|
2681
|
8.2 |
HIGH
Local
|
howyar
signalcomputer
wasay
sanfong
greenware
cs-grp
radix
|
sysreturn
hdd_king
erecoveryrx
ez-back_system
greenguard
neo_impact
smart_recovery
|
Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-7344
|
2025-01-23 00:41 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2682
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AlaFalaki a Gateway for Pasargad Bank on WooCommerce allows Reflected XSS. This issue affects a G…
|
CWE-79
Cross-site Scripting
|
CVE-2025-23966
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2683
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Linus Lundahl Good Old Gallery allows Reflected XSS. This issue affects Good Old Gallery: from n/…
|
CWE-79
Cross-site Scripting
|
CVE-2025-23959
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2684
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in Innovative Solutions user files allows Upload a Web Shell to a Web Server. This issue affects user files: from n/a through 2.4.2.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-23953
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2685
|
- |
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mihajlovic Nenad Improved Sale Badges – Free Version allows PHP Local File Inc…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2025-23949
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2686
|
- |
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebArea Background animation blocks allows PHP Local File Inclusion. This issu…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2025-23948
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2687
|
- |
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in WOOEXIM.COM WOOEXIM allows Object Injection. This issue affects WOOEXIM: from n/a through 5.0.0.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2025-23944
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2688
|
- |
|
-
|
-
|
ps_contactinfo, a PrestaShop module for displaying store contact information, has a cross-site scripting (XSS) vulnerability in versions up to and including 3.3.2. This can not be exploited in a fres…
|
CWE-79
Cross-site Scripting
|
CVE-2025-24027
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2689
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in NgocCode WP Load Gallery allows Upload a Web Shell to a Web Server. This issue affects WP Load Gallery: from n/a through 2.1.6.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-23942
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2690
|
- |
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Image Gallery Box by CRUDLab allows PHP Local File Inclusion. This is…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2025-23938
|
2025-01-23 00:15 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
