CVE-2023-45055

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in InspireUI MStore API allows SQL Injection.This issue affects MStore API: from n/a through 4.0.6...

CVE-2020-10626

In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code...

CVE-2024-34310

Jin Fang Times Content Management System v3.2.3 was discovered to contain a SQL injection vulnerability via the id parameter...

CVE-2024-34909

An arbitrary file upload vulnerability in KYKMS v1.0.1 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...

CVE-2025-23766

Missing Authorization vulnerability in ashamil OPSI Israel Domestic Shipments woo-ups-pickup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OPSI Israel Domestic Shipments: from n/a through = 2.8.2...

CVE-2025-23529

Missing Authorization vulnerability in blokhauswp Minterpress minterpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Minterpress: from n/a through = 1.0.5...

CVE-2021-22532

Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000...

CVE-2021-22190

A path traversal vulnerability via the GitLab Workhorse in all versions of GitLab could result in the leakage of a JWT token...

CVE-2021-22224

A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim...

CVE-2025-23609

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Helle1 Tagesteller tagesteller allows Reflected XSS.This issue affects Tagesteller: from n/a through = v.1.1...

CVE-2025-23582

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Haider Ali Bulk Categories Assign bulk-categories-assign allows Reflected XSS.This issue affects Bulk Categories Assign: from n/a through = 1.0...

CVE-2025-23614

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in niksudan WordPress Additional Logins wp-additional-logins allows Reflected XSS.This issue affects WordPress Additional Logins: from n/a through = 1.0.0...

CVE-2025-23524

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dactum ClickBank Storefront mycbgenie-clickbank-storefront allows Reflected XSS.This issue affects ClickBank Storefront: from n/a through = 1.7...

CVE-2025-23748

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Singsys Singsys -Awesome Gallery awesome-gallery-singsys allows Reflected XSS.This issue affects Singsys -Awesome Gallery: from n/a through = 1.0...

CVE-2025-23628

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NewMediaOne GeoDigs geodigs allows Reflected XSS.This issue affects GeoDigs: from n/a through = 3.4.1...

CVE-2025-23888

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GrandSlambert Custom Page Extensions custom-page-extensions allows Reflected XSS.This issue affects Custom Page Extensions: from n/a through = 0.6...

CVE-2025-23723

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hdw player Plestar Directory Listing plestar-directory-listing allows Reflected XSS.This issue affects Plestar Directory Listing: from n/a through = 1.0...

CVE-2025-23660

Cross-Site Request Forgery CSRF vulnerability in waltercerrudo MFPlugin mfplugin allows Stored XSS.This issue affects MFPlugin: from n/a through = 1.3...

CVE-2025-23758

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pootlepress Pootle button pootle-button allows Reflected XSS.This issue affects Pootle button: from n/a through = 1.2.0...

CVE-2025-23473

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Punit Bhalodiya Killer Theme Options killer-theme-options allows Reflected XSS.This issue affects Killer Theme Options: from n/a through = 2.0...