Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-14 | CVE-2024-13641 | Unspecified vulnerability in Wpswings Return Refund and Exchange for Woocommerce The Return Refund and Exchange For WooCommerce – Return Management System, RMA Exchange, Wallet And Cancel Order Features plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.5 via the 'attachment' directory. | 7.5 |
| 2025-02-14 | CVE-2024-55904 | IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.9 could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially crafted input containing special elements. | 7.2 |
| 2025-02-13 | CVE-2025-22896 | Cleartext Storage of Sensitive Information vulnerability in Myscada Mypro mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information. | 7.5 |
| 2025-02-13 | CVE-2025-22480 | Link Following vulnerability in Dell Supportassist 3.2.0.90 Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. | 7.8 |
| 2025-02-13 | CVE-2025-25352 | SQL Injection vulnerability in PHPgurukul Land Record System 1.0 A SQL Injection vulnerability was found in /admin/aboutus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the pagetitle POST request parameter. | 7.2 |
| 2025-02-13 | CVE-2025-25354 | SQL Injection vulnerability in PHPgurukul Land Record System 1.0 A SQL Injection was found in /admin/admin-profile.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the contactnumber POST request parameter. | 7.2 |
| 2025-02-13 | CVE-2025-25355 | SQL Injection vulnerability in PHPgurukul Land Record System 1.0 A SQL Injection vulnerability was found in /admin/bwdates-reports-details.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the fromdate POST request parameter. | 7.2 |
| 2025-02-13 | CVE-2025-25356 | SQL Injection vulnerability in PHPgurukul Land Record System 1.0 A SQL Injection vulnerability was found in /admin/bwdates-reports-details.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the " todate" POST request parameter. | 7.2 |
| 2025-02-13 | CVE-2025-25357 | SQL Injection vulnerability in PHPgurukul Land Record System 1.0 A SQL Injection vulnerability was found in /admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the email POST request parameter. | 7.2 |
| 2025-02-13 | CVE-2025-25897 | Out-of-bounds Write vulnerability in Tp-Link Tl-Wr841Nd Firmware A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'ip' parameter at /userRpm/WanStaticIpV6CfgRpm.htm. | 7.5 |