6.3

CVSS3.1

CVE-2020-36085 -

Stored Cross Site Scripting(XSS) vulnerability in Egavilan Media Resumes Management and Job Application Website 1.0 allows remote attackers to inject arbitrary code via First and Last Name in Apply For This Job Form.

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2024-36555 -

Built-in SMS-configuration command in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h and Forever KidsWatch Call Me 2 KW-60 R36CW_YDE_S4_A29_2_V1.0_2023.05.24_22.49.44_cob_b allows malicious users to change the device IMEI-number which allows for forging the identity…

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2024-36554 -

Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h and Forever KidsWatch Call Me KW-60 R36CW_YDE_S4_A29_2_V1.0_2023.05.24_22.49.44_cob_b allow a malicious user to gain information about the device by sending an SMS to the device which returns sensitive information.

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.3

CVSS3.1

CVE-2025-23094 -

The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager V11 R0.22.0 through V11 R0.22.1, V10 R1.54.0 through V10 R1.54.1, and V10 R1.42.6 and earlier could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A success…

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.6

CVSS3.1

CVE-2024-57609 -

An issue in Kanaries Inc Pygwalker before v.0.4.9.9 allows a remote attacker to obtain sensitive information and execute arbitrary code via the redirect_path parameter of the login redirection function.

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.3

CVSS3.1

CVE-2024-48589 -

Cross Site Scripting vulnerability in Gilnei Moraes phpABook v.0.9 allows a remote attacker to execute arbitrary code via the rol parameter in index.php

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-57610 -

A rate limiting issue in Sylius v2.0.2 allows a remote attacker to perform unrestricted brute-force attacks on user accounts, significantly increasing the risk of account compromise and denial of service for legitimate users. The Supplier's position is that the Sylius core software is not intended …

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: Sept. 19, 2025, 7:07 p.m.

8.1

CVSS3.1

CVE-2024-36553 -

Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h is vulnerable to MITM attack.

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.8

CVSS3.1

CVE-2024-57599 -

Cross Site Scripting vulnerability in DouPHP v.1.8 Release 20231203 allows attackers to execute arbitrary code via a crafted payload injected into the description parameter in /admin/article.php

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: July 3, 2025, 1:16 a.m.

9.8

CVSS3.1

CVE-2022-40916 -

Tiny File Manager v2.4.7 and below is vulnerable to session fixation.

πŸ“… Published: Feb. 6, 2025, midnight πŸ”„ Last Modified: Dec. 31, 2025, 7:40 p.m.
Total resulsts: 345362
Page 6450 of 34,537
Β« previous page Β» next page
Filters