Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2024-55399 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2024-55399)
SSRF in ssrf (CVE-2024-55399). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51624 |
|
Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.
Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.
|
| CVE-2025-53786 |
|
Authentication Bypass in microsoft (CVE-2025-53786)
authentication bypass in microsoft (CVE-2025-53786). Successful exploitation can lead to full system takeover.
|
| CVE-2025-52237 |
|
Vulnerability in path-traversal (CVE-2025-52237)
vulnerability in path-traversal (CVE-2025-52237). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50592 |
|
Cross-Site Scripting (XSS) in seacms (CVE-2025-50592)
cross-site scripting in seacms (CVE-2025-50592). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-10027 |
|
Unrestricted File Upload in wordpress (CVE-2012-10027)
vulnerability in wordpress (CVE-2012-10027). Risk of unauthorized operations or information disclosure. Exploitable via ``uploadify.php``.
|
| CVE-2012-10024 |
|
Path Traversal in path-traversal (CVE-2012-10024)
path traversal in path-traversal (CVE-2012-10024). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51857 |
|
Cross-Site Scripting (XSS) in CVE-2025-51857 (CVE-2025-51857)
cross-site scripting in CVE-2025-51857 (CVE-2025-51857). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50341 |
|
SQL Injection in sqli (CVE-2025-50341)
SQL injection in sqli (CVE-2025-50341). Successful exploitation can lead to full system takeover.
|
| CVE-2025-46206 |
|
Vulnerability in dos (CVE-2025-46206)
vulnerability in dos (CVE-2025-46206). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50420 |
|
Vulnerability in dos (CVE-2025-50420)
vulnerability in dos (CVE-2025-50420). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-32253 |
|
Vulnerability in dos (CVE-2023-32253)
vulnerability in dos (CVE-2023-32253). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52327 |
|
SQL Injection in sqli (CVE-2025-52327)
SQL injection in sqli (CVE-2025-52327). Successful exploitation can lead to full system takeover.
|
| CVE-2025-50847 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-50847)
vulnerability in csrf (CVE-2025-50847). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50848 |
|
Cross-Site Scripting (XSS) in cs-cart (CVE-2025-50848)
cross-site scripting in cs-cart (CVE-2025-50848). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25691 |
|
Command Injection in deserialization (CVE-2025-25691)
command injection in deserialization (CVE-2025-25691). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25692 |
|
Command Injection in deserialization (CVE-2025-25692)
command injection in deserialization (CVE-2025-25692). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-45955 |
|
Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL Injection via the filter parameter.
Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL Injection via the filter parameter.
|
| CVE-2023-2593 |
|
Vulnerability in dos (CVE-2023-2593)
vulnerability in dos (CVE-2023-2593). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-6060 |
|
Cross-Site Scripting (XSS) in CVE-2025-6060 (CVE-2025-6060)
cross-site scripting in CVE-2025-6060 (CVE-2025-6060). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-29534 |
|
OS Command Injection in CVE-2025-29534 (CVE-2025-29534)
OS command injection in CVE-2025-29534 (CVE-2025-29534). Successful exploitation can lead to full system takeover.
|
| CVE-2025-4056 |
|
Code Injection in dos (CVE-2025-4056)
code injection in dos (CVE-2025-4056). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-6918 |
|
SQL Injection in sqli (CVE-2025-6918)
SQL injection in sqli (CVE-2025-6918). Successful exploitation can lead to full system takeover.
|
| CVE-2025-5449 |
|
Vulnerability in dos (CVE-2025-5449)
vulnerability in dos (CVE-2025-5449). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-45960 |
|
Cross-Site Scripting (XSS) in tawk (CVE-2025-45960)
cross-site scripting in tawk (CVE-2025-45960). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-44608 |
|
SQL Injection in sqli (CVE-2025-44608)
SQL injection in sqli (CVE-2025-44608). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-45939 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-45939)
SSRF in ssrf (CVE-2025-45939). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-5254 |
|
Cross-Site Scripting (XSS) in CVE-2025-5254 (CVE-2025-5254)
cross-site scripting in CVE-2025-5254 (CVE-2025-5254). Confidential information can be exposed externally.
|
| CVE-2025-5253 |
|
Vulnerability in dos (CVE-2025-5253)
vulnerability in dos (CVE-2025-5253). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-4784 |
|
SQL Injection in sqli (CVE-2025-4784)
SQL injection in sqli (CVE-2025-4784). Successful exploitation can lead to full system takeover.
|
| CVE-2025-4822 |
|
SQL Injection in sqli (CVE-2025-4822)
SQL injection in sqli (CVE-2025-4822). Successful exploitation can lead to full system takeover.
|
| CVE-2025-6018 |
|
Authorization Flaw in privilege-escalation (CVE-2025-6018)
vulnerability in privilege-escalation (CVE-2025-6018). Successful exploitation can lead to full system takeover.
|
| CVE-2025-4411 |
|
Cross-Site Scripting (XSS) in CVE-2025-4411 (CVE-2025-4411)
cross-site scripting in CVE-2025-4411 (CVE-2025-4411). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-4294 |
|
Cross-Site Scripting (XSS) in CVE-2025-4294 (CVE-2025-4294)
cross-site scripting in CVE-2025-4294 (CVE-2025-4294). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-4285 |
|
SQL Injection in sqli (CVE-2025-4285)
SQL injection in sqli (CVE-2025-4285). Successful exploitation can lead to full system takeover.
|
| CVE-2025-4284 |
|
Cross-Site Scripting (XSS) in CVE-2025-4284 (CVE-2025-4284)
cross-site scripting in CVE-2025-4284 (CVE-2025-4284). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-44654 |
|
Vulnerability in privilege-escalation (CVE-2025-44654)
vulnerability in privilege-escalation (CVE-2025-44654). Successful exploitation can lead to full system takeover.
|
| CVE-2025-44653 |
|
Vulnerability in dos (CVE-2025-44653)
vulnerability in dos (CVE-2025-44653). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-44651 |
|
Vulnerability in dos (CVE-2025-44651)
vulnerability in dos (CVE-2025-44651). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-44657 |
|
Vulnerability in privilege-escalation (CVE-2025-44657)
vulnerability in privilege-escalation (CVE-2025-44657). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-44655 |
|
Vulnerability in privilege-escalation (CVE-2025-44655)
vulnerability in privilege-escalation (CVE-2025-44655). Successful exploitation can lead to full system takeover.
|
| CVE-2025-4040 |
|
Vulnerability in privilege-escalation (CVE-2025-4040)
vulnerability in privilege-escalation (CVE-2025-4040). Confidential information can be exposed externally.
|
| CVE-2025-50583 |
|
Cross-Site Scripting (XSS) in daycloud (CVE-2025-50583)
cross-site scripting in daycloud (CVE-2025-50583). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50582 |
|
Cross-Site Scripting (XSS) in daycloud (CVE-2025-50582)
cross-site scripting in daycloud (CVE-2025-50582). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50581 |
|
Cross-Site Scripting (XSS) in mrcms (CVE-2025-50581)
cross-site scripting in mrcms (CVE-2025-50581). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50584 |
|
Cross-Site Scripting (XSS) in daycloud (CVE-2025-50584)
cross-site scripting in daycloud (CVE-2025-50584). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52163 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-52163)
SSRF in ssrf (CVE-2025-52163). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52169 |
|
Cross-Site Scripting (XSS) in CVE-2025-52169 (CVE-2025-52169)
cross-site scripting in CVE-2025-52169 (CVE-2025-52169). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50585 |
|
SQL Injection in sqli (CVE-2025-50585)
SQL injection in sqli (CVE-2025-50585). Successful exploitation can lead to full system takeover.
|
| CVE-2025-50586 |
|
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
|