VYPR
Vendor

ElecV2

Products
1
CVEs
7
Across products
7
Status
Private

Products

1

Recent CVEs

7
  • CVE-2026-5012HigMar 28, 2026
    risk 0.48cvss 7.3epss 0.01

    A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of the file /rpc. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The project was informed…

  • CVE-2026-5016HigMar 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in elecV2 elecV2P up to 3.8.3. This affects the function eAxios of the file /mock of the component URL Handler. Such manipulation of the argument req leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is…

  • CVE-2026-5011MedMar 28, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. Performing a manipulation of the argument rawcode results in code injection. Remote exploitation of the attack is…

  • CVE-2026-3955MedMar 11, 2026
    risk 0.41cvss 6.3epss 0.00

    A security vulnerability has been detected in elecV2P up to 3.8.3. Affected by this issue is the function runJSFile of the file source-code/elecV2P-master/webser/wbjs.js of the component jsfile Endpoint. Such manipulation leads to code injection. The attack may be launched…

  • CVE-2026-5014MedMar 28, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in elecV2 elecV2P up to 3.8.3. The affected element is the function path.join of the file /log/ of the component Wildcard Handler. The manipulation results in path traversal. The attack may be performed from remote. The exploit has been made public and…

  • CVE-2026-5013MedMar 28, 2026
    risk 0.34cvss 5.3epss 0.01

    A vulnerability has been found in elecV2 elecV2P up to 3.8.3. Impacted is the function path.join of the file /store/:key. The manipulation of the argument URL leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed to the public…

  • CVE-2026-5015MedMar 28, 2026
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in elecV2 elecV2P up to 3.8.3. The impacted element is an unknown function of the file /logs of the component Endpoint. This manipulation of the argument filename causes cross site scripting. It is possible to initiate the attack remotely. The…