Sort by: Updated/Published

Filtred: Bugs
Risk Topic & Details
2025-04-06
Med.
AC Repair and Services System - ARSS-1.0-Copyright©2025-Multiple-SQLi
 Remote nu11secur1ty
Low
Exclusive Addons for Elementor 2.6.9 Stored Cross-Site Scripting
 CVE CWE Remote Wordfence Security Tea...
Low
Gitea 1.22.0 Stored XSS
 CVE CWE Remote Catalin Iovita
High
Royal Elementor Addons and Templates 1.3.78 Unauthenticated Arbitrary File Upload
 CVE CWE Remote Sheikh Mohammad Hasan
Med.
ollama 0.6.4 Server Side Request Forgery (SSRF)
 Remote sud0
Low
Reservit Hotel 2.1 Stored Cross-Site Scripting (XSS)
 CVE CWE Remote Ilteris Kaan Pehlivan
2025-04-01
Med.
Litespeed unauthorized account takeover
 CVE Remote Gnzls
High
Ksenia Security Lares 4.0 Home Automation Remote Code Execution
 Remote ShadeLock
Low
Ksenia Security Lares 4.0 Home Automation URL Redirection
 Remote ShadeLock
Med.
thevision - SQL Injection vulnerability
 Remote Mahdi Karimi
Med.
kyaan - Multiple Vulnerabilities
 Remote wa0_3
Med.
WEBWORX TECHNOLOGIES- Multiple Vulnerabilities - Multiple Vulnerabilities
 Remote wa0_3
Low
Zoltrix Modem - 'tools_admin_1' Cross site request forgery
 CWE Remote Amir Hossein Jamshidi
2025-03-30
Low
openweb-ui 0.5.20 Client-Side Path Traversal (CSPT)
 Remote CXSECURITY
Med.
NVIDIA Container Toolkit 1.16.1 Time-of-check Time-of-Use (TOCTOU)
 CVE Local r0binak
High
PHP < 8.3.8 Remote Code Execution
 CVE Remote Yesith Alvarez
High
Litespeed Cache 6.5.0.1 Authentication Bypass
 CVE Remote Gnzls
Med.
OMOS-1.0-Copyright©2025-Multiple-SQLi
 Remote Local nu11secur1ty
High
XWiki Standard 14.10 Remote Code Execution (RCE)
 CVE Remote Mehran Seifalinia
2025-03-25
Low
dolphin.prov7.4.2 Stored XSS via Send Message Functionality
 Remote Andrey Stoykov
Med.
dolphin.prov7.4.2 SQL Injection in Admin Functionality
 Remote Andrey Stoykov
Med.
University Registration System - IDOR Leads to Information Disclosure
 Remote wa0_3
Med.
Wordpress Modal Popup Box Plugin - Multiple Vulnerabilities
 Remote bRpsd
Low
Wordpress Plugin Iron Security - IP Spoofing
 Remote bRpsd
Med.
Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change (Unauthenticated)
 CWE Remote Amir Hossein Jamshidi
Med.
AEGON LIFE v1.0 Life Insurance Management System SQL injection vulnerability.
 CVE CWE Remote Aslam Anwar Mahimkar
2025-03-22
High
Jasmin Ransomware - (Authenticated) Arbitrary File Download
 Remote bRpsd
Med.
Jasmin Ransomware SQL Injection Login Bypass
 CWE Remote Buğra Enis Dönmez
2025-03-20
Med.
Tours and travels PHP Multiple Vulnerabilities
 Remote mehrdadr13
High
Chamilo LMS 1.11.24 Remote Code Execution (RCE)
 CVE Remote 0x00-null - Mohamed Ka...
2025-03-13
Med.
Agile Solutio - Blind Sql Injection Vulnerability
 Remote behrouz mansoori
Med.
TENANT LIMITED-1.0-Multiple-SQLi + SQLi Bypass Authentication
 Remote nu11secur1ty
Med.
VeeVPN 1.6.1 - 'VeePNService' Unquoted Service Path
 Local Dogukan Orhan
2025-03-10
Low
FluxBB 1.5.11 Cross Site Scripting
 Remote Chokri Hammedi
Med.
JUX Real Estate 3.4.0 - SQL Injection
 CVE CWE Remote CraCkEr
Low
JUX Real Estate 3.4.0 - Multiple RXSS
 CVE CWE Remote CraCkEr
2025-03-08
Med.
OpenPanel 0.3.4 - Insecure Permission Modification via Fix Permission Function
 CVE Remote Multiple
Med.
Zontal Arcade HTML 5 Game Portal PHP Script - SQL Injection
 Remote Buğra Enis Dönmez
Med.
Identified Security Concerns: Database Credentials in Plain Text
 Remote E1.CODERS
2025-03-05
Med.
Teachers Record Management System 2.1 SQL Injection
 Remote Mehmet Can Kadıoğlu
High
OpenPanel 0.3.4 Remote Code Execution
 CVE Remote Multiple
Med.
Webmin RCE Leading to Privilege Escalation
 Local Buğra Enis Dönmez
Med.
IdoDesigns - Multiple Vulnerabilities
 Remote bRpsd
2025-03-04
Low
Crest Engine CMS 1.0 Cross Site Scripting
 Remote wa-3
Med.
Teachers Record Management System v2.1 SQLi
 Remote mao7un
Low
Crest Engine CMS - Reflected Cross-Site Scripting (XSS)
 wa0_3
2025-02-28
High
Adobe Reader CoolType Out-Of-Bounds Read
 Remote Mjurczyk
Low
SeedDMS 6.0.29 Cross Site Scripting
 CVE Remote Athul S
2025-02-27
Med.
Library-Card-System V 1.0 | Add Picture/Signature - signup.php | Unrestricted File Upload | Found By Maloy Roy Orko
 CVE CWE Remote Maloy Roy Orko
Med.
Needyamin | Library-Card-System 1.0 | card.php?id= SQL Injection | Found By Maloy Roy Orko
 CVE CWE Remote Maloy Roy Orko
2025-02-24
Low
needyamin Library Card System Registration Page signup.php cross site scripting
 CVE CWE Remote Maloy Roy Orko
Low
Image_Gallery | Add Gallery- admin/gallery.php | Unrestricted File Upload | Found By Maloy Roy Orko
 CVE CWE Remote Maloy Roy Orko
Low
Image_Gallery | view.php?username= | Cross Site Scripting (Reflected XSS) | Found By Maloy Roy Orko
 CVE CWE Remote Maloy Roy Orko
Med.
Library-Card-System | SQL Injection Admin Login Bypass In admin.php | Found By Maloy Roy Orko
 CVE CWE Remote Maloy Roy Orko
2025-02-19
Med.
Zabbix SQL Multiple Vulns
 CVE Remote godylockz
2025-02-18
Med.
WordPress Plugin A/B Image Optimizer 3.3 Arbitrary File Download
 Remote Random
Med.
OpenSSH 9.9p1 Denial of Service / Man-In-The-Middle
 Remote Qualys
2025-02-13
Med.
ABB Cylon FLXeon 9.3.4 Default Credentials
 Remote Gjoko 'LiquidWorm...
Med.
Wattsense Bridge 6.x Remote Root / Information Disclosure
 Remote SEC
Med.
SolarView Compact 6.00 - Command Injection
 Remote parsa rezaie khiabanlo...
Copyright 2025, cxsecurity.com

 

Back to Top