Vulnerability Advisory: CVEs for Wisdom Master Pro, OpenHarmony, and others

From this webpage screenshot, the following key vulnerability information can be extracted: 2025 CVE-2025-3180: Wisdom Master Pro - Missing Authorization, CVSS v3.0 Base: 6.9, Published: 2025-04-17 CVE-2025-3320: Wisdom Master Pro - Unrestricted Upload of file with Dangerous Type, CVSS v3.0 Base: 5.3, Published: 2025-04-17 CVE-2025-3378: Wisdom Master Pro - Improper Control of Resource to Include/Request in Path, CVSS v3.0 Base: 5.9, Published: 2025-05-17 CVE-2025-3512: Sear Cloud HRD Human Resource Management System - Using Authentication 'C' Critical Token, CVSS v3.0 Base: 3.3, Published: 2025-06-03 2024 CVE-2024-5826: ProjectDiscovery/nuclei - Files or Directories Accessible to External Parties, CVSS v3.0 Base: 5.3, Published: 2024-10-03 CVE-2024-8131: HarmonyOS/OpenHarmony Paperless Meeting - Improper Neutralization of Special Elements Used in an OS Command, CVSS v3.0 Base: 5.5, Published: 2024-10-05 CVE-2024-8138: Almaviva SuperVision - Improper Restriction of Excessive Authentication Attempts, CVSS v3.0 Base: 5.3, Published: 2024-10-05 CVE-2024-7071: Muruha Easytest Online Learning Test Platform - SQL Injection, CVSS v3.0 Base: 5.7, Published: 2024-10-02 CVE-2024-7172: Muruha Easytest Online Learning Test Platform - SQL Injection, CVSS v3.0 Base: 5.7, Published: 2024-10-02 CVE-2024-7373: Muruha Easytest Online Learning Test Platform - SQL Injection, CVSS v3.0 Base: 5.7, Published: 2024-10-02 CVE-2024-4217: Muruha Easytest Online Learning Test Platform - SQL Injection, CVSS v3.0 Base: 5.7, Published: 2024-10-02 CVE-2024-4993: Muruha Easytest Online Learning Test Platform - SQL Injection, CVSS v3.0 Base: 5.1, Published: 2024-10-02 CVE-2024-5956: iona ICN Conversational Platform - Improper Validation of Cryptographic Signature, CVSS v3.0 Base: 5.5, Published: 2024-11-27 CVE-2024-5956: iona ICN Conversational Platform - Improper Control of Generation of Code ('Code Injection'), CVSS v3.0 Base: 5.5, Published: 2024-11-27 CVE-2024-12852: Huawei Smartedu's Conversational AI Platform - Improper Control of Generation of Code ('Code injection'), CVSS v3.0 Base: 7.8, Published: 2024-12-29 2023 CVE-2023-27111: CyberPower PowerPanel Business - Use of Default Password, CVSS v3.0 Base: 5.6, Published: 2023-12-31 CVE-2023-28112: CyberPower PowerPanel Business - Unrestricted Upload of File with Dangerous Type, CVSS v3.0 Base: 5.1, Published: 2023-12-31 CVE-2023-34212: CyberPower PowerPanel Business - Improper Input Validation, CVSS v3.0 Base: 5.1, Published: 2023-12-31 CVE-2023-3527: EasyUse WallPaper Ultimate - Unrestricted Upload of File with Dangerous Type, CVSS v3.0 Base: 5.9, Published: 2023-10-17 CVE-2023-34210: EasyUse WallPaper Ultimate - Path Traversal, CVSS v3.0 Base: 5.5, Published: 2023-10-17 CVE-2023-34210: EasyUse WallPaper Ultimate - Exposure of Sensitive System Information to an Unauthorized Control Sphere, CVSS v3.0 Base: 5.0, Published: 2023-10-17 CVE-2023-35736: EasyUse WallPaper Ultimate - SQL Injection, CVSS v3.0 Base: 7.1, Published: 2023-10-17 2022 CVE-2022-37786: SILKAP Multifunction Printer - Command Injection, CVSS v3.0 Base: 5.1, Published: 2022-10-10 2021 Multiple CVE entries, involving various vulnerabilities in different software and systems, such as command injection, path traversal, hardcoded passwords, etc., with CVSS scores ranging from 3.1 to 10.0, published primarily in 2021.

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability Advisory: CVEs for Wisdom Master Pro, OpenHarmony, and others