|
1421
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0700
|
2025-01-25 02:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1422
|
- |
|
-
|
-
|
Missing Authorization vulnerability in theDotstore Product Size Charts Plugin for WooCommerce.This issue affects Product Size Charts Plugin for WooCommerce: from n/a through 2.4.5.
|
CWE-862
Missing Authorization
|
CVE-2025-23991
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1423
|
- |
|
-
|
-
|
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to fetch t…
|
CWE-200
CWE-862
Information Exposure
Missing Authorization
|
CVE-2025-22607
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1424
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the fil…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0699
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1425
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. It has been classified as critical. Affected is an unknown function of the file /admin/sys/menu/list. T…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0698
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1426
|
6.5 |
MEDIUM
Network
|
-
|
-
|
IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of add…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2024-45077
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1427
|
- |
|
-
|
-
|
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In version 4.0.0-beta.358 and possibly earlier versions, when creating or updating a "project," it …
|
CWE-78
OS Command
|
CVE-2025-22606
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1428
|
5.9 |
MEDIUM
Network
|
-
|
-
|
IBM Concert Software 1.0.0 and 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit …
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2024-41757
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1429
|
5.3 |
MEDIUM
Network
-
|
-
|
IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system.
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2024-40706
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1430
|
8.0 |
HIGH
Network
|
-
|
-
|
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and up…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-40693
|
2025-01-25 01:15 |
2025-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
