CVEs from 2025
Total
11,986
critical
critical 1,301
high
high 1,894
medium
medium 1,910
low
low 193
% Critical
10.9%
% with KEV
1.5%
% with exploit
1.5%
Top vendors
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- microsoft 107
- redhat 106
- portabilis 94
- mayurik 79
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- inventory_management_system 28
- gcp 24
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2025-10369 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was determined in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This affects an unknown part of the file /htdocs/cardRegisterNew.php. Executing manipulation can lead to cross site scripting.… | |
| CVE-2025-10368 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/manageFilesFolders.php. Performing manipulation results in… | |
| CVE-2025-10367 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulation leads to cross … | |
| CVE-2025-10330 | medium | 6.1 | 6.1 | 9mo ago | A flaw has been found in cdevroe unmark up to 1.9.3. This vulnerability affects unknown code of the file application/views/layouts/topbar/searchform.php. This manipulation of the argument q causes cr… | |
| CVE-2025-10274 | medium | 6.1 | 6.1 | 9mo ago | A security flaw has been discovered in erjinzhi 10OA 1.0. Affected by this issue is some unknown functionality of the file /trial/mvc/item. Performing manipulation of the argument Name results in cro… | |
| CVE-2025-10272 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was determined in erjinzhi 10OA 1.0. Affected is an unknown function of the file /trial/mvc/catalogue. This manipulation of the argument Name causes cross site scripting. The attack c… | |
| CVE-2025-10271 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was found in erjinzhi 10OA 1.0. This impacts an unknown function of the file /trial/mvc/finder. The manipulation of the argument Name results in cross site scripting. It is possible t… | |
| CVE-2025-10067 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was detected in itsourcecode POS Point of Sale System 1.0. The impacted element is an unknown function of the file /inventory/main/vendors/datatables/unit_testing/templates/empty_tabl… | |
| CVE-2025-10066 | medium | 6.1 | 6.1 | 9mo ago | A security vulnerability has been detected in itsourcecode POS Point of Sale System 1.0. The affected element is an unknown function of the file /inventory/main/vendors/datatables/unit_testing/templa… | |
| CVE-2025-10065 | medium | 6.1 | 6.1 | 9mo ago | A weakness has been identified in itsourcecode POS Point of Sale System 1.0. Impacted is an unknown function of the file /inventory/main/vendors/datatables/unit_testing/templates/dom_data_th.php. Thi… | |
| CVE-2025-10064 | medium | 6.1 | 6.1 | 9mo ago | A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This issue affects some unknown processing of the file /inventory/main/vendors/datatables/unit_testing/templates/dom_… | |
| CVE-2025-10063 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was identified in itsourcecode POS Point of Sale System 1.0. This vulnerability affects unknown code of the file /inventory/main/vendors/datatables/unit_testing/templates/deferred_tab… | |
| CVE-2025-10032 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was detected in Campcodes Grocery Sales and Inventory System 1.0. The affected element is an unknown function of the file /index.php. The manipulation of the argument page results in … | |
| CVE-2025-10029 | medium | 6.1 | 6.1 | 9mo ago | A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This vulnerability affects unknown code of the file /inventory/main/vendors/datatables/unit_testing/templates/complex… | |
| CVE-2025-10028 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was identified in itsourcecode POS Point of Sale System 1.0. This affects an unknown part of the file /inventory/main/vendors/datatables/unit_testing/templates/6776.php. Such manipula… | |
| CVE-2025-10027 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was determined in itsourcecode POS Point of Sale System 1.0. Affected by this issue is some unknown functionality of the file /inventory/main/vendors/datatables/unit_testing/templates… | |
| CVE-2025-10026 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was found in itsourcecode POS Point of Sale System 1.0. Affected by this vulnerability is an unknown functionality of the file /inventory/main/vendors/datatables/unit_testing/template… | |
| CVE-2025-9931 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was detected in Jinher OA 1.0. Affected is an unknown function of the file /jc6/platform/sys/login!changePassWord.action of the component POST Request Handler. The manipulation of the… | |
| CVE-2025-9923 | medium | 6.1 | 6.1 | 9mo ago | A flaw has been found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /index.php. Executing manipulation of the argument page can lead to cross site scripting. T… | |
| CVE-2025-9922 | medium | 6.1 | 6.1 | 9mo ago | A security vulnerability has been detected in Campcodes Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. Such manipulation of the arg… | |
| CVE-2025-9800 | medium | 6.1 | 6.1 | 9mo ago | A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. Affected by this issue is the function Import of the file apps/sim/app/api/files/upload/route.ts of t… | |
| CVE-2025-9773 | medium | 6.1 | 6.1 | 9mo ago | A flaw has been found in RemoteClinic up to 2.0. This vulnerability affects unknown code of the file /staff/edit.php. Executing manipulation of the argument Last Name can lead to cross site scripting… | |
| CVE-2025-9755 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability has been found in Khanakag-17 Library Management System up to 60ed174506094dcd166e34904a54288e5d10ff24. This affects an unknown function of the file /index.php. The manipulation of th… | |
| CVE-2025-9656 | medium | 6.1 | 6.1 | 9mo ago | A security vulnerability has been detected in PHPGurukul Directory Management System 2.0. This vulnerability affects unknown code of the file /admin/add-directory.php. The manipulation of the argumen… | |
| CVE-2025-9647 | medium | 6.1 | 6.1 | 9mo ago | A weakness has been identified in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /admin/role/list. This manipulation of the argument Name causes cross site scripting.… | |
| CVE-2025-9595 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was found in code-projects Student Information Management System 1.0. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname result… | |
| CVE-2025-9440 | medium | 6.1 | 6.1 | 9mo ago | A security vulnerability has been detected in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected by this issue is some unknown functionality of the file /admin/add_titl… | |
| CVE-2025-9439 | medium | 6.1 | 6.1 | 9mo ago | A weakness has been identified in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected by this vulnerability is an unknown functionality of the file /rse/admin/edit_facul… | |
| CVE-2025-9438 | medium | 6.1 | 6.1 | 9mo ago | A security flaw has been discovered in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected is an unknown function of the file /admin/add_student.php. The manipulation of… | |
| CVE-2025-9434 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was determined in 1000projects Online Project Report Submission and Evaluation System 1.0. This affects an unknown function of the file /admin/edit_title.php?id=1. Executing manipulat… | |
| CVE-2025-9433 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was found in mtons mblog up to 3.5.0. The impacted element is an unknown function of the file /admin/user/list of the component Admin Panel. Performing manipulation of the argument Na… | |
| CVE-2025-9432 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability has been found in mtons mblog up to 3.5.0. The affected element is an unknown function of the file /admin/post/list of the component Admin Panel. Such manipulation of the argument Tit… | |
| CVE-2025-9431 | medium | 6.1 | 6.1 | 9mo ago | A flaw has been found in mtons mblog up to 3.5.0. Impacted is an unknown function of the file /search. This manipulation of the argument kw causes cross site scripting. The attack can be initiated re… | |
| CVE-2025-28977 | medium | 6.1 | 6.1 | 9mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress WP Pipes allows Reflected XSS. This issue affects WP Pipes: from n/a through 1.4.3. | |
| CVE-2025-9147 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability has been found in jasonclark getsemantic up to 040c96eb8cf9947488bd01b8de99b607b0519f7d. The impacted element is an unknown function of the file /index.php. The manipulation of the ar… | |
| CVE-2025-9107 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was determined in Portabilis i-Diario up to 1.5.0. This impacts an unknown function of the file /alunos/search_autocomplete. Executing manipulation of the argument q can lead to cross… | |
| CVE-2025-9017 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability has been found in PHPGurukul Zoo Management System 2.1. This vulnerability affects unknown code of the file /admin/add-foreigner-ticket.php. The manipulation of the argument visitorna… | |
| CVE-2025-8934 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability has been found in 1000 Projects Sales Management System 1.0. Affected is an unknown function of the file /sales.php. The manipulation of the argument select2112 leads to cross site sc… | |
| CVE-2025-8933 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was identified in 1000 Projects Sales Management System 1.0. This issue affects some unknown processing of the file /superstore/admin/sales.php. The manipulation of the argument ssale… | |
| CVE-2025-8841 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was identified in zlt2000 microservices-platform up to 6.0.0. Affected by this vulnerability is the function Upload of the file zlt-business/file-center/src/main/java/com/central/file… | |
| CVE-2025-8813 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as problematic. This vulnerability affects the function changeLanguage of the file src/main/java/co/yiiu/pybbs/controller/fron… | |
| CVE-2025-8798 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was found in oitcode samarium up to 0.9.6. It has been classified as critical. Affected is an unknown function of the file /dashboard/product of the component Create Product Page. The… | |
| CVE-2025-8751 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was found in Protected Total WebShield Extension up to 3.2.0 on Chrome. It has been classified as problematic. This affects an unknown part of the component Block Page. The manipulati… | |
| CVE-2025-8370 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9. Affected is an unknown function of the file /intranet/educar_escolaridade_lst.php. The manipulation of the … | |
| CVE-2025-8369 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9. This issue affects some unknown processing of the file /intranet/educar_avaliacao_desempenho_lst.php. … | |
| CVE-2025-8368 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability classified as problematic was found in Portabilis i-Educar 2.9. This vulnerability affects unknown code of the file /intranet/pesquisa_pessoa_lst.php. The manipulation of the argument… | |
| CVE-2025-8367 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability classified as problematic has been found in Portabilis i-Educar 2.9. This affects an unknown part of the file /intranet/funcionario_vinculo_lst.php. The manipulation of the argument n… | |
| CVE-2025-8366 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was found in Portabilis i-Educar 2.9. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /intranet/educar_servidor_lst.php. The manipul… | |
| CVE-2025-8365 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file atendidos_cad.php. The manipulation … | |
| CVE-2025-8346 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /educar_aluno_lst.php. The manipulat… | |
| CVE-2025-8340 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file fill_details.php of the co… | |
| CVE-2025-8221 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability classified as problematic was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 up to 24a15c02b4f75042c9f7f615a3fed2ec1cefb999. Affected by this vulnerability is the function goodsSearch o… | |
| CVE-2025-8211 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was found in Roothub up to 2.6. It has been declared as problematic. Affected by this vulnerability is the function Edit of the file src/main/java/cn/roothub/web/admin/SystemConfigAdm… | |
| CVE-2025-8129 | medium | 6.1 | 6.1 | 10mo ago | Koa Open Redirect via Referrer Header (User-Controlled) | |
| CVE-2025-7953 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS up to 5.202506.a. This issue affects some unknown processing of the file publiccms-parent/publiccms/src/main/… | |
| CVE-2025-7949 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was found in Sanluan PublicCMS up to 5.202506.a. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file publiccms-parent/publiccms… | |
| CVE-2025-7946 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /search-visitor.php of the c… | |
| CVE-2025-7944 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was found in PHPGurukul Taxi Stand Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /search.php. The manipulation of the argument… | |
| CVE-2025-7943 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was found in PHPGurukul Taxi Stand Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/search-autoortaxi.php. … | |
| CVE-2025-7925 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability, which was classified as problematic, has been found in PHPGurukul Online Banquet Booking System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php… | |
| CVE-2025-7887 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability has been found in Zavy86 WikiDocs up to 1.0.78 and classified as problematic. This vulnerability affects unknown code of the file template.inc.php. The manipulation of the argument pa… | |
| CVE-2025-7885 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability, which was classified as problematic, has been found in Huashengdun WebSSH up to 1.6.2. Affected by this issue is some unknown functionality of the component Login Page. The manipulat… | |
| CVE-2025-7840 | medium | 6.1 | 6.1 | 10mo ago | A vulnerability was found in Campcodes Online Movie Theater Seat Reservation System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?page=reserve of the… | |
| CVE-2025-7182 | medium | 6.1 | 6.1 | 11mo ago | A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/mo… | |
| CVE-2025-6701 | medium | 6.1 | 6.1 | 11mo ago | XXL SSO is vulnerable to an Open Redirect through malicious manipulation of the redirect_url argument | |
| CVE-2025-6700 | medium | 6.1 | 6.1 | 11mo ago | Xuxueli XXL-SSO Cross-site Scripting vulnerability | |
| CVE-2025-6569 | medium | 6.1 | 6.1 | 11mo ago | A vulnerability classified as problematic was found in code-projects School Fees Payment System 1.0. Affected by this vulnerability is an unknown functionality of the file /student.php. The manipulat… | |
| CVE-2025-6473 | medium | 6.1 | 6.1 | 11mo ago | A vulnerability, which was classified as problematic, was found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /fees.php. The manipulation of the argument t… | |
| CVE-2025-6286 | medium | 6.1 | 6.1 | 11mo ago | A vulnerability classified as problematic has been found in PHPGurukul COVID19 Testing Management System 2021. Affected is an unknown function of the file /search-report-result.php. The manipulation … | |
| CVE-2025-6285 | medium | 6.1 | 6.1 | 11mo ago | A vulnerability was found in PHPGurukul COVID19 Testing Management System 2021. It has been rated as problematic. This issue affects some unknown processing of the file /search-report-result.php. The… | |
| CVE-2025-6089 | medium | 6.1 | 6.1 | 1y ago | A vulnerability has been found in Astun Technology iShare Maps 5.4.0 and classified as problematic. This vulnerability affects unknown code of the file atCheckJS.aspx. The manipulation of the argumen… | |
| CVE-2025-5975 | medium | 6.1 | 6.1 | 1y ago | A vulnerability, which was classified as problematic, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /rpms/download-pass.php. The manipulation of th… | |
| CVE-2025-31027 | medium | 6.1 | 6.1 | 1y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jocoxdesign Tiger tiger allows Reflected XSS.This issue affects Tiger: from n/a through 2.0. | |
| CVE-2025-39446 | medium | 6.1 | 6.1 | 1y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl LLC Booster Plus for WooCommerce allows Reflected XSS.This issue affects Booster Plus fo… | |
| CVE-2025-4123 | medium | 6.1 | 6.1 | 1y ago | Important: grafana security update | |
| CVE-2025-3191 | medium | 6.1 | 6.1 | 1y ago | React Draft Wysiwyg Cross-Site Scripting (XSS) via the Embedded Button | |
| CVE-2025-26917 | medium | 6.1 | 6.1 | 1y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WP Templata wptemplata allows Reflected XSS.This issue affects WP Templata: from n/a th… | |
| CVE-2025-1467 | medium | 6.1 | 6.1 | 1y ago | tarteaucitron Cross-site Scripting (XSS) | |
| CVE-2025-1223 | medium | 6.1 | 6.1 | 1y ago | An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac | |
| CVE-2025-1222 | medium | 6.1 | 6.1 | 1y ago | An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac | |
| CVE-2025-22763 | medium | 6.1 | 6.1 | 1y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Brizy Pro allows Reflected XSS. This issue affects Brizy Pro: from n/a through 2.6.1. | |
| CVE-2025-46310 | medium | 6.0 | 6.0 | 4mo ago | This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26. An attacker with root privileges may be able to delete pr… | |
| CVE-2025-10466 | medium | 5.9 | 5.9 | 1d ago | Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Safe Access in Synology Safe Access before 1.3.1-0329 allows remote authenticated users with admi… | |
| CVE-2025-62127 | medium | 5.9 | 5.9 | 21d ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WEN Themes WEN Logo Slider allows DOM-Based XSS. This issue affects WEN Logo Slider: from n/a th… | |
| CVE-2025-70071 | medium | 5.9 | 5.9 | 24d ago | An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray() | |
| CVE-2025-15598 | medium | 5.9 | 5.9 | 3mo ago | A vulnerability was found in Dataease SQLBot up to 1.5.1. This impacts the function validateEmbedded of the file backend/apps/system/middleware/auth.py of the component JWT Token Handler. Performing … | |
| CVE-2025-49336 | medium | 5.9 | 5.9 | 4mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pondol Pondol BBS pondol-bbs allows Stored XSS.This issue affects Pondol BBS: from n/a through <=… | |
| CVE-2025-69362 | medium | 5.9 | 5.9 | 5mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH UiChemy uichemy allows Stored XSS.This issue affects UiChemy: from n/a through <= 4.4.2. | |
| CVE-2025-15153 | medium | 5.9 | 5.9 | 5mo ago | A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing a manipulation can lead to files or … | |
| CVE-2025-15105 | medium | 5.9 | 5.9 | 5mo ago | A security flaw has been discovered in getmaxun maxun up to 0.0.28. Impacted is an unknown function of the file /getmaxun/maxun/blob/develop/server/src/routes/auth.ts. Performing manipulation of the … | |
| CVE-2025-67632 | medium | 5.9 | 5.9 | 5mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Plugin Factory Google AdSense for Responsive Design – GARD google-adsense-for-responsive-desi… | |
| CVE-2025-14954 | medium | 5.9 | 5.9 | 5mo ago | A vulnerability has been found in Open5GS up to 2.7.6. Affected is the function ogs_pfcp_pdr_find_or_add/ogs_pfcp_far_find_or_add/ogs_pfcp_urr_find_or_add/ogs_pfcp_qer_find_or_add in the library lib/… | |
| CVE-2025-49918 | medium | 5.9 | 5.9 | 5mo ago | Insertion of Sensitive Information Into Sent Data vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS vikbooking allows Retrieve Embedded Sensitive Data.This issue affects VikBooking Hote… | |
| CVE-2025-67555 | medium | 5.9 | 5.9 | 6mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in useStrict UseStrict's Calendly Embedder cal-embedder-lite allows Stored XSS.This issue affects Us… | |
| CVE-2025-63033 | medium | 5.9 | 5.9 | 6mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Riyadh Ahmed Make Section & Column Clickable For Elementor make-section-column-clickable-elemento… | |
| CVE-2025-12616 | medium | 5.9 | 5.9 | 7mo ago | A vulnerability was detected in PHPGurukul News Portal 1.0. The impacted element is an unknown function of the file /onps/settings.py. Performing a manipulation results in insertion of sensitive info… | |
| CVE-2025-53057 | medium | 5.9 | 5.9 | 7mo ago | Moderate: java-21-openjdk security update | |
| CVE-2025-59593 | medium | 5.9 | 5.9 | 7mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Extend Themes Colibri Page Builder colibri-page-builder allows Stored XSS.This issue affects Coli… | |
| CVE-2025-49923 | medium | 5.9 | 5.9 | 7mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows DOM-Based XSS.This is… | |
| CVE-2025-54265 | medium | 5.9 | 5.9 | 8mo ago | Magento allows incorrect authorization |