Sort by: Updated/Published

Filtred: Only with CWE
Risk Topic & Details
2025-06-02
Med.
ABB Cylon Aspect 3.08.03 Guest2Root Privilege Escalation
 CWE Remote Gjoko 'LiquidWorm...
2025-05-29
Med.
Campcodes Online Hospital Management System 1.0 SQL Injection
 CVE CWE Remote Carine Constantino
2025-05-27
Med.
EMBRYO CMS by Pyxis Studio - Authenticated SQL Injection on www.embryohotel.com
 CWE Remote 0x6ick
2025-05-24
Low
Casdoor 1.901.0 Cross-Site Request Forgery (CSRF)
 CWE Remote Van Lam Nguyen
Low
SIAKAD STEKOM - Stored XSS Vulnerability(Login Page)
 CWE Remote 0x6ick
2025-05-19
Low
Tiiwee X1 Alarm System Replay Attack
 CWE Remote Sebastian
2025-05-16
High
DiskBoss Enterprise 7.4.28 Remote Buffer Overflow
 CWE Remote Fernando Mengali
2025-05-13
High
TP-Link VN020 F3v(T) TT_V6.2.1021) DHCP Stack Buffer Overflow
 CVE CWE Remote Mohamed Maatallah
2025-05-09
High
Ruckus IoT Controller 1.7.1.0 Undocumented Backdoor Account
 CVE CWE Remote korelogic
2025-05-06
Low
ERPNext 14.82.1 Account Takeover via Cross-Site Request Forgery (CSRF)
 CVE CWE Remote Ahmed Thaiban
2025-05-05
Low
KodExplorer 4.52 Open Redirect
 CWE Remote Rahad Chowdhury
2025-05-01
Med.
Inventio Lite 4 SQL Injection
 CVE CWE Remote pointedsec
Med.
Zabbix 7.0.0 SQL Injection
 CVE CWE Remote Leandro Dias Barata
Med.
Smart Manager 8.27.0 Post-Authenticated SQL Injection
 CVE CWE Remote xbz0n
2025-04-24
Med.
KiviCare Clinic & Patient Management System 3.6.4 Unauthenticated SQL Injection
 CVE CWE Remote  Gözet
2025-04-22
High
TP-Link VN020 F3v(T) TT_V6.2.1021 Buffer Overflow Memory Corruption
 CVE CWE Remote Mohamed Maatallah
Med.
NagVis 1.9.33 Arbitrary File Read
 CVE CWE Remote xerosec
2025-04-16
Low
CodeAstro Online Railway Reservation System 1.0 Cross Site Scripting (XSS)
 CVE CWE Remote Raj Nandi
2025-04-15
Med.
Gnuboard5 5.3.2.8 SQL Injection
 CVE CWE Remote CodeSecLab
Med.
IBMi Navigator 7.5 HTTP Security Token Bypass
 CVE CWE Remote hyp3rlinx
High
GestioIP 3.5.7 Remote Command Execution (RCE)
 CVE CWE Remote m4xth0r
2025-04-10
Med.
Feng Office 3.11.1.2 SQL Injection
 CWE Remote Andrey Stoykov
2025-04-09
Low
PZ Frontend Manager WordPress Plugin 1.0.5 Cross Site Request Forgery (CSRF)
 CWE Remote Vuln Seeker Cybersecur...
2025-04-06
Low
Exclusive Addons for Elementor 2.6.9 Stored Cross-Site Scripting
 CVE CWE Remote Wordfence Security Tea...
Low
Gitea 1.22.0 Stored XSS
 CVE CWE Remote Catalin Iovita
High
Royal Elementor Addons and Templates 1.3.78 Unauthenticated Arbitrary File Upload
 CVE CWE Remote Sheikh Mohammad Hasan
Low
Reservit Hotel 2.1 Stored Cross-Site Scripting (XSS)
 CVE CWE Remote Ilteris Kaan Pehlivan
2025-04-01
Low
Zoltrix Modem - 'tools_admin_1' Cross site request forgery
 CWE Remote Amir Hossein Jamshidi
2025-03-25
Med.
Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change (Unauthenticated)
 CWE Remote Amir Hossein Jamshidi
Med.
AEGON LIFE v1.0 Life Insurance Management System SQL injection vulnerability.
 CVE CWE Remote Aslam Anwar Mahimkar
2025-03-22
Med.
TeamPass 3.0.0.21 SQL Injection
 CVE CWE Remote Max Meyer
Med.
Jasmin Ransomware SQL Injection Login Bypass
 CWE Remote Buğra Enis Dönmez
2025-03-10
Med.
JUX Real Estate 3.4.0 - SQL Injection
 CVE CWE Remote CraCkEr
Low
JUX Real Estate 3.4.0 - Multiple RXSS
 CVE CWE Remote CraCkEr
2025-02-27
Med.
Library-Card-System V 1.0 | Add Picture/Signature - signup.php | Unrestricted File Upload | Found By Maloy Roy Orko
 CVE CWE Remote Maloy Roy Orko
Med.
Needyamin | Library-Card-System 1.0 | card.php?id= SQL Injection | Found By Maloy Roy Orko
 CVE CWE Remote Maloy Roy Orko
2025-02-24
Low
needyamin Library Card System Registration Page signup.php cross site scripting
 CVE CWE Remote Maloy Roy Orko
Low
Image_Gallery | Add Gallery- admin/gallery.php | Unrestricted File Upload | Found By Maloy Roy Orko
 CVE CWE Remote Maloy Roy Orko
Low
Image_Gallery | view.php?username= | Cross Site Scripting (Reflected XSS) | Found By Maloy Roy Orko
 CVE CWE Remote Maloy Roy Orko
Med.
Library-Card-System | SQL Injection Admin Login Bypass In admin.php | Found By Maloy Roy Orko
 CVE CWE Remote Maloy Roy Orko
2025-01-25
Med.
Iranian Cyber Police "FATA.GOV.IR" has an SQL Injection vulnerability
 CWE Remote E1.Coders
2025-01-14
Low
FSB: FOR and AGAINST XSS Vulnerability
 CVE CWE Remote 0x01369
2025-01-12
Med.
Ecommerce-PHP-kurniaramadhan-1.0- Stored Cross Site Scripting
 CVE CWE Remote Maloy Roy Orko
2025-01-05
Low
VULNERABILITY: Website Iranian goverment admin find and Automatic Bypassing 0day attacker
 CWE Remote E1.Coders
2025-01-02
Low
Sysax Multi Server 6.99 Cross Site Scripting
 CWE Remote Yehia Elghaly
High
CyberPanel upgrademysqlstatus Arbitrary Command Execution
 CWE Remote Cyber
2024-12-18
Med.
Laravel 11.0 Cross Site Scripting
 CWE Remote E1.Coders
2024-12-10
Low
SEH utnserver Pro 20.1.22 Cross Site Scripting
 CVE CWE Remote P. Riedl
2024-12-09
Low
Omada Identity Cross Site Scripting
 CVE CWE Remote Daniel Hirschberger
2024-12-05
High
Siemens Unlocked JTAG Interface / Buffer Overflow
 CVE CWE Local Stefan Viehboeck
Med.
Convoy CMS SQL injection 24.5
 CVE CWE Remote E1.Coders
2024-12-03
Low
Russian FSB Cross Site Scripting
 CWE Local E1.Coders
2024-11-28
Med.
needrestart Local Privilege Escalation
 CVE CWE Local Qualys Security Adviso...
2024-11-25
Med.
Linux 6.6 Race Condition
 CVE CWE Local Jann Horn
Low
fronsetia 1.1 Cross Site Scripting
 CWE Remote Andrey Stoykov
Med.
Korenix JetPort 5601 1.2 Path Traversal
 CVE CWE Remote Hierzer
2024-11-17
Low
Calibre-web 0.6.21 Stored XSS
 CVE CWE Remote Pentest-Tools
2024-11-14
Med.
TX Text Control .NET Server For ASP.NET Arbitrary File Read / Write
 CWE Local Filip Palian
Med.
Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download
 CVE CWE Local Andreas Kolbeck
2024-11-12
Med.
TestRail CLI FieldsParser eval Injection
 CWE Remote Devin
Copyright 2025, cxsecurity.com

 

Back to Top