|
2491
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘custom_server’ parameter in all versions up to, and including,…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12047
|
2025-01-4 17:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2492
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘smc_settings_tab', 'unattachfixit-action', and 'woofixit-action’ parameters in all versions u…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11974
|
2025-01-4 17:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2493
|
8.8 |
HIGH
Network
|
-
|
-
|
The Backup Migration plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.6 via deserialization of untrusted input in the 'recursive_unserialize_replac…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-10932
|
2025-01-4 17:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2494
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Student Management System 1.0. It has been declared as critical. This vulnerability affects the function showSubject1 of the file /config/DbFunction.php. Th…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0203
|
2025-01-4 16:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2495
|
- |
|
-
|
-
|
A vulnerability was found in TCS BaNCS 10. It has been classified as problematic. This affects an unknown part of the file /REPORTS/REPORTS_SHOW_FILE.jsp. The manipulation of the argument FilePath le…
|
CWE-73
External Control of File Name or Path
|
CVE-2025-0202
|
2025-01-4 14:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2496
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/update…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0201
|
2025-01-4 13:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2497
|
- |
|
-
|
-
|
A vulnerability has been found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0200
|
2025-01-4 12:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2498
|
- |
|
-
|
-
|
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS, where the application does not properly validate uploaded files. This allow…
|
-
|
CVE-2025-22389
|
2025-01-4 12:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2499
|
- |
|
-
|
-
|
A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewal…
|
-
|
CVE-2024-3393
|
2025-01-4 11:00 |
2024-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2500
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, was found in code-projects Point of Sales and Inventory Management System 1.0. Affected is an unknown function of the file /user/minus_cart.php. The…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0199
|
2025-01-4 08:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
