Vendor
Ready
Products
2
CVEs
2
Across products
2
Status
Private
Products
2- 1 CVE
- 1 CVE
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-1981 | Cri | 0.61 | — | 0.00 | Apr 16, 2025 | Improper neutralization of input provided by a low-privileged user into a file search functionality in Ready_'s Invoices module allows for SQL Injection attacks. | ||
| CVE-2025-1982 | Hig | 0.46 | — | 0.00 | Apr 16, 2025 | Local File Inclusion vulnerability in Ready's attachment upload panel allows low privileged user to provide link to a local file using the file:// protocol thus allowing the attacker to read content of the file. This vulnerability can be use to read content of system files. |
- risk 0.61cvss —epss 0.00
Improper neutralization of input provided by a low-privileged user into a file search functionality in Ready_'s Invoices module allows for SQL Injection attacks.
- risk 0.46cvss —epss 0.00
Local File Inclusion vulnerability in Ready's attachment upload panel allows low privileged user to provide link to a local file using the file:// protocol thus allowing the attacker to read content of the file. This vulnerability can be use to read content of system files.