could upload a webshell and execute it on the server side. | ||||
Page 1 of 1.