0xZeroSec

5 exploits Active since Sep 2025
CVE-2025-55888 NOMISEC HIGH WRITEUP
ARD GEC En Ligne - Ajax accountName Cross-Site Scripting
Cross-Site Scripting (XSS) vulnerability was discovered in the Ajax transaction manager endpoint of ARD. An attacker can intercept the Ajax response and inject malicious JavaScript into the accountName field. This input is not properly sanitized or encoded when rendered, allowing script execution in the context of users browsers. This flaw could lead to session hijacking, cookie theft, and other malicious actions.
4 stars
CVSS 7.3
CVE-2025-55885 NOMISEC MEDIUM WORKING POC
ARD GEC en Ligne < 2025-04-23 - SQL Injection via GET Parameters in index.php
SQL Injection vulnerability in Alpes Recherche et Developpement ARD GEC en Lign before v.2025-04-23 allows a remote attacker to escalate privileges via the GET parameters in index.php
3 stars
CVSS 6.3
CVE-2025-55886 NOMISEC MEDIUM WRITEUP
ARD Payment History API - Insecure Direct Object Reference
An Insecure Direct Object Reference (IDOR) vulnerability was discovered in ARD. The flaw exists in the `fe_uid` parameter of the payment history API endpoint. An authenticated attacker can manipulate this parameter to access the payment history of other users without authorization.
3 stars
CVSS 6.5
CVE-2025-55887 NOMISEC MEDIUM WORKING POC
ARD GEC En Ligne - transactionID Cross-Site Scripting
Cross-Site Scripting (XSS) vulnerability was discovered in the meal reservation service ARD. The vulnerability exists in the transactionID GET parameter on the transaction confirmation page. Due to improper input validation and output encoding, an attacker can inject malicious JavaScript code that is executed in the context of a user s browser. This can lead to session hijacking, theft of cookies, and other malicious actions performed on behalf of the victim.
3 stars
CVSS 6.1
CVE-2025-69727 NOMISEC MEDIUM WORKING POC
INDEX-EDUCATION PRONOTE <2025.2.8 - Info Disclosure
An Incorrect Access Control vulnerability exists in INDEX-EDUCATION PRONOTE prior to 2025.2.8. The affected components (index.js and composeUrlImgPhotoIndividu) allow the construction of direct URLs to user profile images based solely on predictable identifiers such as user IDs and names. Due to missing authorization checks and lack of rate-limiting when generating or accessing these URLs, an unauthenticated or unauthorized actor may retrieve profile pictures of users by crafting requests with guessed or known identifiers.
2 stars
CVSS 5.3