CVEs from 2025
Total
8,845
critical
critical 1,327
high
high 1,995
medium
medium 1,981
low
low 202
% Critical
15.0%
% with KEV
2.1%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 108
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-6911 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown code of the file /manage-subjects.php. The manipulation of the … | |||
| CVE-2025-6910 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in PHPGurukul Student Record System 3.2. It has been classified as critical. This affects an unknown part of the file /session.php. The manipulation of the argument session … | |||
| CVE-2025-6909 | high | 8.8 | 8.8 | 11mo ago | A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-scdetails… | |||
| CVE-2025-6908 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/edit-services.php. The manipulation o… | |||
| CVE-2025-6899 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, was found in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1. This affects an unknown part of the file msp_info.htm. The manipulation of the arg… | |||
| CVE-2025-6898 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1. Affected by this issue is some unknown functionality of the file in proxy_client.asp. The manipulatio… | |||
| CVE-2025-6896 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.25A1. Affected is an unknown function of the file wget_test.asp. The manipulation of the argument url leads to os comma… | |||
| CVE-2025-6890 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ticketConfirmation.php. The manipulation … | |||
| CVE-2025-6884 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /search_index.php. The manipulation o… | |||
| CVE-2025-6880 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-tax.php. The manipulation of the argu… | |||
| CVE-2025-6879 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add-tax.php. The manipulatio… | |||
| CVE-2025-6878 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/search-appointment.php. The … | |||
| CVE-2025-6877 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/edit-category.php. The manipulation o… | |||
| CVE-2025-6876 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/add-category.php. The … | |||
| CVE-2025-6875 | high | 8.8 | 8.8 | 11mo ago | A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscr… | |||
| CVE-2025-6874 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/add_subscribe.php. The manipulation… | |||
| CVE-2025-6862 | high | 8.8 | 8.8 | 11mo ago | A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit_plan.php. The manipulation of the arg… | |||
| CVE-2025-6861 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add_plan.php. The manipulati… | |||
| CVE-2025-6860 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/staff_commision.php. The man… | |||
| CVE-2025-6859 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/pro_sale.php. The manipulation of the… | |||
| CVE-2025-6855 | high | 8.8 | 8.8 | 11mo ago | Langchain-Chatchat vulnerable to path traversal | |||
| CVE-2025-6850 | high | 8.8 | 8.8 | 11mo ago | A vulnerability has been found in code-projects Simple Forum 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /forum1.php. The manipulation of th… | |||
| CVE-2025-6848 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in code-projects Simple Forum 1.0. This issue affects some unknown processing of the file /forum1.php. The manipulation of the argume… | |||
| CVE-2025-6766 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. It has been declared as critical. This vulnerability affects the function getOfficeName of the file Of… | |||
| CVE-2025-6765 | high | 8.8 | 8.8 | 11mo ago | A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Requ… | |||
| CVE-2025-52826 | high | 8.8 | 8.8 | 11mo ago | Deserialization of Untrusted Data vulnerability in uxper Sala allows Object Injection. This issue affects Sala: from n/a through 1.1.3. | |||
| CVE-2025-6736 | high | 8.8 | 8.8 | 11mo ago | JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing certain components | |||
| CVE-2025-6735 | high | 8.8 | 8.8 | 11mo ago | JuzaWeb CMS is vulnerable to Incorrect Privilege Assignment when installing Import Page component | |||
| CVE-2025-6667 | high | 8.8 | 8.8 | 11mo ago | A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of … | |||
| CVE-2025-6609 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/bwdates-reports-detail… | |||
| CVE-2025-6608 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-servic… | |||
| CVE-2025-6607 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/stock.php. The manipulation of the … | |||
| CVE-2025-6606 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. This issue affects some unknown processing of the file /panel/add-services.php. T… | |||
| CVE-2025-6605 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. This vulnerability affects unknown code of the file /panel/edit-staff.php. The manipulation of the… | |||
| CVE-2025-6604 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add-staff.php. The manipulation of the argume… | |||
| CVE-2025-6583 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /view-appointment.php. The manipulation of th… | |||
| CVE-2025-6582 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /edit-customer-d… | |||
| CVE-2025-6581 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-customer.php. The mani… | |||
| CVE-2025-6570 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 4.0. Affected by this issue is some unknown functionality of the file /doctor/search.php. Th… | |||
| CVE-2025-6535 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in xxyopen/201206030 novel-plus up to 5.1.3 and classified as critical. This vulnerability affects the function list of the file novel-admin/src/main/resources/mybatis/… | |||
| CVE-2025-6529 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in 70mai M300 up to 20250611 and classified as critical. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation leads to use … | |||
| CVE-2025-6422 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=s… | |||
| CVE-2025-6417 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in PHPGurukul Art Gallery Management System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-artist.php… | |||
| CVE-2025-6416 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1. Affected is an unknown function of the file /admin/changeimage4.php. The manipulation of … | |||
| CVE-2025-6415 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.1. This issue affects some unknown processing of the file /admin/changeimage3.php. The … | |||
| CVE-2025-6414 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in PHPGurukul Art Gallery Management System 1.1. This vulnerability affects unknown code of the file /admin/changeimage2.php. The manipulation of the … | |||
| CVE-2025-6413 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical has been found in PHPGurukul Art Gallery Management System 1.1. This affects an unknown part of the file /admin/changeimage1.php. The manipulation of the argume… | |||
| CVE-2025-6412 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php. The … | |||
| CVE-2025-6411 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/changepropic… | |||
| CVE-2025-6410 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been classified as critical. Affected is an unknown function of the file /admin/edit-art-medium-detail.php. The manip… | |||
| CVE-2025-6333 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, was found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the … | |||
| CVE-2025-6332 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, has been found in PHPGurukul Directory Management System 2.0. Affected by this issue is some unknown functionality of the file /admin/manage-directo… | |||
| CVE-2025-6331 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search-directory.php. The… | |||
| CVE-2025-6321 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-subadmin.ph… | |||
| CVE-2025-6320 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, was found in PHPGurukul Pre-School Enrollment System 1.0. Affected is an unknown function of the file /admin/add-class.php. The manipulation of the … | |||
| CVE-2025-6319 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, has been found in PHPGurukul Pre-School Enrollment System 1.0. This issue affects some unknown processing of the file /admin/add-teacher.php. The ma… | |||
| CVE-2025-6309 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-ambulance.php. … | |||
| CVE-2025-6308 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /admin/bwdates-request-report-details.php. The m… | |||
| CVE-2025-6156 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-re… | |||
| CVE-2025-6122 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, was found in code-projects Restaurant Order System 1.0. This affects an unknown part of the file /table.php. The manipulation of the argument ID lea… | |||
| CVE-2025-6105 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in jflyfox jfinal_cms 5.0.1 and classified as problematic. This vulnerability affects unknown code of the file HOME.java. The manipulation of the argument Logout leads … | |||
| CVE-2025-6096 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in codesiddhant Jasmin Ransomware up to 1.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard.php. The man… | |||
| CVE-2025-6094 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, has been found in qianfox FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulat… | |||
| CVE-2025-5971 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in code-projects School Fees Payment System 1.0. It has been classified as critical. This affects an unknown part of the file /ajx.php. The manipulation of the argument name… | |||
| CVE-2025-5859 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /test-detai… | |||
| CVE-2025-5858 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /patient-report.php. The manipulatio… | |||
| CVE-2025-5857 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /urinalysis_record.php. The manipula… | |||
| CVE-2025-5838 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. Affected by this vulnerability is an unknown functionality of the file /admin/adminprofile.php. T… | |||
| CVE-2025-5837 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical has been found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file /admin/allemployees.php. The manipulation of the… | |||
| CVE-2025-5784 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This vulnerability affects unknown code of the file /myexp.php. The manipulation of the … | |||
| CVE-2025-5763 | high | 8.8 | 8.8 | 1y ago | A vulnerability has been found in Tenda CP3 11.10.00.2311090948 and classified as critical. Affected by this vulnerability is the function sub_F3C8C of the file apollo. The manipulation leads to comm… | |||
| CVE-2025-5761 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as critical, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file /edit-family-member.php. Th… | |||
| CVE-2025-39358 | high | 8.8 | 8.8 | 1y ago | Deserialization of Untrusted Data vulnerability in teastudio.pl WP Posts Carousel wp-posts-carousel allows Object Injection.This issue affects WP Posts Carousel: from n/a through <= 1.3.12. | |||
| CVE-2025-5732 | high | 8.8 | 8.8 | 1y ago | A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part. The manipulation leads to cross-site request forge… | |||
| CVE-2025-5728 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in SourceCodester Open Source Clinic Management System 1.0. This vulnerability affects unknown code of the file /manage_website.php. The manipulation … | |||
| CVE-2025-47631 | high | 8.8 | 8.8 | 1y ago | Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows Privilege Escalation. This issue affects Hospital Management System: from 47.0(20 through 11. | |||
| CVE-2025-39366 | high | 8.8 | 8.8 | 1y ago | Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0. | |||
| CVE-2025-47576 | high | 8.8 | 8.8 | 1y ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Bringthepixel Bimber - Viral Magazine WordPress Theme.This issue affects Bimbe… | |||
| CVE-2025-48138 | high | 8.8 | 8.8 | 1y ago | Missing Authorization vulnerability in Bertha AI – Andrew Palmer BERTHA AI bertha-ai-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BERTHA AI: from n/… | |||
| CVE-2025-47649 | high | 8.8 | 8.8 | 1y ago | Path Traversal: '.../...//' vulnerability in StackWC Open Close WooCommerce Store woc-open-close allows PHP Local File Inclusion.This issue affects Open Close WooCommerce Store: from n/a through <= 4… | |||
| CVE-2025-26902 | high | 8.8 | 8.8 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in Brizy Brizy Pro allows Cross Site Request Forgery.This issue affects Brizy Pro: from n/a through 2.6.1. | |||
| CVE-2025-26901 | high | 8.8 | 8.8 | 1y ago | Missing Authorization vulnerability in Brizy Brizy Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brizy Pro: from n/a through 2.6.1. | |||
| CVE-2025-3409 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stb_include_string. The manipulation of the argument path_to_includes leads to stack-bas… | |||
| CVE-2025-3408 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by this issue is the function stb_dupreplace. The manipulation leads to integer overflow. The attack m… | |||
| CVE-2025-3407 | high | 8.8 | 8.8 | 1y ago | A vulnerability was found in Nothings stb up to f056911. It has been declared as critical. Affected by this vulnerability is the function stbhw_build_tileset_from_image. The manipulation of the argum… | |||
| CVE-2025-3323 | high | 8.8 | 8.8 | 1y ago | A vulnerability classified as critical was found in godcheese/code-projects Nimrod 0.8. Affected by this vulnerability is the function searchAllByName of the file ViewMenuCategoryRestController.java.… | |||
| CVE-2025-32220 | high | 8.8 | 8.8 | 1y ago | Missing Authorization vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salon bookin… | |||
| CVE-2025-28864 | high | 8.8 | 8.8 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in planetstudio Builder for Contact Form 7 by Webconstruct cf7-builder allows Cross Site Request Forgery.This issue affects Builder for Contact Form 7 … | |||
| CVE-2025-23528 | high | 8.8 | 8.8 | 1y ago | Incorrect Privilege Assignment vulnerability in Mosterd3d DD Roles dd-roles allows Privilege Escalation.This issue affects DD Roles: from n/a through <= 4.1. | |||
| CVE-2025-30028 | high | 8.6 | 8.6 | 9d ago | A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files. | |||
| CVE-2025-10470 | high | 8.6 | 8.6 | 25d ago | The Magic Link authentication flow accepts multiple invalid authentication requests without adequate rate limiting or resource control, leading to uncontrolled memory usage growth. This vulnerabilit… | |||
| CVE-2025-15620 | high | 8.6 | 8.6 | 2mo ago | HiOS Switch Platform versions 09.1.00 through 09.4.04 and 10.0.00 through 10.3.00 contain a denial-of-service vulnerability in the web interface that allows remote attackers to reboot the affected de… | |||
| CVE-2025-69347 | high | 8.6 | 8.6 | 2mo ago | Authorization Bypass Through User-Controlled Key vulnerability in Convers Lab WPSubscription subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP… | |||
| CVE-2025-69063 | high | 8.6 | 8.6 | 4mo ago | Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n… | |||
| CVE-2025-69097 | high | 8.6 | 8.6 | 4mo ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through <= 1.9.9… | |||
| CVE-2025-63680 | high | 8.6 | 8.6 | 7mo ago | Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw (CWE-22) that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code… | |||
| CVE-2025-49916 | high | 8.6 | 8.6 | 8mo ago | Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a … | |||
| CVE-2025-11343 | high | 8.6 | 8.6 | 8mo ago | A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected is an unknown function of the file delete.php. The manipulation of the argument ID leads to sql inject… | |||
| CVE-2025-49448 | high | 8.6 | 8.6 | 11mo ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Fastw3b LLC FW Food Menu allows Path Traversal. This issue affects FW Food Menu : from n/a through 6.0… | |||
| CVE-2025-1026 | high | 8.6 | 8.6 | 1y ago | Browsershot Local File Inclusion |