Fit2cloud Vulnerabilities
Comprehensive security vulnerability database for Fit2cloud products
3
1
2
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2025-15598 | 6.3 | This vulnerability allows an attacker to bypass the security checks on cryptographic signatures in the SQLBot application, potentially allowing unauthorized access to sensitive data. However, exploiting this flaw requires a high level of skill and is considered complex, making it difficult for most attackers to take advantage of it. | fit2cloudsqlbot | Exploit Available | about 1 month agoMar 3, 2026 |
| CVE-2025-15597 | 5.3 | This vulnerability allows an attacker to bypass access controls on the SQLBot API, potentially giving them unauthorized access to sensitive data or functions. The attack can be carried out remotely, so it's important to upgrade to version 1.5.0 to protect against this issue. | fit2cloudsqlbot | Exploit Available | about 1 month agoMar 2, 2026 |
| CVE-2025-70981 | 9.8 | This vulnerability allows an attacker to manipulate the employee list query in CordysCRM, potentially gaining unauthorized access to sensitive data stored in the database. It requires the attacker to send specially crafted input through the departmentIds parameter in the user list interface. | fit2cloudcordys crm | Theoretical | about 2 months agoFeb 12, 2026 |
About Fit2cloud Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Fit2cloud products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.