VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-02-17
CVE-2025-0924
The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
7.2
7.2
2025-02-17
CVE-2025-1389
Orca HCM from Learning Digital has a SQL Injection vulnerability, allowing attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database contents.
network
low complexity
CWE-89
8.8
8.8
2025-02-17
CVE-2025-1374
SQL Injection vulnerability in Fabianros Real Estate Property Management System 1.0
A vulnerability classified as critical has been found in code-projects Real Estate Property Management System 1.0.
network
low complexity
fabianros
CWE-89
7.5
7.5
2025-02-17
CVE-2025-1388
Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and run web shells
network
low complexity
CWE-434
8.8
8.8
2025-02-16
CVE-2025-1356
SQL Injection vulnerability in Needyamin Library Card System 1.0
A vulnerability was found in needyamin Library Card System 1.0.
network
low complexity
needyamin
CWE-89
7.5
7.5
2025-02-16
CVE-2025-1340
Stack-based Buffer Overflow vulnerability in Totolink X18 Firmware 9.1.0Cu.2024B20220329
A vulnerability classified as critical has been found in TOTOLINK X18 9.1.0cu.2024_B20220329.
network
low complexity
totolink
CWE-121
8.8
8.8
2025-02-16
CVE-2025-1339
Command Injection vulnerability in Totolink X18 Firmware 9.1.0Cu.2024B20220329
A vulnerability was found in TOTOLINK X18 9.1.0cu.2024_B20220329.
network
low complexity
totolink
CWE-77
8.8
8.8
2025-02-16
CVE-2025-1338
A vulnerability was found in NUUO Camera up to 20250203.
network
low complexity
CWE-74
7.3
7.3
2025-02-16
CVE-2025-1336
Path Traversal vulnerability in Cmseasy 7.7.7.9
A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic.
network
low complexity
cmseasy
CWE-22
8.1
8.1
2025-02-16
CVE-2025-1335
Path Traversal vulnerability in Cmseasy 7.7.7.9
A vulnerability, which was classified as problematic, was found in CmsEasy 7.7.7.9.
network
low complexity
cmseasy
CWE-22
8.1
8.1
«
Previous
1
2
...
101
102
103
(current)
104
105
...
6824
6825
»
Next