6.9

CVSS4.0

CVE-2025-0847 - 1000 Projects Employee Task Management System Login index.php sql injection

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated remotel…

πŸ“… Published: Jan. 30, 2025, 1 a.m. πŸ”„ Last Modified: Feb. 4, 2025, 4:36 p.m.

6.9

CVSS4.0

CVE-2025-0846 - 1000 Projects Employee Task Management System AdminLogin.php sql injection

A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The expl…

πŸ“… Published: Jan. 30, 2025, midnight πŸ”„ Last Modified: Feb. 4, 2025, 4:49 p.m.

5.7

CVSS3.1

CVE-2024-55415 -

DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass.

πŸ“… Published: Jan. 30, 2025, midnight πŸ”„ Last Modified: May 23, 2025, 2:48 p.m.

4.3

CVSS3.1

CVE-2024-55417 -

DevDojo Voyager through version 1.8.0 is vulnerable to bypassing the file type verification when an authenticated user uploads a file via /admin/media/upload. An authenticated user can upload a web shell causing arbitrary code execution on the server.

πŸ“… Published: Jan. 30, 2025, midnight πŸ”„ Last Modified: Feb. 26, 2026, 7:08 p.m.

3.5

CVSS3.1

CVE-2024-55416 -

DevDojo Voyager through version 1.8.0 is vulnerable to reflected XSS via /admin/compass. By manipulating an authenticated user to click on a link, arbitrary Javascript can be executed.

πŸ“… Published: Jan. 30, 2025, midnight πŸ”„ Last Modified: May 23, 2025, 4:31 p.m.

6.5

CVSS3.1

CVE-2025-23367 - Org.wildfly.core:wildfly-server: wildfly improper rbac permission

A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor ro…

πŸ“… Published: Jan. 30, 2025, midnight πŸ”„ Last Modified: April 1, 2026, 1:29 p.m.

6.5

CVSS3.1

CVE-2024-53615 -

A command injection vulnerability in the video thumbnail rendering component of Karl Ward's files.gallery v0.3.0 through 0.11.0 allows remote attackers to execute arbitrary code via a crafted video file.

πŸ“… Published: Jan. 30, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.9

CVSS4.0

CVE-2025-0844 - needyamin Library Card System Registration Page signup.php cross site scripting

A vulnerability was found in needyamin Library Card System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file signup.php of the component Registration Page. The manipulation of the argument firstname/lastname/email/borrow/user_address le…

πŸ“… Published: Jan. 29, 2025, 11:31 p.m. πŸ”„ Last Modified: Feb. 4, 2025, 5:17 p.m.

8.2

CVSS3.1

CVE-2025-21396 - Microsoft Account Elevation of Privilege Vulnerability

Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network.

πŸ“… Published: Jan. 29, 2025, 11:07 p.m. πŸ”„ Last Modified: Feb. 26, 2026, 7:08 p.m.

6.9

CVSS4.0

CVE-2025-0843 - needyamin Library Card System Admin Panel admindashboard.php sql injection

A vulnerability was found in needyamin Library Card System 1.0. It has been classified as critical. Affected is an unknown function of the file admindashboard.php of the component Admin Panel. The manipulation of the argument email/password leads to sql injection. It is possible to launch the attac…

πŸ“… Published: Jan. 29, 2025, 11 p.m. πŸ”„ Last Modified: April 16, 2025, 11:19 a.m.
Total resulsts: 349182
Page 6915 of 34,919
Β« previous page Β» next page
Filters