Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2024-55399 SSRF (Server-Side Request Forgery) in ssrf (CVE-2024-55399)
SSRF in ssrf (CVE-2024-55399). Risk of unauthorized operations or information disclosure.
CVE-2025-51624 Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.
Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.
CVE-2025-53786 Authentication Bypass in microsoft (CVE-2025-53786)
authentication bypass in microsoft (CVE-2025-53786). Successful exploitation can lead to full system takeover.
CVE-2025-52237 Vulnerability in path-traversal (CVE-2025-52237)
vulnerability in path-traversal (CVE-2025-52237). Risk of unauthorized operations or information disclosure.
CVE-2025-50592 Cross-Site Scripting (XSS) in seacms (CVE-2025-50592)
cross-site scripting in seacms (CVE-2025-50592). Risk of unauthorized operations or information disclosure.
CVE-2012-10027 Unrestricted File Upload in wordpress (CVE-2012-10027)
vulnerability in wordpress (CVE-2012-10027). Risk of unauthorized operations or information disclosure. Exploitable via ``uploadify.php``.
CVE-2012-10024 Path Traversal in path-traversal (CVE-2012-10024)
path traversal in path-traversal (CVE-2012-10024). Risk of unauthorized operations or information disclosure.
CVE-2025-51857 Cross-Site Scripting (XSS) in CVE-2025-51857 (CVE-2025-51857)
cross-site scripting in CVE-2025-51857 (CVE-2025-51857). Risk of unauthorized operations or information disclosure.
CVE-2025-50341 SQL Injection in sqli (CVE-2025-50341)
SQL injection in sqli (CVE-2025-50341). Successful exploitation can lead to full system takeover.
CVE-2025-46206 Vulnerability in dos (CVE-2025-46206)
vulnerability in dos (CVE-2025-46206). Risk of unauthorized operations or information disclosure.
CVE-2025-50420 Vulnerability in dos (CVE-2025-50420)
vulnerability in dos (CVE-2025-50420). Risk of unauthorized operations or information disclosure.
CVE-2023-32253 Vulnerability in dos (CVE-2023-32253)
vulnerability in dos (CVE-2023-32253). Risk of unauthorized operations or information disclosure.
CVE-2025-52327 SQL Injection in sqli (CVE-2025-52327)
SQL injection in sqli (CVE-2025-52327). Successful exploitation can lead to full system takeover.
CVE-2025-50847 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-50847)
vulnerability in csrf (CVE-2025-50847). Risk of unauthorized operations or information disclosure.
CVE-2025-50848 Cross-Site Scripting (XSS) in cs-cart (CVE-2025-50848)
cross-site scripting in cs-cart (CVE-2025-50848). Risk of unauthorized operations or information disclosure.
CVE-2025-25691 Command Injection in deserialization (CVE-2025-25691)
command injection in deserialization (CVE-2025-25691). Risk of unauthorized operations or information disclosure.
CVE-2025-25692 Command Injection in deserialization (CVE-2025-25692)
command injection in deserialization (CVE-2025-25692). Risk of unauthorized operations or information disclosure.
CVE-2024-45955 Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL Injection via the filter parameter.
Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL Injection via the filter parameter.
CVE-2023-2593 Vulnerability in dos (CVE-2023-2593)
vulnerability in dos (CVE-2023-2593). Risk of unauthorized operations or information disclosure.
CVE-2025-6060 Cross-Site Scripting (XSS) in CVE-2025-6060 (CVE-2025-6060)
cross-site scripting in CVE-2025-6060 (CVE-2025-6060). Risk of unauthorized operations or information disclosure.
CVE-2025-29534 OS Command Injection in CVE-2025-29534 (CVE-2025-29534)
OS command injection in CVE-2025-29534 (CVE-2025-29534). Successful exploitation can lead to full system takeover.
CVE-2025-4056 Code Injection in dos (CVE-2025-4056)
code injection in dos (CVE-2025-4056). Risk of unauthorized operations or information disclosure.
CVE-2025-6918 SQL Injection in sqli (CVE-2025-6918)
SQL injection in sqli (CVE-2025-6918). Successful exploitation can lead to full system takeover.
CVE-2025-5449 Vulnerability in dos (CVE-2025-5449)
vulnerability in dos (CVE-2025-5449). Risk of unauthorized operations or information disclosure.
CVE-2025-45960 Cross-Site Scripting (XSS) in tawk (CVE-2025-45960)
cross-site scripting in tawk (CVE-2025-45960). Risk of unauthorized operations or information disclosure.
CVE-2025-44608 SQL Injection in sqli (CVE-2025-44608)
SQL injection in sqli (CVE-2025-44608). Risk of unauthorized operations or information disclosure.
CVE-2025-45939 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-45939)
SSRF in ssrf (CVE-2025-45939). Risk of unauthorized operations or information disclosure.
CVE-2025-5254 Cross-Site Scripting (XSS) in CVE-2025-5254 (CVE-2025-5254)
cross-site scripting in CVE-2025-5254 (CVE-2025-5254). Confidential information can be exposed externally.
CVE-2025-5253 Vulnerability in dos (CVE-2025-5253)
vulnerability in dos (CVE-2025-5253). Risk of unauthorized operations or information disclosure.
CVE-2025-4784 SQL Injection in sqli (CVE-2025-4784)
SQL injection in sqli (CVE-2025-4784). Successful exploitation can lead to full system takeover.
CVE-2025-4822 SQL Injection in sqli (CVE-2025-4822)
SQL injection in sqli (CVE-2025-4822). Successful exploitation can lead to full system takeover.
CVE-2025-6018 Authorization Flaw in privilege-escalation (CVE-2025-6018)
vulnerability in privilege-escalation (CVE-2025-6018). Successful exploitation can lead to full system takeover.
CVE-2025-4411 Cross-Site Scripting (XSS) in CVE-2025-4411 (CVE-2025-4411)
cross-site scripting in CVE-2025-4411 (CVE-2025-4411). Risk of unauthorized operations or information disclosure.
CVE-2025-4294 Cross-Site Scripting (XSS) in CVE-2025-4294 (CVE-2025-4294)
cross-site scripting in CVE-2025-4294 (CVE-2025-4294). Risk of unauthorized operations or information disclosure.
CVE-2025-4285 SQL Injection in sqli (CVE-2025-4285)
SQL injection in sqli (CVE-2025-4285). Successful exploitation can lead to full system takeover.
CVE-2025-4284 Cross-Site Scripting (XSS) in CVE-2025-4284 (CVE-2025-4284)
cross-site scripting in CVE-2025-4284 (CVE-2025-4284). Risk of unauthorized operations or information disclosure.
CVE-2025-44654 Vulnerability in privilege-escalation (CVE-2025-44654)
vulnerability in privilege-escalation (CVE-2025-44654). Successful exploitation can lead to full system takeover.
CVE-2025-44653 Vulnerability in dos (CVE-2025-44653)
vulnerability in dos (CVE-2025-44653). Risk of unauthorized operations or information disclosure.
CVE-2025-44651 Vulnerability in dos (CVE-2025-44651)
vulnerability in dos (CVE-2025-44651). Risk of unauthorized operations or information disclosure.
CVE-2025-44657 Vulnerability in privilege-escalation (CVE-2025-44657)
vulnerability in privilege-escalation (CVE-2025-44657). Risk of unauthorized operations or information disclosure.
CVE-2025-44655 Vulnerability in privilege-escalation (CVE-2025-44655)
vulnerability in privilege-escalation (CVE-2025-44655). Successful exploitation can lead to full system takeover.
CVE-2025-4040 Vulnerability in privilege-escalation (CVE-2025-4040)
vulnerability in privilege-escalation (CVE-2025-4040). Confidential information can be exposed externally.
CVE-2025-50583 Cross-Site Scripting (XSS) in daycloud (CVE-2025-50583)
cross-site scripting in daycloud (CVE-2025-50583). Risk of unauthorized operations or information disclosure.
CVE-2025-50582 Cross-Site Scripting (XSS) in daycloud (CVE-2025-50582)
cross-site scripting in daycloud (CVE-2025-50582). Risk of unauthorized operations or information disclosure.
CVE-2025-50581 Cross-Site Scripting (XSS) in mrcms (CVE-2025-50581)
cross-site scripting in mrcms (CVE-2025-50581). Risk of unauthorized operations or information disclosure.
CVE-2025-50584 Cross-Site Scripting (XSS) in daycloud (CVE-2025-50584)
cross-site scripting in daycloud (CVE-2025-50584). Risk of unauthorized operations or information disclosure.
CVE-2025-52163 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-52163)
SSRF in ssrf (CVE-2025-52163). Risk of unauthorized operations or information disclosure.
CVE-2025-52169 Cross-Site Scripting (XSS) in CVE-2025-52169 (CVE-2025-52169)
cross-site scripting in CVE-2025-52169 (CVE-2025-52169). Risk of unauthorized operations or information disclosure.
CVE-2025-50585 SQL Injection in sqli (CVE-2025-50585)
SQL injection in sqli (CVE-2025-50585). Successful exploitation can lead to full system takeover.
CVE-2025-50586 StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →