3.5

CVSS3.1

CVE-2025-51385 -

D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the yyxz_dlink_asp function via the id parameter.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 1, 2025, 7:36 p.m.

3.5

CVSS3.1

CVE-2025-51384 -

D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 4, 2025, 9 a.m.

7.3

CVSS3.1

CVE-2025-26064 -

A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 4, 2025, 3:06 p.m.

6.1

CVSS3.1

CVE-2025-50866 -

CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of the postquerypublic endpoint. Improper sanitization allows an attacker to inject arbitrary JavaScript code that executes in the context of the user s browser, potentially leading t…

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 6, 2025, 4:51 p.m.

8

CVSS3.1

CVE-2025-50849 -

CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR). The user profile functionality allows enabling or disabling stickers through a parameter (company_id) sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipul…

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 4, 2025, 9:13 a.m.

6.1

CVSS3.1

CVE-2025-50848 -

A file upload vulnerability was discovered in CS Cart 4.18.3, allows attackers to execute arbitrary code. CS Cart 4.18.3 allows unrestricted upload of HTML files, which are rendered directly in the browser when accessed. This allows an attacker to upload a crafted HTML file containing malicious con…

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 6, 2025, 4:35 p.m.

6.5

CVSS3.1

CVE-2025-50847 -

Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list via a crafted HTTP request.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 6, 2025, 4:36 p.m.

7.3

CVSS3.1

CVE-2025-45769 -

php-jwt v6.11.0 was discovered to contain weak encryption.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 4, 2025, 3:06 p.m.

6.1

CVSS3.1

CVE-2025-51569 -

A cross-site scripting (XSS) vulnerability exists in the LB-Link BL-CPE300M 01.01.02P42U14_06 router's web interface. The /goform/goform_get_cmd_process endpoint fails to sanitize user input in the cmd parameter before reflecting it into a text/html response. This allows unauthenticated attackers t…

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: July 31, 2025, 8:56 p.m.

6.1

CVSS3.1

CVE-2025-50270 -

A stored Cross Site Scripting (xss) vulnerability in the "content management" feature in AnQiCMS v.3.4.11 allows a remote attacker to execute arbitrary code via a crafted script to the title, categoryTitle, and tmpTag parameters.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: July 31, 2025, 8:15 p.m.
Total resulsts: 304604
Page 83 of 30,461
Β« previous page Β» next page
Filters