CVE-2025-1030
7.5 HIGHExposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc
Published: 2025-12-18 · Last updated: 2026-06-06
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-359
Affected products
| Vendor | Product |
|---|---|
| utarit | soliclub |
Description
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Utarit Informatics Services Inc. SoliClub allows Query System for Information. This issue affects SoliClub: from 5.2.4 before 5.3.7.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2025-7358 — Use of Hard-coded Credentials vulnerability in Utarit Informatics Services Inc (7.5 HIGH)
- CVE-2025-7047 — Missing Authorization vulnerability in Utarit Informatics Services Inc (4.3 MEDIUM)
- CVE-2025-1031 — Authorization Bypass Through User-Controlled Key vulnerability in Utarit Informatics Services Inc (7.5 HIGH)
- CVE-2025-1029 — Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc (7.5 HIGH)
- CVE-2024-3306 — Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Ac... (7.5 HIGH)
Same CWE
- CVE-2025-30459 — A privacy issue was addressed by removing the vulnerable code (5.5 MEDIUM)
- CVE-2026-26237 — A missing authorization vulnerability has been reported to affect QuMagie (7.5 HIGH)
- CVE-2026-25699 — Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer (6.1 MEDIUM)
- CVE-2020-25900 — HelloTalk through 3.4.1 stores full-precision GPS coordinates even when the user had intended to share only a country or city (5.3 MEDIUM)
- CVE-2026-8990 — A user with physical access to a smartphone can bypass authentication mechanism of Kidsview mobile application and grant himself full acc...