CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Patchstack•added 2025/12/31 12:0 a.m.•4 views

WordPress WP jQuery DataTable plugin <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP jQuery DataTable versions = 4.0.1...

6.4CVSS5.4AI score0.0031EPSS

Exploits0References1Affected Software1

6.5CVSS8.4AI score0.0003EPSS

Advantech WebAccess/VPN AjaxDeviceController.ajaxDeviceAction function SQL injection vulnerability

Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a SQL injection...

CNVD•added 2025/11/11 12:0 a.m.•2 views

Advantech WebAccess/VPN AjaxPrevalidationController.ajaxAction Function SQL Injection Vulnerability

6.5CVSS8.3AI score0.00031EPSS

6.5CVSS8.4AI score0.0003EPSS

Advantech WebAccess/VPN AjaxFwRulesController.ajaxNetworkFwRulesAction function SQL injection vulnerability

8.6CVSS8.3AI score0.0003EPSS

Advantech WebAccess/VPN AppManagementController.appUpgradeAction function SQL injection vulnerability

6.5CVSS8.4AI score0.0003EPSS

Advantech WebAccess/VPN AjaxStandaloneVpnClientsController.ajaxAction function SQL injection vulnerability

8.6CVSS8.4AI score0.0003EPSS

Advantech WebAccess/VPN AjaxNetworkController.ajaxAction Function SQL Injection Vulnerability

RedhatCVE•added 2025/11/07 7:58 p.m.•3 views

CVE-2025-34241

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxDeviceController.ajaxDeviceAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

6.5CVSS7.6AI score0.0003EPSS

RedhatCVE•added 2025/11/07 7:58 p.m.•2 views

CVE-2025-34242

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxNetworkController.ajaxAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

8.6CVSS7.6AI score0.0003EPSS

RedhatCVE•added 2025/11/07 7:58 p.m.•2 views

CVE-2025-34240

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AppManagementController.appUpgradeAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

8.6CVSS7.6AI score0.0003EPSS

OSV•added 2025/11/06 8:15 p.m.•2 views

CVE-2025-34247

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in NetworksController.addNetworkAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

6.5CVSS5.8AI score0.00034EPSS

OSV•added 2025/11/06 8:15 p.m.•0 views

CVE-2025-34241

6.5CVSS5.8AI score0.0003EPSS

OSV•added 2025/11/06 8:15 p.m.•1 views

CVE-2025-34246

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxPrevalidationController.ajaxAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

6.5CVSS5.8AI score

NVD•added 2025/11/06 8:15 p.m.•2 views

CVE-2025-34246

6.5CVSS0.00031EPSS

OSV•added 2025/11/06 8:15 p.m.•1 views

CVE-2025-34245

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxStandaloneVpnClientsController.ajaxAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

6.5CVSS5.8AI score0.0003EPSS

NVD•added 2025/11/06 8:15 p.m.•1 views

CVE-2025-34241

6.5CVSS0.0003EPSS

OSV•added 2025/11/06 8:15 p.m.•2 views

CVE-2025-34242

6.5CVSS5.8AI score

Vulnrichment•added 2025/11/06 7:47 p.m.•2 views

CVE-2025-34244 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxFwRulesController.ajaxDeviceFwRulesAction()

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxFwRulesController.ajaxDeviceFwRulesAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

5.3CVSS7.2AI score0.0003EPSS