3.8

CVSS3.1

CVE-2025-25878 -

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /del.php. The attack can use SQL injection to obtain sensitive data.

πŸ“… Published: Feb. 21, 2025, midnight πŸ”„ Last Modified: April 7, 2025, 3:04 p.m.

6.4

CVSS3.1

CVE-2025-25875 -

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /message.php. The attack can use SQL injection to obtain sensitive data.

πŸ“… Published: Feb. 21, 2025, midnight πŸ”„ Last Modified: March 28, 2025, 6:45 p.m.

6.5

CVSS3.1

CVE-2025-25604 -

Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the vif_disable function in mtkwifi.lua.

πŸ“… Published: Feb. 21, 2025, midnight πŸ”„ Last Modified: April 4, 2025, 3:30 p.m.

3.8

CVSS3.1

CVE-2025-25877 -

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /admin.php. The attack can use SQL injection to obtain sensitive data.

πŸ“… Published: Feb. 21, 2025, midnight πŸ”„ Last Modified: April 11, 2025, 7:16 p.m.

6.5

CVSS3.1

CVE-2025-25510 -

Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the get_parentControl_list_Info function.

πŸ“… Published: Feb. 21, 2025, midnight πŸ”„ Last Modified: April 10, 2025, 1:36 p.m.

8.4

CVSS4.0

CVE-2025-27088 - Reflected Cross-site Scripting (XSS) in template implementation in oxyno-zeta/s3-proxy

oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted…

πŸ“… Published: Feb. 20, 2025, 10:33 p.m. πŸ”„ Last Modified: May 20, 2025, 4:47 p.m.

5.1

CVSS4.0

CVE-2025-27097 - Cache variables with the operations when transforms exist on the root level even if variables chang…

GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. When a user transforms on the root level or single source with transfo…

πŸ“… Published: Feb. 20, 2025, 8:15 p.m. πŸ”„ Last Modified: Feb. 27, 2025, 8:18 p.m.

5.8

CVSS3.1

CVE-2025-27098 - Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTT…

GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. Missing check vulnerability in the static file handler allows any clie…

πŸ“… Published: Feb. 20, 2025, 8:13 p.m. πŸ”„ Last Modified: Feb. 27, 2025, 8:18 p.m.

2.3

CVSS4.0

CVE-2025-25299 - Cross-site scripting (XSS) in the real-time collaboration package

CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. During a recent internal audit, a Cross-Site Scripting (XSS) vulnerability was discovered in the CKEditor 5 real-time collaboration package. This vulnerability affects user markers, which represent users' positions within …

πŸ“… Published: Feb. 20, 2025, 7:23 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2025-24893 - Remote code execution as guest via SolrSearchMacros request in xwiki

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduc…

πŸ“… Published: Feb. 20, 2025, 7:19 p.m. πŸ”„ Last Modified: Feb. 26, 2026, 7:08 p.m.
Total resulsts: 346087
Page 6360 of 34,609
Β« previous page Β» next page
Filters