5.1
CVE-2025-15174 - SohuTV CacheCloud AppManageController.java doAppAuditList cross site scripting
A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this vulnerability is the function doAppAuditList of the file src/main/java/com/sohu/cache/web/controller/AppManageController.java. Such manipulation leads to cross site scripting. The attack may be performed fβ¦
6.8
CVE-2025-15070 - Data Exposure in Gmission Web FAX
Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in Gmission Web Fax allows Authentication Abuse.This issue affects Web Fax: from 3.0 before 3.0.1
8.4
CVE-2025-15069 - Privilege Escalation in Gmission Web FAX
Improper Authentication vulnerability in Gmission Web Fax allows Privilege Escalation.This issue affects Web Fax: from 3.0 before 3.0.1
8.5
CVE-2025-15068 - Account Takeover in Gmission Web FAX
Missing Authorization vulnerability in Gmission Web Fax allows Authentication Abuse, Session Credential Falsification through Manipulation.This issue affects Web Fax: from 3.0 before 3.0.1
5.1
CVE-2025-15173 - SohuTV CacheCloud InstanceController.java advancedAnalysis cross site scripting
A weakness has been identified in SohuTV CacheCloud up to 3.2.0. Affected is the function advancedAnalysis of the file src/main/java/com/sohu/cache/web/controller/InstanceController.java. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit hβ¦
5.1
CVE-2025-15172 - SohuTV CacheCloud RedisConfigTemplateController.java preview cross site scripting
A security flaw has been discovered in SohuTV CacheCloud up to 3.2.0. This impacts the function preview of the file src/main/java/com/sohu/cache/web/controller/RedisConfigTemplateController.java. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has β¦
5.1
CVE-2025-15171 - SohuTV CacheCloud ServerController.java index cross site scripting
A vulnerability was identified in SohuTV CacheCloud up to 3.2.0. This affects the function index of the file src/main/java/com/sohu/cache/web/controller/ServerController.java. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly avaiβ¦
5.3
CVE-2025-15170 - Advaya Softech GEMS ERP Portal Error Message home.jsp cross site scripting
A security vulnerability has been detected in Advaya Softech GEMS ERP Portal up to 2.1. This affects an unknown part of the file /home.jsp?isError=true of the component Error Message Handler. The manipulation of the argument Message leads to cross site scripting. It is possible to initiate the attaβ¦
5.1
CVE-2025-15169 - BiggiDroid Simple PHP CMS editsite.php sql injection
A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unknown functionality of the file /admin/editsite.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made available β¦
6.9
CVE-2025-15168 - itsourcecode Student Management System statistical.php sql injection
A vulnerability was identified in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /statistical.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.