CVEs from 2025
Total
11,986
critical
critical 1,301
high
high 1,894
medium
medium 1,910
low
low 193
% Critical
10.9%
% with KEV
1.5%
% with exploit
1.5%
Top vendors
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- microsoft 107
- redhat 106
- portabilis 94
- mayurik 79
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- inventory_management_system 28
- gcp 24
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2025-6861 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add_plan.php. The manipulati… | |
| CVE-2025-6860 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/staff_commision.php. The man… | |
| CVE-2025-6859 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/pro_sale.php. The manipulation of the… | |
| CVE-2025-6855 | high | 8.8 | 8.8 | 11mo ago | Langchain-Chatchat vulnerable to path traversal | |
| CVE-2025-6850 | high | 8.8 | 8.8 | 11mo ago | A vulnerability has been found in code-projects Simple Forum 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /forum1.php. The manipulation of th… | |
| CVE-2025-6848 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in code-projects Simple Forum 1.0. This issue affects some unknown processing of the file /forum1.php. The manipulation of the argume… | |
| CVE-2025-6766 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. It has been declared as critical. This vulnerability affects the function getOfficeName of the file Of… | |
| CVE-2025-6765 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Requ… | |
| CVE-2025-52826 | high | 8.8 | 8.8 | 11mo ago | Deserialization of Untrusted Data vulnerability in uxper Sala allows Object Injection. This issue affects Sala: from n/a through 1.1.3. | |
| CVE-2025-6736 | high | 8.8 | 8.8 | 11mo ago | JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing certain components | |
| CVE-2025-6735 | high | 8.8 | 8.8 | 11mo ago | JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing Import Page component | |
| CVE-2025-6667 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of … | |
| CVE-2025-6609 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/bwdates-reports-detail… | |
| CVE-2025-6608 | high | 8.8 | 8.8 | 11mo ago | A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-servic… | |
| CVE-2025-6607 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/stock.php. The manipulation of the … | |
| CVE-2025-6606 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. This issue affects some unknown processing of the file /panel/add-services.php. T… | |
| CVE-2025-6605 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. This vulnerability affects unknown code of the file /panel/edit-staff.php. The manipulation of the… | |
| CVE-2025-6604 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add-staff.php. The manipulation of the argume… | |
| CVE-2025-6583 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /view-appointment.php. The manipulation of th… | |
| CVE-2025-6582 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /edit-customer-d… | |
| CVE-2025-6581 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-customer.php. The mani… | |
| CVE-2025-6570 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 4.0. Affected by this issue is some unknown functionality of the file /doctor/search.php. Th… | |
| CVE-2025-6535 | high | 8.8 | 8.8 | 11mo ago | A vulnerability has been found in xxyopen/201206030 novel-plus up to 5.1.3 and classified as critical. This vulnerability affects the function list of the file novel-admin/src/main/resources/mybatis/… | |
| CVE-2025-6529 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in 70mai M300 up to 20250611 and classified as critical. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation leads to use … | |
| CVE-2025-6422 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=s… | |
| CVE-2025-6417 | high | 8.8 | 8.8 | 11mo ago | A vulnerability has been found in PHPGurukul Art Gallery Management System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-artist.php… | |
| CVE-2025-6416 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1. Affected is an unknown function of the file /admin/changeimage4.php. The manipulation of … | |
| CVE-2025-6415 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.1. This issue affects some unknown processing of the file /admin/changeimage3.php. The … | |
| CVE-2025-6414 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical was found in PHPGurukul Art Gallery Management System 1.1. This vulnerability affects unknown code of the file /admin/changeimage2.php. The manipulation of the … | |
| CVE-2025-6413 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical has been found in PHPGurukul Art Gallery Management System 1.1. This affects an unknown part of the file /admin/changeimage1.php. The manipulation of the argume… | |
| CVE-2025-6412 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php. The … | |
| CVE-2025-6411 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/changepropic… | |
| CVE-2025-6410 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been classified as critical. Affected is an unknown function of the file /admin/edit-art-medium-detail.php. The manip… | |
| CVE-2025-6333 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, was found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the … | |
| CVE-2025-6332 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in PHPGurukul Directory Management System 2.0. Affected by this issue is some unknown functionality of the file /admin/manage-directo… | |
| CVE-2025-6331 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search-directory.php. The… | |
| CVE-2025-6321 | high | 8.8 | 8.8 | 11mo ago | A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-subadmin.ph… | |
| CVE-2025-6320 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, was found in PHPGurukul Pre-School Enrollment System 1.0. Affected is an unknown function of the file /admin/add-class.php. The manipulation of the … | |
| CVE-2025-6319 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in PHPGurukul Pre-School Enrollment System 1.0. This issue affects some unknown processing of the file /admin/add-teacher.php. The ma… | |
| CVE-2025-6309 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-ambulance.php. … | |
| CVE-2025-6308 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /admin/bwdates-request-report-details.php. The m… | |
| CVE-2025-6156 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-re… | |
| CVE-2025-6122 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, was found in code-projects Restaurant Order System 1.0. This affects an unknown part of the file /table.php. The manipulation of the argument ID lea… | |
| CVE-2025-6105 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in jflyfox jfinal_cms 5.0.1 and classified as problematic. This vulnerability affects unknown code of the file HOME.java. The manipulation of the argument Logout leads … | |
| CVE-2025-6096 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in codesiddhant Jasmin Ransomware up to 1.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard.php. The man… | |
| CVE-2025-6094 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, has been found in qianfox FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulat… | |
| CVE-2025-5971 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in code-projects School Fees Payment System 1.0. It has been classified as critical. This affects an unknown part of the file /ajx.php. The manipulation of the argument name… | |
| CVE-2025-5859 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /test-detai… | |
| CVE-2025-5858 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /patient-report.php. The manipulatio… | |
| CVE-2025-5857 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /urinalysis_record.php. The manipula… | |
| CVE-2025-5838 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. Affected by this vulnerability is an unknown functionality of the file /admin/adminprofile.php. T… | |
| CVE-2025-5837 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical has been found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file /admin/allemployees.php. The manipulation of the… | |
| CVE-2025-5784 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This vulnerability affects unknown code of the file /myexp.php. The manipulation of the … | |
| CVE-2025-5763 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in Tenda CP3 11.10.00.2311090948 and classified as critical. Affected by this vulnerability is the function sub_F3C8C of the file apollo. The manipulation leads to comm… | |
| CVE-2025-5761 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file /edit-family-member.php. Th… | |
| CVE-2025-39358 | high | 8.8 | 8.8 | 1y ago | Deserialization of Untrusted Data vulnerability in teastudio.pl WP Posts Carousel wp-posts-carousel allows Object Injection.This issue affects WP Posts Carousel: from n/a through <= 1.3.12. | |
| CVE-2025-5732 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part. The manipulation leads to cross-site request forge… | |
| CVE-2025-5728 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in SourceCodester Open Source Clinic Management System 1.0. This vulnerability affects unknown code of the file /manage_website.php. The manipulation … | |
| CVE-2025-47631 | high | 8.8 | 8.8 | 1y ago | Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows Privilege Escalation. This issue affects Hospital Management System: from 47.0(20 through 11. | |
| CVE-2025-39366 | high | 8.8 | 8.8 | 1y ago | Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0. | |
| CVE-2025-47576 | high | 8.8 | 8.8 | 1y ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Bringthepixel Bimber - Viral Magazine WordPress Theme.This issue affects Bimbe… | |
| CVE-2025-48138 | high | 8.8 | 8.8 | 1y ago | Missing Authorization vulnerability in Bertha AI – Andrew Palmer BERTHA AI bertha-ai-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BERTHA AI: from n/… | |
| CVE-2025-47649 | high | 8.8 | 8.8 | 1y ago | Path Traversal: '.../...//' vulnerability in StackWC Open Close WooCommerce Store woc-open-close allows PHP Local File Inclusion.This issue affects Open Close WooCommerce Store: from n/a through <= 4… | |
| CVE-2025-26902 | high | 8.8 | 8.8 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in Brizy Brizy Pro allows Cross Site Request Forgery.This issue affects Brizy Pro: from n/a through 2.6.1. | |
| CVE-2025-26901 | high | 8.8 | 8.8 | 1y ago | Missing Authorization vulnerability in Brizy Brizy Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy Pro: from n/a through 2.6.1. | |
| CVE-2025-3409 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stb_include_string. The manipulation of the argument path_to_includes leads to stack-bas… | |
| CVE-2025-3408 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by this issue is the function stb_dupreplace. The manipulation leads to integer overflow. The attack m… | |
| CVE-2025-3407 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in Nothings stb up to f056911. It has been declared as critical. Affected by this vulnerability is the function stbhw_build_tileset_from_image. The manipulation of the argum… | |
| CVE-2025-3323 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in godcheese/code-projects Nimrod 0.8. Affected by this vulnerability is the function searchAllByName of the file ViewMenuCategoryRestController.java.… | |
| CVE-2025-32220 | high | 8.8 | 8.8 | 1y ago | Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salon bookin… | |
| CVE-2025-28864 | high | 8.8 | 8.8 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in planetstudio Builder for Contact Form 7 by Webconstruct cf7-builder allows Cross Site Request Forgery.This issue affects Builder for Contact Form 7 … | |
| CVE-2025-23528 | high | 8.8 | 8.8 | 1y ago | Incorrect Privilege Assignment vulnerability in Mosterd3d DD Roles dd-roles allows Privilege Escalation.This issue affects DD Roles: from n/a through <= 4.1. | |
| CVE-2025-30028 | high | 8.6 | 8.6 | 1d ago | A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files. | |
| CVE-2025-10470 | high | 8.6 | 8.6 | 17d ago | The Magic Link authentication flow accepts multiple invalid authentication requests without adequate rate limiting or resource control, leading to uncontrolled memory usage growth. This vulnerabilit… | |
| CVE-2025-15620 | high | 8.6 | 8.6 | 2mo ago | HiOS Switch Platform versions 09.1.00 through 09.4.04 and 10.0.00 through 10.3.00 contain a denial-of-service vulnerability in the web interface that allows remote attackers to reboot the affected de… | |
| CVE-2025-69347 | high | 8.6 | 8.6 | 2mo ago | Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP… | |
| CVE-2025-69063 | high | 8.6 | 8.6 | 3mo ago | Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n… | |
| CVE-2025-69097 | high | 8.6 | 8.6 | 4mo ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through <= 1.9.9… | |
| CVE-2025-61813 | high | 8.6 | 8.6 | 6mo ago | ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. … | |
| CVE-2025-49916 | high | 8.6 | 8.6 | 7mo ago | Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a … | |
| CVE-2025-11343 | high | 8.6 | 8.6 | 8mo ago | A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected is an unknown function of the file delete.php. The manipulation of the argument ID leads to sql inject… | |
| CVE-2025-49448 | high | 8.6 | 8.6 | 11mo ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Fastw3b LLC FW Food Menu allows Path Traversal. This issue affects FW Food Menu : from n/a through 6.0… | |
| CVE-2025-1026 | high | 8.6 | 8.6 | 1y ago | Browsershot Local File Inclusion | |
| CVE-2025-69180 | high | 8.5 | 8.5 | 4mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in themepassion Ultra Portfolio ultra-portfolio allows Blind SQL Injection.This issue affects Ultra … | |
| CVE-2025-49050 | high | 8.5 | 8.5 | 4mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affect… | |
| CVE-2025-49049 | high | 8.5 | 8.5 | 4mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ZoomIt DZS Video Gallery dzs-videogallery allows SQL Injection.This issue affects DZS Video Galle… | |
| CVE-2025-31044 | high | 8.5 | 8.5 | 5mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team Premium SEO Pack allows SQL Injection.This issue affects Premium SEO Pack: from n/a throu… | |
| CVE-2025-30628 | high | 8.5 | 8.5 | 5mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) allows SQL I… | |
| CVE-2025-28949 | high | 8.5 | 8.5 | 5mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codedraft Mediabay - WordPress Media Library Folders allows Blind SQL Injection.This issue affect… | |
| CVE-2025-49378 | high | 8.5 | 8.5 | 7mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from … | |
| CVE-2025-48091 | high | 8.5 | 8.5 | 7mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alexander AnyComment anycomment allows SQL Injection.This issue affects AnyComment: from n/a thro… | |
| CVE-2025-49406 | high | 8.5 | 8.5 | 9mo ago | Missing Authorization vulnerability in favethemes Houzez allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Houzez: from n/a through 4.1.1. | |
| CVE-2025-32574 | high | 8.5 | 8.5 | 11mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPGYM allows SQL Injection. This issue affects WPGYM: from n/a through 65.0. | |
| CVE-2025-30562 | high | 8.5 | 8.5 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdistillery Navigation Tree Elementor navigation-tree-elementor allows Blind SQL Injection.This … | |
| CVE-2025-47651 | high | 8.5 | 8.5 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infility Infility Global infility-global allows SQL Injection.This issue affects Infility Global:… | |
| CVE-2025-47575 | high | 8.5 | 8.5 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla School Management allows SQL Injection. This issue affects School Management: from n/a t… | |
| CVE-2025-32573 | high | 8.5 | 8.5 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kiotviet KiotViet Sync allows SQL Injection. This issue affects KiotViet Sync: from n/a through 1… | |
| CVE-2025-26976 | high | 8.5 | 8.5 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aldo Latino PrivateContent private-content.This issue affects PrivateContent: from n/a through <=… | |
| CVE-2025-11130 | high | 8.4 | 8.4 | 8mo ago | A weakness has been identified in iHongRen pptp-vpn 1.0/1.0.1 on macOS. This issue affects the function shouldAcceptNewConnection of the file HelpTool/HelperTool.m of the component XPC Service. This … | |
| CVE-2025-10906 | high | 8.4 | 8.4 | 8mo ago | A flaw has been found in Magnetism Studios Endurance up to 3.3.0 on macOS. This affects the function loadModuleNamed:WithReply of the file /Applications/Endurance.app/Contents/Library/LaunchServices/… |