|
1261
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in …
|
CWE-79
Cross-site Scripting
|
CVE-2024-11328
|
2025-01-9 20:15 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1262
|
9.8 |
CRITICAL
Network
-
|
-
|
The Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite Scroll, Load More, Pagination & Shortcode Builder plugin for WordPress is vulnerable to Local File Inclusio…
|
CWE-22
Path Traversal
|
CVE-2024-11642
|
2025-01-9 20:15 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1263
|
- |
|
-
|
-
|
A vulnerability was found in CampCodes DepEd Equipment Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /data/add_employee.php. The manip…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-0348
|
2025-01-9 19:15 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1264
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Admission Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file index.php of the component Login. The…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0347
|
2025-01-9 19:15 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1265
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Content Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/publishnews.php of the component Publish …
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-0346
|
2025-01-9 18:15 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1266
|
- |
|
-
|
-
|
A vulnerability was found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this issue is the function listData of the file /sys/menu/listData. The manipulation of the argument order lea…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0345
|
2025-01-9 18:15 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1267
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.5.135 due to insufficient input san…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13153
|
2025-01-9 18:15 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1268
|
- |
|
-
|
-
|
A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /commpara/listData. The manipulation of the argum…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0344
|
2025-01-9 17:15 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1269
|
- |
|
-
|
-
|
A vulnerability, which was classified as problematic, was found in CampCodes Computer Laboratory Management System 1.0. This affects an unknown part of the file /class/edit/edit. The manipulation of …
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-0342
|
2025-01-9 17:15 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1270
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in CampCodes Computer Laboratory Management System 1.0. Affected by this issue is some unknown functionality of the file /class/edit/…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-0341
|
2025-01-9 17:15 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
