|
2171
|
4.4 |
MEDIUM
Network
|
-
|
-
|
IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials.
|
CWE-1323
|
CVE-2024-49338
|
2025-01-19 00:15 |
2025-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2172
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the compone…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-0559
|
2025-01-18 23:15 |
2025-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2173
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability classified as critical was found in TDuckCloud tduck-platform up to 4.0. This vulnerability affects the function QueryProThemeRequest of the file src/main/java/com/tduck/cloud/form/re…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0558
|
2025-01-18 22:15 |
2025-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2174
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability classified as problematic has been found in Hyland Alfresco Community Edition and Alfresco Enterprise Edition up to 6.2.2. This affects an unknown part of the file /share/s/ of the co…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-0557
|
2025-01-18 18:15 |
2025-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2175
|
9.8 |
CRITICAL
Network
-
|
-
|
The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.1.7. This is due to the plugin not properly validating a use…
|
CWE-620
Unverified Password Change
|
CVE-2024-13375
|
2025-01-18 18:15 |
2025-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2176
|
7.5 |
HIGH
Network
-
|
-
|
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to time-based SQL Injection via the Login Attempts module in all versions up to, and including, 3.0.12 due to insuf…
|
CWE-89
SQL Injection
|
CVE-2024-13184
|
2025-01-18 18:15 |
2025-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2177
|
- |
|
-
|
-
|
A vulnerability, which was classified as problematic, was found in code-projects Tourism Management System 1.0. Affected is an unknown function of the file /admin/manage-pages.php. The manipulation o…
|
-
|
CVE-2025-0538
|
2025-01-18 18:15 |
2025-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2178
|
- |
|
-
|
-
|
A vulnerability, which was classified as problematic, has been found in code-projects Car Rental Management System 1.0. This issue affects some unknown processing of the file /admin/manage-pages.php.…
|
-
|
CVE-2025-0537
|
2025-01-18 18:15 |
2025-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2179
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_reviews' shortcode in all versions up to…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13392
|
2025-01-18 17:15 |
2025-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2180
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Buzz Club – Night Club, DJ and Music Festival Event WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing ca…
|
CWE-862
Missing Authorization
|
CVE-2025-0515
|
2025-01-18 16:15 |
2025-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
