CVEs from 2025
Total
9,073
critical
critical 1,302
high
high 1,901
medium
medium 1,923
low
low 193
% Critical
14.4%
% with KEV
2.0%
% with exploit
2.7%
Top vendors
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- microsoft 107
- redhat 106
- portabilis 94
- mayurik 79
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-5758 | high | 7.3 | 7.3 | 1y ago | A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. This affects an unknown part of the file /doctor.php. The manipulation of the argumen… | |||
| CVE-2025-5755 | high | 7.3 | 7.3 | 1y ago | A vulnerability was found in SourceCodester Open Source Clinic Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /email_config.php. The manipulati… | |||
| CVE-2025-5716 | high | 7.3 | 7.3 | 1y ago | A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argum… | |||
| CVE-2025-5712 | high | 7.3 | 7.3 | 1y ago | A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /appointme… | |||
| CVE-2025-5711 | high | 7.3 | 7.3 | 1y ago | A vulnerability, which was classified as critical, was found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /Admin/InsertCity.php. The manipu… | |||
| CVE-2025-5710 | high | 7.3 | 7.3 | 1y ago | A vulnerability, which was classified as critical, has been found in code-projects Real Estate Property Management System 1.0. This issue affects some unknown processing of the file /Admin/InsertStat… | |||
| CVE-2025-5709 | high | 7.3 | 7.3 | 1y ago | A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. This vulnerability affects unknown code of the file /Admin/InsertCategory.php. The manipu… | |||
| CVE-2025-5708 | high | 7.3 | 7.3 | 1y ago | A vulnerability classified as critical has been found in code-projects Real Estate Property Management System 1.0. This affects an unknown part of the file /Admin/NewsReport.php. The manipulation of … | |||
| CVE-2025-5705 | high | 7.3 | 7.3 | 1y ago | A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Admin/Property.php. The manipul… | |||
| CVE-2025-5704 | high | 7.3 | 7.3 | 1y ago | A vulnerability was found in code-projects Real Estate Property Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /Admin/User.php. The manipulat… | |||
| CVE-2025-3197 | high | 7.3 | 7.3 | 1y ago | expand-object Vulnerable to Prototype Pollution via the expand() Function | |||
| CVE-2025-11262 | high | 7.2 | 7.2 | 2d ago | The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 0.9.0 due to insufficient input sanitization an… | |||
| CVE-2025-53681 | high | 7.2 | 7.2 | 18d ago | An improper neutralization of special elements used in an SQL Command ("SQL Injection&") vulnerability [CWE-89] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5,… | |||
| CVE-2025-9973 | high | 7.2 | 7.2 | 20d ago | Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations.… | |||
| CVE-2025-67486 | high | 7.2 | 7.2 | 22d ago | Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Versions 22.0.2 and earlier contains an authenticated remote code execution vulnerabilit… | |||
| CVE-2025-31974 | high | 7.2 | 7.2 | 24d ago | HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modifications to critical system comp… | |||
| CVE-2025-36074 | high | 7.2 | 7.2 | 1mo ago | IBM Security Verify Directory (Container) 10.0.0 through 10.0.0.3 IBM Security Verify Directory could be vulnerable to malicious file upload by not validating file type. A privileged user could uploa… | |||
| CVE-2025-46607 | high | 7.2 | 7.2 | 1mo ago | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with r… | |||
| CVE-2025-46606 | high | 7.2 | 7.2 | 1mo ago | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper restriction of excessive authentication attempts vulnerability.… | |||
| CVE-2025-46605 | high | 7.2 | 7.2 | 1mo ago | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain a session fixation vulnerability. A high privileged attacker with remote ac… | |||
| CVE-2025-64998 | high | 7.2 | 7.2 | 2mo ago | Exposure of session signing secret in Checkmk <2.4.0p23, <2.3.0p45 and 2.2.0 allows an administrator of a remote site with config sync enabled to hijack sessions on the central site by forging sessio… | |||
| CVE-2025-68648 | high | 7.2 | 7.2 | 3mo ago | A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all vers… | |||
| CVE-2025-15589 | high | 7.2 | 7.2 | 3mo ago | A vulnerability was determined in MuYuCMS 2.7. Affected is the function delete_dir_file of the file application/admin/controller/Template.php of the component Template Management Page. This manipulat… | |||
| CVE-2025-64157 | high | 7.2 | 7.2 | 4mo ago | A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0 all versions allows an authe… | |||
| CVE-2025-15495 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was found in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/editsite.php. The manipulation of the argument image results in unrestricted upload. Th… | |||
| CVE-2025-15443 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of the file /adminapi/product/product_export. Such manipulation of the argument cate_id leads to sql in… | |||
| CVE-2025-15442 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/product_list. This manipulation of the argument cate_id causes sql injection.… | |||
| CVE-2025-15438 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::__destruct of the file core/admin/medias.php of the component Media Management Module. Executing a manip… | |||
| CVE-2025-15394 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument conf… | |||
| CVE-2025-15360 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product I… | |||
| CVE-2025-15262 | high | 7.2 | 7.2 | 5mo ago | A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the… | |||
| CVE-2025-15197 | high | 7.2 | 7.2 | 5mo ago | A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing ma… | |||
| CVE-2025-15169 | high | 7.2 | 7.2 | 5mo ago | A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unknown functionality of the file /admin/editsite.php. Executing a manipulation of the argument ID can … | |||
| CVE-2025-15148 | high | 7.2 | 7.2 | 5mo ago | A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetemp_action in the library /lib/admin/template_admin.php of the component Backend Template Management Page. Executing a mani… | |||
| CVE-2025-15143 | high | 7.2 | 7.2 | 5mo ago | A security flaw has been discovered in EyouCMS up to 1.7.6. The affected element is an unknown function of the file /application/admin/logic/FilemanagerLogic.php of the component Backend Template Man… | |||
| CVE-2025-15138 | high | 7.2 | 7.2 | 5mo ago | A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unknown functionality of the file tinyfilemanager.php. This manipulation of the argument fullpath causes… | |||
| CVE-2025-15110 | high | 7.2 | 7.2 | 5mo ago | A vulnerability has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. Affected is the function Upload of the file Admin/Home/Controller/ProductImageController.class.php of the … | |||
| CVE-2025-15003 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file admin_video.php. Performing a manipulation of the argument e_id results in sql injection. The a… | |||
| CVE-2025-14966 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was determined in FastAdmin up to 1.7.0.20250506. Affected is the function selectpage of the file application/common/controller/Backend.php of the component Backend Controller. Execut… | |||
| CVE-2025-14939 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was found in code-projects Online Appointment Booking System 1.0. Impacted is an unknown function of the file /admin/deletemanager.php. The manipulation of the argument managername re… | |||
| CVE-2025-14900 | high | 7.2 | 7.2 | 5mo ago | A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /admin/userdelete.php of the component Administrator Endpoint. S… | |||
| CVE-2025-14899 | high | 7.2 | 7.2 | 5mo ago | A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /admin/stateadd.php of the component Administrator Endpoint. This manipulat… | |||
| CVE-2025-14898 | high | 7.2 | 7.2 | 5mo ago | A security flaw has been discovered in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /admin/userbuilderdelete.php of the component Administrator Endpoint. … | |||
| CVE-2025-14897 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was identified in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /admin/useragentdelete.php of the component Administrator Endpoi… | |||
| CVE-2025-14837 | high | 7.2 | 7.2 | 5mo ago | A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function stripfxg of the file /admin/siteconfig.php of the component Backend Website Settings Module. Such manipulation of … | |||
| CVE-2025-14731 | high | 7.2 | 7.2 | 6mo ago | A weakness has been identified in CTCMS Content Management System up to 2.1.2. This affects an unknown function in the library /ctcms/apps/libraries/CT_Parser.php of the component Frontend/Template M… | |||
| CVE-2025-14730 | high | 7.2 | 7.2 | 6mo ago | A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/Ct_Config.php of the component Backend Syste… | |||
| CVE-2025-14729 | high | 7.2 | 7.2 | 6mo ago | A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/Ct_App.php of the component Backend App Configuration … | |||
| CVE-2025-14648 | high | 7.2 | 7.2 | 6mo ago | A security vulnerability has been detected in DedeBIZ up to 6.5.9. Affected by this vulnerability is an unknown functionality of the file /src/admin/catalog_add.php. Such manipulation leads to comman… | |||
| CVE-2025-14642 | high | 7.2 | 7.2 | 6mo ago | A vulnerability has been found in code-projects Computer Laboratory System 1.0. Impacted is an unknown function of the file technical_staff_pic.php. Such manipulation of the argument image leads to u… | |||
| CVE-2025-14641 | high | 7.2 | 7.2 | 6mo ago | A flaw has been found in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing of the file admin/admin_pic.php. This manipulation of the argument image causes unres… | |||
| CVE-2025-14582 | high | 7.2 | 7.2 | 6mo ago | A vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an unknown function of the file /admin/index.php?page=user-profile. Performing a manipulation of the argum… | |||
| CVE-2025-14530 | high | 7.2 | 7.2 | 6mo ago | A vulnerability has been found in SourceCodester Real Estate Property Listing App 1.0. The impacted element is an unknown function of the file /admin/property.php. Such manipulation of the argument i… | |||
| CVE-2025-14219 | high | 7.2 | 7.2 | 6mo ago | A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element is an unknown function of the file /admin/admin_running.php. Executing a manipulation of the … | |||
| CVE-2025-14092 | high | 7.2 | 7.2 | 6mo ago | A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub_416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host … | |||
| CVE-2025-14090 | high | 7.2 | 7.2 | 6mo ago | A security flaw has been discovered in AMTT Hotel Broadband Operation System 1.0. This affects an unknown part of the file /manager/card/cardmake_down.php. Performing manipulation of the argument ID … | |||
| CVE-2025-14012 | high | 7.2 | 7.2 | 6mo ago | A vulnerability was determined in JIZHICMS up to 2.5.5. The affected element is the function deleteAll/findAll/delete of the file /index.php/admins/Comment/deleteAll.html of the component Batch Delet… | |||
| CVE-2025-14011 | high | 7.2 | 7.2 | 6mo ago | A vulnerability was found in JIZHICMS up to 2.5.5. Impacted is the function commentlist of the file /index.php/admins/Comment/addcomment.html of the component Add Display Name Field. Performing a man… | |||
| CVE-2025-14008 | high | 7.2 | 7.2 | 6mo ago | A flaw has been found in dayrui XunRuiCMS up to 4.7.1. This vulnerability affects unknown code of the file admin79f2ec220c7e.php?c=api&m=test_site_domain of the component Project Domain Change Test. … | |||
| CVE-2025-13811 | high | 7.2 | 7.2 | 6mo ago | A vulnerability was determined in jsnjfz WebStack-Guns 1.0. This vulnerability affects unknown code of the file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java. Executin… | |||
| CVE-2025-13586 | high | 7.2 | 7.2 | 6mo ago | A flaw has been found in SourceCodester Online Student Clearance System 1.0. Impacted is an unknown function of the file /Admin/changepassword.php. This manipulation of the argument txtconfirm_passwo… | |||
| CVE-2025-13574 | high | 7.2 | 7.2 | 6mo ago | A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the function categoryadd of the file /administrator/addcategory.php. This manipulation of the argument ca… | |||
| CVE-2025-13545 | high | 7.2 | 7.2 | 6mo ago | A security vulnerability has been detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this vulnerability is an unknown functionality of the file /admin_… | |||
| CVE-2025-13423 | high | 7.2 | 7.2 | 6mo ago | A flaw has been found in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element is an unknown function of the file /admin/admin_product.php. Executing a manipulation of the argument … | |||
| CVE-2025-13185 | high | 7.2 | 7.2 | 7mo ago | A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profile_image/ban… | |||
| CVE-2025-12927 | high | 7.2 | 7.2 | 7mo ago | A security vulnerability has been detected in DedeBIZ up to 6.3.2. The impacted element is an unknown function of the file /admin/archives_add.php. Such manipulation of the argument flags[] leads to … | |||
| CVE-2025-12861 | high | 7.2 | 7.2 | 7mo ago | A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/spec_add.php. This manipulation of the argument flags[] causes sql… | |||
| CVE-2025-12860 | high | 7.2 | 7.2 | 7mo ago | A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelist_main.php. The manipulation of the argument orderby results in sql injection. The attack c… | |||
| CVE-2025-12859 | high | 7.2 | 7.2 | 7mo ago | A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file /admin/templets_one_edit.php. The manipulation of the argument ids leads to sql injection. Remote e… | |||
| CVE-2025-12610 | high | 7.2 | 7.2 | 7mo ago | A vulnerability was determined in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/view-progress-report.php. Executing a manipulation of the argument ID can lead t… | |||
| CVE-2025-12594 | high | 7.2 | 7.2 | 7mo ago | A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/add_account.php. The manipulation of the argument … | |||
| CVE-2025-12593 | high | 7.2 | 7.2 | 7mo ago | A vulnerability was identified in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/edit_room.php of the component Photo Handler… | |||
| CVE-2025-12331 | high | 7.2 | 7.2 | 7mo ago | A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attac… | |||
| CVE-2025-12287 | high | 7.2 | 7.2 | 7mo ago | A security vulnerability has been detected in Bdtask Wholesale Inventory Control and Inventory Management System up to 20251013. This impacts an unknown function of the file /Admin_dashboard/edit_pro… | |||
| CVE-2025-12201 | high | 7.2 | 7.2 | 7mo ago | A vulnerability was identified in ajayrandhawa User-Management-PHP-MYSQL up to fedcf58797bf2791591606f7b61fdad99ad8bff1. This affects an unknown part of the file /admin/edit-user.php of the component… | |||
| CVE-2025-49950 | high | 7.2 | 7.2 | 7mo ago | Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows Privilege Escalation.This issue affects Official Integration for Billingo: from n/a through <= 4.3.0. | |||
| CVE-2025-49926 | high | 7.2 | 7.2 | 7mo ago | Improper Control of Generation of Code ('Code Injection') vulnerability in Laborator Kalium kalium allows Code Injection.This issue affects Kalium: from n/a through <= 3.25. | |||
| CVE-2025-49924 | high | 7.2 | 7.2 | 7mo ago | Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through <= 2.2.4.2. | |||
| CVE-2025-11944 | high | 7.2 | 7.2 | 7mo ago | A vulnerability was determined in givanz Vvveb up to 1.0.7.3. This affects the function Import of the file admin/controller/tools/import.php of the component Raw SQL Handler. This manipulation causes… | |||
| CVE-2025-11939 | high | 7.2 | 7.2 | 7mo ago | A vulnerability was determined in ChurchCRM up to 5.18.0. This issue affects some unknown processing of the file src/ChurchCRM/Backup/RestoreJob.php of the component Backup Restore Handler. Executing… | |||
| CVE-2025-11904 | high | 7.2 | 7.2 | 8mo ago | A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.2. This affects the function hasUse of the file /cms/model/hasUse. The manipulation of the argument ID leads to sql injection. The att… | |||
| CVE-2025-11903 | high | 7.2 | 7.2 | 8mo ago | A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. Affected by this issue is the function update of the file /cms/article/update. Executing a manipulation of the argument cid can lead to sql … | |||
| CVE-2025-11902 | high | 7.2 | 7.2 | 8mo ago | A vulnerability was detected in yanyutao0402 ChanCMS up to 3.3.2. Affected by this vulnerability is the function findField of the file /cms/article/findField. Performing a manipulation of the argumen… | |||
| CVE-2025-11668 | high | 7.2 | 7.2 | 8mo ago | A vulnerability was determined in code-projects Automated Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/update_user.php. This manipulation of the argument… | |||
| CVE-2025-11470 | high | 7.2 | 7.2 | 8mo ago | A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System up to 1.0. The impacted element is an unknown function of the file /manage_website.php. The manipulation… | |||
| CVE-2025-11335 | high | 7.2 | 7.2 | 8mo ago | A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub_46409C of the file /msp_info.htm?flag=qos of the component jhttpd. This manipul… | |||
| CVE-2025-11331 | high | 7.2 | 7.2 | 8mo ago | A vulnerability was found in IdeaCMS up to 1.8. The impacted element is an unknown function of the file app/common/logic/admin/Config.php of the component Website Name Handler. Performing manipulatio… | |||
| CVE-2025-11136 | high | 7.2 | 7.2 | 8mo ago | A flaw has been found in YiFang CMS up to 2.0.2. The impacted element is the function webUploader of the file app/app/controller/File.php of the component Backend. Executing manipulation of the argum… | |||
| CVE-2025-11103 | high | 7.2 | 7.2 | 8mo ago | A security vulnerability has been detected in Projectworlds Online Tours and Travels 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/change-image.php. The manipulat… | |||
| CVE-2025-11071 | high | 7.2 | 7.2 | 8mo ago | A security vulnerability has been detected in SeaCMS 13.3.20250820. Impacted is an unknown function of the file /admin_cron.php of the component Cron Task Management Module. The manipulation of the a… | |||
| CVE-2025-10775 | high | 7.2 | 7.2 | 8mo ago | A security vulnerability has been detected in Wavlink WL-NU516U1 240425. This vulnerability affects the function sub_4012A0 of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr le… | |||
| CVE-2025-10765 | high | 7.2 | 7.2 | 8mo ago | A security flaw has been discovered in SeriaWei ZKEACMS up to 4.3. This vulnerability affects the function CheckPage/Suggestions in the library cms-v4.3\wwwroot\Plugins\ZKEACMS.SEOSuggestions\ZKEACMS… | |||
| CVE-2025-10397 | high | 7.2 | 7.2 | 9mo ago | A vulnerability was identified in Magicblack MacCMS 2025.1000.4050. This affects an unknown part of the component API Handler. The manipulation of the argument cjurl leads to server-side request forg… | |||
| CVE-2025-10394 | high | 7.2 | 7.2 | 9mo ago | A vulnerability has been found in fcba_zzm ics-park Smart Park Management System 2.0. Affected is an unknown function of the file ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/JobController.… | |||
| CVE-2025-10122 | high | 7.2 | 7.2 | 9mo ago | A vulnerability was found in Maccms10 2025.1000.4050. Affected is the function rep of the file application/admin/controller/Database.php. Performing manipulation of the argument where results in sql … | |||
| CVE-2025-10087 | high | 7.2 | 7.2 | 9mo ago | A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/profit_report.php. Such manipulation of the argum… | |||
| CVE-2025-10081 | high | 7.2 | 7.2 | 9mo ago | A flaw has been found in SourceCodester Pet Management System 1.0. This impacts an unknown function of the file /admin/profile.php. This manipulation of the argument website_image causes unrestricted… | |||
| CVE-2025-9920 | high | 7.2 | 7.2 | 9mo ago | A security flaw has been discovered in Campcodes Recruitment Management System 1.0. This impacts the function include of the file /admin/index.php. The manipulation of the argument page results in fi… | |||
| CVE-2025-9745 | high | 7.2 | 7.2 | 9mo ago | A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /version_upgrade.asp of the component jhttpd. The manipulation of th… | |||
| CVE-2025-9529 | high | 7.2 | 7.2 | 9mo ago | A weakness has been identified in Campcodes Payroll Management System 1.0. The affected element is the function include of the file /index.php. This manipulation of the argument page causes file incl… |