5.1
CVE-2025-1612 - Edimax BR-6288ACL wireless5g_basic.asp cross site scripting
A vulnerability was found in Edimax BR-6288ACL 1.30. It has been declared as problematic. This vulnerability affects unknown code of the file wireless5g_basic.asp. The manipulation of the argument SSID leads to cross site scripting. The attack can be initiated remotely. The vendor was contacted earβ¦
8.5
CVE-2024-55898 - IBM i privilege escalation
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user with the capability to compile or restore a program to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege.
5.1
CVE-2025-1611 - ShopXO Template ThemeAdminService.php injection
A vulnerability was found in ShopXO up to 6.4.0. It has been classified as problematic. This affects an unknown part of the file app/service/ThemeAdminService.php of the component Template Handler. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit has β¦
5.3
CVE-2025-1610 - LB-LINK AC1900 Router set_blacklist websGetVar os command injection
A vulnerability was found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this issue is the function websGetVar of the file /goform/set_blacklist. The manipulation of the argument mac/enable leads to os command injection. The attack may be launched remotely. The exploit has bβ¦
5.3
CVE-2025-1609 - LB-LINK AC1900 Router set_cmd websGetVar os command injection
A vulnerability has been found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this vulnerability is the function websGetVar of the file /goform/set_cmd. The manipulation of the argument cmd leads to os command injection. The attack can be launched remotely. The exploit has bβ¦
5.3
CVE-2025-1608 - LB-LINK AC1900 Router set_manpwd websGetVar os command injection
A vulnerability, which was classified as critical, was found in LB-LINK AC1900 Router 1.0.2. Affected is the function websGetVar of the file /goform/set_manpwd. The manipulation of the argument routepwdΒ leads to os command injection. It is possible to launch the attack remotely. The exploit has beβ¦
5.3
CVE-2025-1607 - SourceCodester Best Employee Management System salary_slip.php authorization
A vulnerability, which was classified as problematic, has been found in SourceCodester Best Employee Management System 1.0. This issue affects some unknown processing of the file /admin/salary_slip.php. The manipulation of the argument id leads to authorization bypass. The attack may be initiated rβ¦
5.3
CVE-2025-1606 - SourceCodester Best Employee Management System backups.php information disclosure
A vulnerability classified as problematic was found in SourceCodester Best Employee Management System 1.0. This vulnerability affects unknown code of the file /admin/backup/backups.php. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been discβ¦
5.3
CVE-2025-1599 - SourceCodester Best Church Management Software profile_crud.php path traversal
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/app/profile_crud.php. The manipulation of the argument old_cat_img leads to path traversal: '../filedir'. The atβ¦
10
CVE-2025-27364 -
In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found in the dynamic agent (implant) compilation functionality of the server. This allows remote attackers to execute arbitrary code on the server that Caldera is running on via a crafted web reβ¦