CVEs from 2025
Total
8,864
critical
critical 1,302
high
high 1,901
medium
medium 1,923
low
low 193
% Critical
14.7%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- microsoft 107
- redhat 106
- portabilis 94
- mayurik 79
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13577 | medium | 5.4 | 5.4 | 6mo ago | A flaw has been found in PHPGurukul Hostel Management System 2.1. The impacted element is an unknown function of the file /register-complaint.php. Executing a manipulation of the argument cdetails ca… | |||
| CVE-2025-13450 | medium | 5.4 | 5.4 | 6mo ago | A vulnerability was determined in SourceCodester Online Shop Project 1.0. Impacted is an unknown function of the file /shop/register.php. This manipulation of the argument f_name causes cross site sc… | |||
| CVE-2025-13349 | medium | 5.4 | 5.4 | 7mo ago | A vulnerability has been found in SourceCodester Student Grades Management System 1.0. This issue affects some unknown processing of the file /grades.php of the component Add New Grade Page. The mani… | |||
| CVE-2025-13343 | medium | 5.4 | 5.4 | 7mo ago | A security flaw has been discovered in SourceCodester Interview Management System 1.0. Affected is an unknown function of the file /editQuestion.php. The manipulation of the argument Question results… | |||
| CVE-2025-13245 | medium | 5.4 | 5.4 | 7mo ago | A vulnerability was identified in code-projects Student Information System 2.0. The impacted element is an unknown function of the file /editprofile.php. Such manipulation leads to cross site scripti… | |||
| CVE-2025-13202 | medium | 5.4 | 5.4 | 7mo ago | A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects an unknown part of the file /add_to_cart. Performing manipulation of the argument product_name resul… | |||
| CVE-2025-13186 | medium | 5.4 | 5.4 | 7mo ago | A weakness has been identified in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution up to 4.0. This impacts an unknown function of the file /dashboard/Ccustomer/manage_customer. T… | |||
| CVE-2025-13180 | medium | 5.4 | 5.4 | 7mo ago | A vulnerability was found in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System up to 20250320. Impacted is an unknown function of the file /edit_profile. Performing manipu… | |||
| CVE-2025-13178 | medium | 5.4 | 5.4 | 7mo ago | A flaw has been found in Bdtask/CodeCanyon SalesERP up to 20250728. This vulnerability affects unknown code of the file /edit_profile of the component User Profile Handler. This manipulation of the a… | |||
| CVE-2025-12546 | medium | 5.4 | 5.4 | 7mo ago | A vulnerability was determined in LogicalDOC Community Edition up to 9.2.1. This affects an unknown part of the component API Key creation UI. This manipulation causes cross site scripting. Remote ex… | |||
| CVE-2025-12281 | medium | 5.4 | 5.4 | 7mo ago | A vulnerability was determined in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/clientview.php. Executing manipulation can lead to cross site scripting. … | |||
| CVE-2025-12280 | medium | 5.4 | 5.4 | 7mo ago | A vulnerability was found in code-projects Client Details System 1.0. This issue affects some unknown processing of the file /update-clients.php. Performing manipulation results in cross site scripti… | |||
| CVE-2025-12269 | medium | 5.4 | 5.4 | 7mo ago | A vulnerability was found in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. The affected element is an unknown function of the file /dash/org/settings/previews of the component Account Se… | |||
| CVE-2025-12227 | medium | 5.4 | 5.4 | 7mo ago | A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site… | |||
| CVE-2025-62916 | medium | 5.4 | 5.4 | 7mo ago | Missing Authorization vulnerability in Travon WP Flights & Hotels Booking WP Plugin adiaha-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flights & H… | |||
| CVE-2025-49949 | medium | 5.4 | 5.4 | 7mo ago | Missing Authorization vulnerability in templazee Templazee templazee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templazee: from n/a through <= 1.0.2. | |||
| CVE-2025-49920 | medium | 5.4 | 5.4 | 7mo ago | Missing Authorization vulnerability in accessiBe Web Accessibility By accessiBe accessibe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Web Accessibility … | |||
| CVE-2025-49374 | medium | 5.4 | 5.4 | 7mo ago | Server-Side Request Forgery (SSRF) vulnerability in captcha.eu Captcha.eu captcha-eu allows Server Side Request Forgery.This issue affects Captcha.eu: from n/a through <= 1.0.61. | |||
| CVE-2025-11946 | medium | 5.4 | 5.4 | 7mo ago | A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing man… | |||
| CVE-2025-11421 | medium | 5.4 | 5.4 | 8mo ago | A flaw has been found in code-projects Voting System 1.0. The affected element is an unknown function of the file /admin/candidates_edit.php. This manipulation of the argument Firstname/Lastname/Plat… | |||
| CVE-2025-3718 | medium | 5.4 | 5.4 | 8mo ago | A client-side path traversal vulnerability was discovered in the web management interface front-end due to missing validation of an input parameter. An authenticated user with limited privileges can … | |||
| CVE-2025-11289 | medium | 5.4 | 5.4 | 8mo ago | A vulnerability was determined in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. The impacted element is the function Save of the file src/main/java/com/zhiliao/common/template/Te… | |||
| CVE-2025-11272 | medium | 5.4 | 5.4 | 8mo ago | A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Reques… | |||
| CVE-2025-11124 | medium | 5.4 | 5.4 | 8mo ago | A vulnerability has been found in code-projects Project Monitoring System 1.0. Affected is an unknown function of the file /onlineJobSearchEngine/postjob.php. Such manipulation of the argument txtapp… | |||
| CVE-2025-11027 | medium | 5.4 | 5.4 | 8mo ago | A vulnerability was identified in givanz Vvveb up to 1.0.7.2. Affected by this issue is some unknown functionality of the component SVG File Handler. Such manipulation leads to cross site scripting. … | |||
| CVE-2025-10837 | medium | 5.4 | 5.4 | 8mo ago | A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /ordersimple/order.php. The manipul… | |||
| CVE-2025-58224 | medium | 5.4 | 5.4 | 8mo ago | Cross-Site Request Forgery (CSRF) vulnerability in Printeers Printeers Print & Ship allows Cross Site Request Forgery. This issue affects Printeers Print & Ship: from n/a through 1.17.0. | |||
| CVE-2025-10632 | medium | 5.4 | 5.4 | 9mo ago | A security flaw has been discovered in itsourcecode Online Petshop Management System 1.0. The affected element is an unknown function of the file availableframe.php of the component Admin Dashboard. … | |||
| CVE-2025-10631 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was identified in itsourcecode Online Petshop Management System 1.0. Impacted is an unknown function of the file addcnp.php of the component Available Products Page. The manipulation … | |||
| CVE-2025-10591 | medium | 5.4 | 5.4 | 9mo ago | A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educar_funcao_cad.php of the component Editar Função Page. This manipulation o… | |||
| CVE-2025-10584 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was identified in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /intranet/educar_calendario_anotacao_cad.php. Such manipulation of the argument nm_anotac… | |||
| CVE-2025-10384 | medium | 5.4 | 5.4 | 9mo ago | A flaw has been found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/cancelAll of the component Role Handler. Executi… | |||
| CVE-2025-10372 | medium | 5.4 | 5.4 | 9mo ago | A weakness has been identified in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /intranet/educar_modulo_cad.php. This manipulation of the argument nm_tipo/descricao caus… | |||
| CVE-2025-10366 | medium | 5.4 | 5.4 | 9mo ago | A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email address causes cross… | |||
| CVE-2025-10332 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was found in cdevroe unmark up to 1.9.3. Impacted is an unknown function of the file application/views/marks/info.php. Performing manipulation of the argument Title results in cross s… | |||
| CVE-2025-10331 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability has been found in cdevroe unmark up to 1.9.3. This issue affects some unknown processing of the file /application/controllers/Marks.php. Such manipulation of the argument Title leads … | |||
| CVE-2025-10232 | medium | 5.4 | 5.4 | 9mo ago | A weakness has been identified in 299ko up to 2.0.0. Affected by this issue is the function getSentDir/delete of the file plugin/filemanager/controllers/FileManagerAPIController.php. Executing manipu… | |||
| CVE-2025-10209 | medium | 5.4 | 5.4 | 9mo ago | A security flaw has been discovered in Papermerge DMS up to 3.5.3. This issue affects some unknown processing of the component Authorization Token Handler. Performing manipulation results in improper… | |||
| CVE-2025-10117 | medium | 5.4 | 5.4 | 9mo ago | A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an unknown function of the file /fetch_tasks.php of the component Add New Task. Executing manipulation with … | |||
| CVE-2025-10088 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was detected in SourceCodester Time Tracker 1.0. The affected element is an unknown function of the file /index.html. Performing manipulation of the argument project-name results in c… | |||
| CVE-2025-10075 | medium | 5.4 | 5.4 | 9mo ago | A security flaw has been discovered in SourceCodester Online Polling System 1.0. The impacted element is an unknown function of the file /manage-profile.php. The manipulation of the argument firstnam… | |||
| CVE-2025-10074 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was identified in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /usuarios/tipos/. The manipulation of the argument Tipos de Usuário/Descrição… | |||
| CVE-2025-58785 | medium | 5.4 | 5.4 | 9mo ago | Missing Authorization vulnerability in Jiro Sasamoto Ray Enterprise Translation lingotek-translation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ray Ent… | |||
| CVE-2025-9940 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was detected in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /feature.php. Performing manipulation of the argument msg results in cross si… | |||
| CVE-2025-9939 | medium | 5.4 | 5.4 | 9mo ago | A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /propertyview.php. Such manipulation of the argument… | |||
| CVE-2025-9937 | medium | 5.4 | 5.4 | 9mo ago | A security flaw has been discovered in elunez eladmin 1.1. Impacted is the function deleteFile of the component LocalStorageController. The manipulation results in improper authorization. The attack … | |||
| CVE-2025-9921 | medium | 5.4 | 5.4 | 9mo ago | A weakness has been identified in code-projects POS Pharmacy System 1.0. Affected is an unknown function of the file /main/products.php. This manipulation of the argument product_code/gen_name/produc… | |||
| CVE-2025-9845 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability has been found in code-projects Fruit Shop Management System 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. Such manipulation of the argumen… | |||
| CVE-2025-9834 | medium | 5.4 | 5.4 | 9mo ago | A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /registration.php. Executing manipulation of the argument Username can lead to cros… | |||
| CVE-2025-9795 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability has been found in xujeff tianti 天梯 up to 2.3. The impacted element is the function ajaxUploadFile of the file src/main/java/com/jeff/tianti/controller/UploadController.java. The manip… | |||
| CVE-2025-9754 | medium | 5.4 | 5.4 | 9mo ago | A flaw has been found in Campcodes Online Hospital Management System 1.0. The impacted element is an unknown function of the file /edit-profile.php of the component Edit Profile Page. Executing manip… | |||
| CVE-2025-9738 | medium | 5.4 | 5.4 | 9mo ago | A flaw has been found in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_tipo_ensino_cad.php. Executing manipulation of the arg… | |||
| CVE-2025-9737 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was detected in O2OA up to 10.0-410. Affected is an unknown function of the file /x_query_assemble_designer/jaxrs/importmodel of the component Personal Profile Page. Performing manipu… | |||
| CVE-2025-9736 | medium | 5.4 | 5.4 | 9mo ago | A security vulnerability has been detected in O2OA up to 10.0-410. This impacts an unknown function of the file /x_query_assemble_designer/jaxrs/statement of the component Personal Profile Page. Such… | |||
| CVE-2025-9735 | medium | 5.4 | 5.4 | 9mo ago | A weakness has been identified in O2OA up to 10.0-410. This affects an unknown function of the file /x_query_assemble_designer/jaxrs/table of the component Personal Profile Page. This manipulation of… | |||
| CVE-2025-9734 | medium | 5.4 | 5.4 | 9mo ago | A security flaw has been discovered in O2OA up to 10.0-410. The impacted element is an unknown function of the file /x_query_assemble_designer/jaxrs/stat of the component Personal Profile Page. The m… | |||
| CVE-2025-9724 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was determined in Portabilis i-Educar up to 2.10. This impacts an unknown function of the file /intranet/educar_nivel_ensino_cad.php. Executing manipulation of the argument nm_nivel/d… | |||
| CVE-2025-9723 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was found in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educar_tipo_regime_cad.php. Performing manipulation of the argument nm_tipo results… | |||
| CVE-2025-9722 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability has been found in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file /intranet/educar_tipo_ocorrencia_disciplinar_cad.php. Such manipulation of th… | |||
| CVE-2025-9721 | medium | 5.4 | 5.4 | 9mo ago | A flaw has been found in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /module/FormulaMedia/edit. This manipulation of the argument nome/formulaMedia causes … | |||
| CVE-2025-9720 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was detected in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /module/TabelaArredondamento/edit of the component Cadastrar tabela de arredondamento Page.… | |||
| CVE-2025-9719 | medium | 5.4 | 5.4 | 9mo ago | A weakness has been identified in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /x_processplatform_assemble_designer/jaxrs/script of the component Personal Profile Page. Ex… | |||
| CVE-2025-9718 | medium | 5.4 | 5.4 | 9mo ago | A security flaw has been discovered in O2OA up to 10.0-410. This affects an unknown part of the file /x_processplatform_assemble_designer/jaxrs/process of the component Personal Profile Page. Perform… | |||
| CVE-2025-9717 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was identified in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /x_organization_assemble_control/jaxrs/unit/ of the component Personal Profile … | |||
| CVE-2025-9716 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was determined in O2OA up to 10.0-410. Affected by this vulnerability is an unknown functionality of the file /x_processplatform_assemble_designer/jaxrs/form of the component Personal… | |||
| CVE-2025-9715 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was found in O2OA up to 10.0-410. Affected is an unknown function of the file /x_cms_assemble_control/jaxrs/script of the component Personal Profile Page. The manipulation of the argu… | |||
| CVE-2025-9683 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was found in O2OA up to 10.0-410. Affected by this issue is some unknown functionality of the file /x_cms_assemble_control/jaxrs/form of the component Personal Profile Page. The manip… | |||
| CVE-2025-9682 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability has been found in O2OA up to 10.0-410. Affected by this vulnerability is an unknown functionality of the file /x_cms_assemble_control/jaxrs/design/appdict of the component Personal Pr… | |||
| CVE-2025-9681 | medium | 5.4 | 5.4 | 9mo ago | A flaw has been found in O2OA up to 10.0-410. Affected is an unknown function of the file /x_program_center/jaxrs/agent of the component Personal Profile Page. Executing manipulation can lead to cros… | |||
| CVE-2025-9680 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was detected in O2OA up to 10.0-410. This impacts an unknown function of the file /x_portal_assemble_designer/jaxrs/page of the component Personal Profile Page. Performing manipulatio… | |||
| CVE-2025-9659 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability has been found in O2OA up to 10.0-410. The affected element is an unknown function of the file /x_portal_assemble_designer/jaxrs/widget of the component Personal Profile Page. Such ma… | |||
| CVE-2025-9658 | medium | 5.4 | 5.4 | 9mo ago | A flaw has been found in O2OA up to 10.0-410. Impacted is an unknown function of the file /x_portal_assemble_designer/jaxrs/dict/ of the component Personal Profile Page. This manipulation of the argu… | |||
| CVE-2025-9657 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was detected in O2OA up to 10.0-410. This issue affects some unknown processing of the file /x_program_center/jaxrs/script of the component Personal Profile Page. The manipulation of … | |||
| CVE-2025-9653 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_projeto_cad.php of the component Cadastrar pr… | |||
| CVE-2025-9652 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was determined in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file /intranet/educar_transferencia_tipo_cad.php of the component Cadastrar tipo de transferên… | |||
| CVE-2025-9650 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This affects the function removeFileByPath of the file src/main/java/com/yeqifu/sys/utils/AppFileUti… | |||
| CVE-2025-9646 | medium | 5.4 | 5.4 | 9mo ago | A security flaw has been discovered in O2OA up to 10.0-410. This vulnerability affects unknown code of the file /x_organization_assemble_personal/jaxrs/definition/calendarConfig. The manipulation of … | |||
| CVE-2025-9429 | medium | 5.4 | 5.4 | 9mo ago | A security vulnerability has been detected in mtons mblog up to 3.5.0. This vulnerability affects unknown code of the file /post/submit of the component Post Handler. The manipulation of the argument… | |||
| CVE-2025-9422 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was found in oitcode samarium up to 0.9.6. This impacts an unknown function of the file /dashboard/team of the component Team Image Handler. The manipulation results in cross site scr… | |||
| CVE-2025-9407 | medium | 5.4 | 5.4 | 9mo ago | A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead t… | |||
| CVE-2025-9404 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was identified in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file /pointHierarchySLTS of the component Folder Handler. The manipulation of the argumen… | |||
| CVE-2025-9388 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function of the file watch_list.shtm. Executing manipulation of the argument Name can lead to cross site scripting. … | |||
| CVE-2025-9306 | medium | 5.4 | 5.4 | 9mo ago | A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argu… | |||
| CVE-2025-9264 | medium | 5.4 | 5.4 | 9mo ago | xxl-job Jobs Handler remove function allows improper control of resource identifiers via ID parameter | |||
| CVE-2025-9237 | medium | 5.4 | 5.4 | 10mo ago | A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/my_account.php?edit_account of the component Edit Your Account Page. Performing ma… | |||
| CVE-2025-9235 | medium | 5.4 | 5.4 | 10mo ago | A flaw has been found in Scada-LTS up to 2.7.8.1. The impacted element is an unknown function of the file compound_events.shtm. This manipulation of the argument Name causes cross site scripting. The… | |||
| CVE-2025-9234 | medium | 5.4 | 5.4 | 10mo ago | A vulnerability was detected in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file maintenance_events.shtm. The manipulation of the argument Alias results in cross site … | |||
| CVE-2025-9233 | medium | 5.4 | 5.4 | 10mo ago | A security vulnerability has been detected in Scada-LTS up to 2.7.8.1. Impacted is an unknown function of the file view_edit.shtm. The manipulation of the argument Name leads to cross site scripting.… | |||
| CVE-2025-9171 | medium | 5.4 | 5.4 | 10mo ago | A security flaw has been discovered in SolidInvoice up to 2.4.0. The impacted element is an unknown function of the file /clients of the component Clients Module. Performing manipulation of the argum… | |||
| CVE-2025-9170 | medium | 5.4 | 5.4 | 10mo ago | A vulnerability was identified in SolidInvoice up to 2.4.0. The affected element is an unknown function of the file /tax/rates of the component Tax Rates Module. Such manipulation of the argument Nam… | |||
| CVE-2025-9169 | medium | 5.4 | 5.4 | 10mo ago | A vulnerability was determined in SolidInvoice up to 2.4.0. Impacted is an unknown function of the file /quotes of the component Quote Module. This manipulation of the argument Name causes cross site… | |||
| CVE-2025-9168 | medium | 5.4 | 5.4 | 10mo ago | A vulnerability was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Clien… | |||
| CVE-2025-9167 | medium | 5.4 | 5.4 | 10mo ago | A vulnerability has been found in SolidInvoice up to 2.4.0. This vulnerability affects unknown code of the file /invoice/recurring of the component Recurring Invoice Module. The manipulation of the a… | |||
| CVE-2025-9145 | medium | 5.4 | 5.4 | 10mo ago | A security vulnerability has been detected in Scada-LTS 2.7.8.1. This issue affects some unknown processing of the file view_edit.shtm of the component SVG File Handler. Such manipulation of the argu… | |||
| CVE-2025-9144 | medium | 5.4 | 5.4 | 10mo ago | A weakness has been identified in Scada-LTS 2.7.8.1. This vulnerability affects unknown code of the file publisher_edit.shtm. This manipulation of the argument Name causes cross site scripting. The a… | |||
| CVE-2025-9143 | medium | 5.4 | 5.4 | 10mo ago | A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailing_lists.shtm. The manipulation of the argument name/userList/address results in cross site scr… | |||
| CVE-2025-9138 | medium | 5.4 | 5.4 | 10mo ago | A vulnerability was found in Scada-LTS 2.7.8.1. Affected is an unknown function of the file pointHierarchy/new/. Performing manipulation of the argument Title results in cross site scripting. The att… | |||
| CVE-2025-9106 | medium | 5.4 | 5.4 | 10mo ago | A vulnerability was found in Portabilis i-Diario up to 1.5.0. This affects an unknown function of the file /planos-de-ensino-por-disciplina/ of the component Informações Adicionais Page. Performing m… | |||
| CVE-2025-9105 | medium | 5.4 | 5.4 | 10mo ago | A vulnerability has been found in Portabilis i-Diario up to 1.5.0. The impacted element is an unknown function of the file /planos-de-ensino-por-areas-de-conhecimento/ of the component Informações Ad… | |||
| CVE-2025-9104 | medium | 5.4 | 5.4 | 10mo ago | A flaw has been found in Portabilis i-Diario up to 1.5.0. The affected element is an unknown function of the file /planos-de-aulas-por-disciplina/ of the component Informações Adicionais Page. This m… |