8.7
CVE-2025-30002 -
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to rβ¦
8.7
CVE-2025-29905 -
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'RestoreFromBackup' method. This could allow an authenticated remote attacker to bypass authorization controls, to read fromβ¦
9.3
CVE-2025-27540 -
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'Authenticate' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from anβ¦
9.3
CVE-2025-27539 -
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'VerifyUser' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from and β¦
9.3
CVE-2025-27495 -
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'CreateTrace' method. This could allow an unauthenticated remote attacker to bypass authorization controls, to read from andβ¦
4.3
CVE-2025-39472 - WordPress WooCommerce Social Login plugin <= 2.8.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in WPWeb WooCommerce Social Login allows Cross Site Request Forgery.This issue affects WooCommerce Social Login: from n/a through 2.8.2.
6.5
CVE-2025-22872 - Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content followβ¦
5.9
CVE-2025-3739 - Drupal 8 Google Optimize Hide Page - Critical - Unsupported - SA-CONTRIB-2025-040
Vulnerability in Drupal Drupal 8 Google Optimize Hide Page.This issue affects Drupal 8 Google Optimize Hide Page: *.*.
5.9
CVE-2025-3738 - Google Optimize - Critical - Unsupported - SA-CONTRIB-2025-039
Vulnerability in Drupal Google Optimize.This issue affects Google Optimize: *.*.
5.9
CVE-2025-3737 - Google Maps: Store Locator - Critical - Unsupported - SA-CONTRIB-2025-038
Vulnerability in Drupal Google Maps: Store Locator.This issue affects Google Maps: Store Locator: *.*.