Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-04-03 CVE-2025-3139 A vulnerability was found in code-projects Bus Reservation System 1.0 and classified as critical.
local
low complexity
CWE-120
5.3
5.3
2025-04-03 CVE-2025-3134 A vulnerability classified as critical has been found in code-projects Payroll Management System 1.0.
network
low complexity
CWE-74
6.3
6.3
2025-04-02 CVE-2025-3123 A vulnerability, which was classified as critical, has been found in WonderCMS 3.5.0.
network
low complexity
CWE-434
4.7
4.7
2025-04-02 CVE-2025-3120 A vulnerability was found in SourceCodester Apartment Visitors Management System 1.0.
network
low complexity
CWE-74
6.3
6.3
2025-04-02 CVE-2025-20120 A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system.
network
low complexity
CWE-79
6.1
6.1
2025-04-02 CVE-2025-20203 A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system. The vulnerability exists because the web-based management interface does not properly validate user-supplied input.
network
low complexity
CWE-79
4.8
4.8
2025-04-02 CVE-2024-56474 IBM TXSeries for Multiplatforms 9.1 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
CWE-352
4.3
4.3
2025-04-02 CVE-2024-56475 IBM TXSeries for Multiplatforms 9.1 and 11.1 is vulnerable to cross-site scripting.
network
low complexity
CWE-79
5.4
5.4
2025-04-02 CVE-2024-56476 IBM TXSeries for Multiplatforms 9.1 and 11.1 could allow an attacker to enumerate usernames due to an observable login attempt response discrepancy.
network
low complexity
CWE-204
5.3
5.3
2025-04-02 CVE-2025-0154 IBM TXSeries for Multiplatforms 9.1 and 11.1 could disclose sensitive information to a remote attacker due to improper neutralization of HTTP headers.
network
low complexity
CWE-644
5.3
5.3