Lucene search
K

363761 matches found

NVD
NVD
•added 2026/06/17 1:19 p.m.•8 views

CVE-2025-69124

Unauthenticated Local File Inclusion in Especio = 1.0 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2025-69122

Unauthenticated PHP Object Injection in SeaFood Company = 1.4 versions...

9.8CVSS0.00525EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•10 views

CVE-2025-69131

Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site = 1.0.7 versions...

7.5CVSS0.00467EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2025-69117

Unauthenticated Local File Inclusion in Ingenioso = 1.14.0 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•9 views

CVE-2025-69112

Unauthenticated Local File Inclusion in Planty = 1.14.0 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2025-69114

Unauthenticated Local File Inclusion in MaxiNet = 1.2.10 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2025-69118

Unauthenticated Local File Inclusion in CopyPress = 1.4.5 versions...

8.1CVSS0.00348EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2025-69113

Unauthenticated Local File Inclusion in Nexio = 1.10.0 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•8 views

CVE-2025-69119

Unauthenticated Local File Inclusion in Corbesier = 1.15.0 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•9 views

CVE-2025-69116

Unauthenticated Local File Inclusion in Iona = 1.0.8 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2025-69109

Unauthenticated Local File Inclusion in Raider Spirit = 1.1.2 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•8 views

CVE-2025-69103

Subscriber Arbitrary Content Deletion in Brikk = 3.0.0 versions...

7.5CVSS0.00407EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2025-69104

Unauthenticated Cross Site Scripting XSS in Qreatix = 1.9.4 versions...

7.1CVSS0.00237EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2025-69105

Unauthenticated Local File Inclusion in Modernee = 1.6.0 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2025-69107

Unauthenticated Local File Inclusion in Rosaleen = 2.8 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2025-69110

Unauthenticated Local File Inclusion in AirSupply = 2.0.0 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•13 views

CVE-2025-69108

Unauthenticated PHP Object Injection in Hot Coffee = 1.7 versions...

9.8CVSS0.00525EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•9 views

CVE-2025-59872

HCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability, If the server is configured to execute code, then it may be possible to obtain command execution on the server by uploading a file known as a web shell, which allows you to execute arbitrary code or operating system command...

9.8CVSS0.00454EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2025-60205

Unauthenticated PHP Object Injection in ThemeREX Addons = 2.36.1.1 versions...

9.8CVSS0.00525EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•8 views

CVE-2025-59563

Subscriber Privilege Escalation in Sonaar = 4.27.4 versions...

8.8CVSS0.00378EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2025-60085

Unauthenticated Local File Inclusion in Learnify = 1.15.0 versions...

8.1CVSS0.00423EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2025-60218

Subscriber Arbitrary File Upload in PT Luxa Addons = 1.2.2 versions...

9.9CVSS0.00447EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•9 views

CVE-2025-60223

Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot = 13.6.5 versions...

7.7CVSS0.0045EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2025-62340

HCL iControl was affected by Inadequate Session Timeout vulnerability. The vulnerability involves a security risk where a web application fails to automatically terminate user sessions after a period of inactivity...

5.3CVSS0.00204EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•9 views

CVE-2025-49403

Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress = 3.0.2 versions...

7.5CVSS0.00294EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2025-58952

Unauthenticated Local File Inclusion in Neuronet 1.14.0 versions...

8.1CVSS0.00338EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2025-58953

Unauthenticated Local File Inclusion in Joly = 1.22.0 versions...

8.1CVSS0.00423EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2025-59560

Unauthenticated Cross Site Scripting XSS in Sonaar = 4.27.4 versions...

7.1CVSS0.0023EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•8 views

CVE-2025-58924

Unauthenticated Local File Inclusion in Geya = 1.15 versions...

8.1CVSS0.00435EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•9 views

CVE-2025-48640

In multiple locations, there is a possible 3rd party passkey entry pairing approval due to a missing permission check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8CVSS0.00094EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•10 views

CVE-2025-48643

In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00084EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2025-58954

Unauthenticated Local File Inclusion in HomeRoofer = 2.11.0 versions...

8.1CVSS0.00423EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2025-15641

Netskope was notified about a potential gap in its Netskope Client for Windows systems where a malicious insider with administrative privileges can potentially tamper with the customer IOCTL by sending crafted IOCTL requests to the driver. A successful exploit can result in the bypassing of all...

6.8CVSS0.00163EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•5 views

CVE-2025-31013

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themify Folo allows Reflected XSS. This issue affects Themify Folo: from n/a through 1.9.6...

7.1CVSS0.00146EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•9 views

CVE-2025-15642

Netskope is notified about a potential gap in its Netskoped Client for Windows systems where a malicious insider with admin privileges can lead to bypassing the NSClient Tamper Protections due to weak Discretionary Access Control List DACLs on the service object and related registry keys,. Produc...

6.8CVSS0.00143EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2025-48571

In multiple functions of btmsec.cc, there is a possible way for an attacker to intercept SMS messages due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

4.3CVSS0.00191EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•8 views

CVE-2025-48617

In overrideConfig of CarrierConfigLoader.java, there is a possible way to bypass UID check due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00077EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2024-34810

Cross-Site request forgery CSRF vulnerability in Extend Themes Skyline WP allows Cross Site Request Forgery. This issue affects Skyline WP: from n/a through 1.0.10...

4.3CVSS0.00117EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•5 views

CVE-2024-37210

Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AliNext: from n/a through 3.3.5...

6.5CVSS0.00269EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2024-37496

Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Metro Magazine: from n/a through 1.3.7...

4.3CVSS0.00208EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2024-49269

Unauthenticated Cross Site Scripting XSS in my flatonica = 0.0.8 versions...

7.1CVSS0.00241EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•5 views

CVE-2024-52488

Subscriber Arbitrary File Upload in Grip = 1.0.9 versions...

9.9CVSS0.00471EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2024-35690

Insertion of sensitive information into sent data vulnerability in MarketingFire Widget Options allows Retrieve Embedded Sensitive Data. This issue affects Widget Options: from n/a through 4.0.1...

6.5CVSS0.00294EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•5 views

CVE-2024-35648

Cross-Site request forgery CSRF vulnerability in Andy Moyle Emergency Password Reset allows Cross Site Request Forgery. This issue affects Emergency Password Reset: from n/a through 8.0...

4.3CVSS0.00127EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•6 views

CVE-2024-33909

Missing Authorization vulnerability in Avirtum iPages Flipbook allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects iPages Flipbook: from n/a through 1.5.1...

5.3CVSS0.00249EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•9 views

CVE-2024-32729

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QuantumCloud Conversational Forms for ChatBot allows Path Traversal. This issue affects Conversational Forms for ChatBot: from n/a through 1.1.8...

7.5CVSS0.0043EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•5 views

CVE-2024-33685

Missing Authorization vulnerability in Jegstudio Startupzy startupzy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Startupzy: from n/a through 1.1.1...

4.3CVSS0.00155EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2024-31435

: Missing Authorization vulnerability in Inisev Social Media & Share Icons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Social Media & Share Icons: from n/a through 2.8.6...

4.3CVSS0.00208EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•15 views

CVE-2024-32949

Missing Authorization vulnerability in Prince Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Integrate Google Drive: from n/a through 1.3.8...

8.3CVSS0.00293EPSS
Exploits0References1
NVD
NVD
•added 2026/06/17 1:19 p.m.•7 views

CVE-2024-24709

Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shareaholic: from n/a through 9.7.11...

4.3CVSS0.00192EPSS
Exploits0References1
Total number of security vulnerabilities363761