|
2111
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.0 via the 'bse-ele…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-13841
|
2025-02-7 16:15 |
2025-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2112
|
- |
|
-
|
-
|
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14.1 prior to 17.3.7, 17.4 prior to 17.4.4, and 17.5 prior to 17.5.2. A denial of service co…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2025-1072
|
2025-02-7 13:15 |
2025-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2113
|
- |
|
-
|
-
|
Dell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability. A low privileged attacker with r…
|
CWE-80
Basic XSS
|
CVE-2025-22402
|
2025-02-7 12:15 |
2025-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2114
|
5.3 |
MEDIUM
Network
-
|
-
|
A vulnerability has been found in Safetytest Cloud-Master Server up to 1.1.1 and classified as critical. This vulnerability affects unknown code of the file /static/. The manipulation leads to path t…
|
CWE-23
CWE-24
Relative Path Traversal
Path Traversal: '../filedir'
|
CVE-2025-1086
|
2025-02-7 11:15 |
2025-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2115
|
9.8 |
CRITICAL
Network
-
|
-
|
The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.16. This is due to insufficient verification on the user being supplied …
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2025-1061
|
2025-02-7 11:15 |
2025-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2116
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability, which was classified as problematic, was found in Animati PACS up to 1.24.12.09.03. This affects an unknown part of the file /login. The manipulation of the argument p leads to cross…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-1085
|
2025-02-7 10:15 |
2025-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2117
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql ????????? 3.9.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site …
|
CWE-352
CWE-862
Origin Validation Error
Missing Authorization
|
CVE-2025-1084
|
2025-02-7 09:15 |
2025-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2118
|
- |
|
-
|
-
|
Multiple Elber products suffer from an unauthenticated device configuration and client-side hidden functionality disclosure.
|
CWE-912
Hidden Functionality
|
CVE-2025-0675
|
2025-02-7 09:15 |
2025-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2119
|
- |
|
-
|
-
|
Multiple Elber products are affected by an authentication bypass
vulnerability which allows unauthorized access to the password
management functionality. Attackers can exploit this issue by
manipu…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2025-0674
|
2025-02-7 09:15 |
2025-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2120
|
3.1 |
LOW
Network
|
-
|
-
|
A vulnerability classified as problematic was found in Mindskip xzs-mysql ????????? 3.9.0. Affected by this vulnerability is an unknown functionality of the component CORS Handler. The manipulation l…
|
CWE-346
CWE-942
Origin Validation Error
Permissive Cross-domain Policy with Untrusted Domains
|
CVE-2025-1083
|
2025-02-7 08:15 |
2025-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
