|
711
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac le…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2025-0566
|
2025-01-19 16:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
712
|
7.3 |
HIGH
Network
-
|
-
|
A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument id leads to sql i…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0565
|
2025-01-19 15:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
713
|
5.5 |
MEDIUM
Network
|
-
|
-
|
The Import any XML or CSV File to WordPress PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.9.7 due to insufficient …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8722
|
2025-01-19 14:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
714
|
7.3 |
HIGH
Network
-
|
-
|
A vulnerability was found in code-projects Fantasy-Cricket 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /authenticate.php. The manipul…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0564
|
2025-01-19 13:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
715
|
4.3 |
MEDIUM
Network
|
-
|
-
|
IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs.
|
CWE-807
Reliance on Untrusted Inputs in a Security Decision
|
CVE-2024-45654
|
2025-01-19 12:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
716
|
4.3 |
MEDIUM
Network
|
-
|
-
|
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the s…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2024-45653
|
2025-01-19 12:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
717
|
6.5 |
MEDIUM
Network
|
-
|
-
|
IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to …
|
CWE-22
Path Traversal
|
CVE-2024-45652
|
2025-01-19 12:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
718
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in code-projects Fantasy-Cricket 1.0. It has been classified as critical. Affected is an unknown function of the file /dash/update.php. The manipulation of the argument unam…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0563
|
2025-01-19 11:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
719
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dashboard/admin/health_status_entry.php. The manipu…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0562
|
2025-01-19 11:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
720
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-pig.php. The manipulation of the argumen…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0561
|
2025-01-19 09:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
