Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-01-19 CVE-2024-8722 The Import any XML or CSV File to WordPress PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.9.7 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
5.5
5.5
2025-01-19 CVE-2025-0564 SQL Injection vulnerability in Anisha Fantasy-Cricket 1.0
A vulnerability was found in code-projects Fantasy-Cricket 1.0.
network
low complexity
anisha CWE-89
critical
 9.8
9.8
2025-01-19 CVE-2024-45652 IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system.
network
low complexity
CWE-22
6.5
6.5
2025-01-19 CVE-2024-45653 Information Exposure Through Sent Data vulnerability in IBM Sterling Connect Direct web Services
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system.
network
low complexity
ibm CWE-201
4.3
4.3
2025-01-19 CVE-2024-45654 IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs.
network
low complexity
CWE-807
4.3
4.3
2025-01-19 CVE-2025-0562 SQL Injection vulnerability in Codezips GYM Management System 1.0
A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical.
network
low complexity
codezips CWE-89
critical
 9.8
9.8
2025-01-19 CVE-2025-0563 SQL Injection vulnerability in Anisha Fantasy-Cricket 1.0
A vulnerability was found in code-projects Fantasy-Cricket 1.0.
network
low complexity
anisha CWE-89
critical
 9.8
9.8
2025-01-19 CVE-2025-0561 SQL Injection vulnerability in Angeljudesuarez Farm Management System 1.0
A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical.
network
low complexity
angeljudesuarez CWE-89
critical
 9.8
9.8
2025-01-18 CVE-2024-45662 IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources.
network
low complexity
CWE-770
7.5
7.5
2025-01-18 CVE-2024-47106 IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system.
network
low complexity
CWE-552
5.3
5.3