VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-02-24
CVE-2024-55898
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user with the capability to compile or restore a program to gain elevated privileges due to an unqualified library call.
network
high complexity
CWE-427
8.5
8.5
2025-02-24
CVE-2025-1606
Improper Access Control vulnerability in Mayurik Best Employee Management System 1.0
A vulnerability classified as problematic was found in SourceCodester Best Employee Management System 1.0.
network
low complexity
mayurik
CWE-284
7.5
7.5
2025-02-23
CVE-2025-1590
Unrestricted Upload of File with Dangerous Type vulnerability in Janobe E-Learning System 1.0
A vulnerability was found in SourceCodester E-Learning System 1.0.
network
low complexity
janobe
CWE-434
7.2
7.2
2025-02-23
CVE-2025-1578
Injection vulnerability in PHPgurukul Online Shopping Portal 2.1
A vulnerability, which was classified as critical, was found in PHPGurukul Online Shopping Portal 2.1.
network
low complexity
phpgurukul
CWE-74
7.5
7.5
2025-02-22
CVE-2025-0957
The SMTP for Amazon SES – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
7.2
7.2
2025-02-22
CVE-2024-13474
The LTL Freight Quotes – Purolator Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameters in all versions up to, and including, 2.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
7.5
7.5
2025-02-22
CVE-2024-13899
The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0 via deserialization of untrusted input via the $data parameter in the fImportMenu function.
network
low complexity
CWE-502
7.2
7.2
2025-02-21
CVE-2025-1536
A vulnerability was found in Raisecom Multi-Service Intelligent Gateway up to 20250208.
network
low complexity
CWE-77
7.3
7.3
2025-02-21
CVE-2025-1538
Out-of-bounds Write vulnerability in Dlink Dap-1320 Firmware 1.0
A vulnerability classified as critical was found in D-Link DAP-1320 1.00.
network
low complexity
dlink
CWE-787
8.8
8.8
2025-02-21
CVE-2024-13900
Code Injection vulnerability in Satollo Head, Footer, and Post Injections
The Head, Footer and Post Injections plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.3.0.
network
low complexity
satollo
CWE-94
7.2
7.2
«
Previous
1
2
...
16
17
18
(current)
19
20
...
6692
6693
»
Next