Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-01-04 CVE-2024-41767 IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is vulnerable to SQL injection.
network
low complexity
CWE-89
7.3
7.3
2025-01-04 CVE-2024-41768 IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause an unhandled SSL exception which could leave the connection in an unexpected or insecure state.
network
low complexity
CWE-544
6.5
6.5
2025-01-04 CVE-2025-0211 Unspecified vulnerability in Campcodes School Faculty Scheduling System 1.0
A vulnerability was found in Campcodes School Faculty Scheduling System 1.0 and classified as critical.
network
low complexity
campcodes
critical
 9.8
9.8
2025-01-04 CVE-2025-0210 SQL Injection vulnerability in Campcodes School Faculty Scheduling System 1.0
A vulnerability has been found in Campcodes School Faculty Scheduling System 1.0 and classified as critical.
network
low complexity
campcodes CWE-89
critical
 9.8
9.8
2025-01-04 CVE-2025-0207 SQL Injection vulnerability in Code-Projects Online Shoe Store 1.0
A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0.
network
low complexity
code-projects CWE-89
critical
 9.8
9.8
2025-01-04 CVE-2025-0208 SQL Injection vulnerability in Code-Projects Online Shoe Store 1.0
A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0.
network
low complexity
code-projects CWE-89
critical
 9.8
9.8
2025-01-04 CVE-2024-12195 The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to SQL Injection via the 'project_id' parameter of the /wp-json/pm/v2/projects/2/task-lists REST API endpoint in all versions up to, and including, 2.6.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
6.5
6.5
2025-01-04 CVE-2024-12279 The WP Social AutoConnect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.2.
network
low complexity
CWE-352
6.1
6.1
2025-01-04 CVE-2024-12475 The WP Multi Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4
2025-01-04 CVE-2025-0206 Unspecified vulnerability in Code-Projects Online Shoe Store 1.0
A vulnerability classified as critical was found in code-projects Online Shoe Store 1.0.
network
low complexity
code-projects
8.8
8.8