544 matches found
PT-2025-22664 · Unknown · Phpgurukul Medical Card Generation System
Name of the Vulnerable Software and Affected Versions: PHPGURUKUL Medical Card Generation System version 1.0 Description: The issue concerns stored cross-site scripting XSS vulnerabilities in the /mcgs/admin/contactus.php component. Attackers can execute arbitrary web scripts or HTML by injecting...
CVE-2021-32467
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS Wi-Fi Protected Setup protocol. Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read...
CVE-2013-1844
Cross-site scripting XSS vulnerability in Piwik before 1.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-4551
Use-after-free vulnerability in libunity-webapps before 2.4.1 allows remote attackers to cause a denial of service memory corruption and crash and possibly execute arbitrary code via a crafted web site, related to "certain hash tables."...
CVE-2025-5059
The CVE-2025-5059 entry concerns Campcodes Online Shopping Portal 1.0. The vulnerability resides in the admin/edit-subcategory.php handler, where manipulating the arguments productimage1, productimage2, or productimage3 enables unrestricted file uploads. Exploitation is possible remotely, and mul...
PT-2025-22498 · Ubtech +1 · Freepass +1
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to an observable discrepancy, which may allow for information disclosure. No specific details about affected devices or real-world incidents are provided. Recommendation...
PT-2025-22324 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue concerns a remote code execution problem. However, the provided information does not specify the details of the issue, such as the estimated number of potentially affected devices...
PT-2025-22036 · Unknown · 1000 Projects Daily College Class Work Report Book
Name of the Vulnerable Software and Affected Versions: 1000 Projects Daily College Class Work Report Book version 1.0 Description: A critical issue has been found in the software, affecting the processing of the file /admin info.php. The manipulation of the batch argument leads to SQL injection...
CVE-2025-48134
Deserialization of Untrusted Data vulnerability in ShapedPlugin LLC WP Tabs wp-expand-tabs-free allows Object Injection.This issue affects WP Tabs: from n/a through = 2.2.12...
PT-2025-21152 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: General information about the issue is not available. No details about real-world incidents or technical aspects of the issue are provided. Recommendations: At the moment, there is no...
PT-2025-21138 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is being actively exploited. No further details are available about the nature of the issue or its potential impact. Recommendations: At the moment, there is no information about a...
Microsoft Excel 2016 Multiple Vulnerabilities (KB5002717)
This host is missing an important security update according to Microsoft KB5002717 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
GHSA-H4J7-5RXR-P4WC Microsoft.Build.Tasks.Core .NET Spoofing Vulnerability
Microsoft Security Advisory CVE-2025-26646: .NET Spoofing Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0.xxx and .NET 8.0.xxx SDK. This advisory also provides guidance on what developers can do to update their...
PT-2025-20892 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: General information about the issue is not available. No details are provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue wa...
CVE-2025-47684
Cross-Site Request Forgery CSRF vulnerability in Smaily Smaily for WP smaily-for-wp allows Cross Site Request Forgery.This issue affects Smaily for WP: from n/a through = 3.1.7...
PT-2025-20328 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A cross-site request forgery issue was reported, but the candidate was issued in error. All references and descriptions have been removed to prevent accidental usage. Recommendations: At the...
PT-2025-20199 · Unknown · Fernando Briano List Category Posts
Name of the Vulnerable Software and Affected Versions: Fernando Briano List category posts versions 0.90.3 and earlier Description: The issue is a Path Traversal vulnerability that allows PHP Local File Inclusion. This vulnerability enables an attacker to access and potentially execute local file...
PT-2025-20234 · Graylog · Graylog
Name of the Vulnerable Software and Affected Versions: Graylog versions prior to 6.0.14 Graylog versions prior to 6.1.10 Graylog versions prior to 6.2.0 Description: The issue allows an attacker to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation...
PT-2025-19999 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: General information about the issue is not explicitly mentioned. No details are provided about the estimated number of potentially affected devices worldwide or real-world incidents where th...
PT-2025-20005 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: General information about the issue is not available. No details are provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue wa...