CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2025-46192 SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_payment_update.php via the order_id POST parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-46191 Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management System 1.0 allows unauthenticated users to upload arbitrary files via the uploaded_file_cancelled field. D... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-46612 IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to forge JWT authentication information. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-22929 OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the filter_id parameter at /students/StudentFilters.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-38996 ag-grid-community v31.3.2 and ag-grid-enterprise v31.3.2 were discovered to contain a prototype pollution via the _.mergeDeep function. This vulnerability allows attackers to execute arbitrary code or... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-42797 An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-22926 An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-12442 EnerSys AMPA versions 24.04 through 24.16, inclusive, are vulnerable to command injection leading to privileged remote shell access. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11861 EnerSys AMPA 22.09 and prior versions are vulnerable to command injection leading to privileged remote shell access. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-46273 UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS managed devices. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-5488 The SEOPress WordPress plugin before 7.9 does not properly protect some of its REST API routes, which combined with another Object Injection vulnerability can allow unauthenticated attackers to unser... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-4403 The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.1.6 due to accepting a userβsupplied support... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-30355 OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /profile/updateProfile via the userId and email parameters. Authentication is required. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-46274 UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read, manipulate and create entries in the managed database. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-46275 WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could allow an attacker to create an administrator account without knowing any existing credentials. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-2253 The IMITHEMES Listing plugin is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.3. This is due to the plugin not properly validating a verification code... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11617 The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'zetra_languageUpload' and 'zetra_fontsUpload' functions in all versions up t... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-45018 A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execut... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-22928 OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the cp_id parameter at /modules/messages/Inbox.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-31585 Grocery-CMS-PHP-Restful-API v1.3 is vulnerable to File Upload via /admin/add-category.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-45798 A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112. The vulnerability is located in the setNoticeCfg interface within the /lib/cste_modules/system.so library, spec... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-45797 TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface o... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-40425 File Upload vulnerability in Nanjin Xingyuantu Technology Co Sparkshop (Spark Mall B2C Mall v.1.1.6 and before allows a remote attacker to execute arbitrary code via the contorller/common.php componen... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-40456 ThinkSAAS v3.7.0 was discovered to contain a SQL injection vulnerability via the name parameter at \system\action\update.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-45017 A SQL injection vulnerability was discovered in edit-ticket.php of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the tprice... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-26845 An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-40502 SQL injection vulnerability in Hospital Management System Project in ASP.Net MVC 1 allows aremote attacker to execute arbitrary code via the btn_login_b_Click function of the Loginpage.aspx | 9.8 | CRITICAL | β | 0 |
| CVE-2025-45841 TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-38909 Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-30392 Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-57684 An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-2470 The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job Board WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 5.1.... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-40482 An Unrestricted file upload vulnerability was found in "/Membership/edit_member.php" of Kashipara Live Membership System v1.0, which allows attackers to execute arbitrary code via uploading a crafted ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-40486 A SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email or password Login parame... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-22968 An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions | 9.8 | CRITICAL | β | 0 |
| CVE-2008-5038 Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of serv... | 9.8 | CRITICAL | β | 0 |
| CVE-2008-4835 SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed va... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-57235 NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-44192 SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_clearance. | 9.8 | CRITICAL | β | 0 |
| CVE-2008-3612 The Networking subsystem in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, uses predictable TCP initial sequence numbers, which allows remote attackers to spoof or hijack a TCP conn... | 9.8 | CRITICAL | β | 0 |
| CVE-2012-0911 TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) print... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-3481 The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, le... | 9.8 | CRITICAL | β | 0 |
| CVE-2006-5603 SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unk... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-40293 The application was vulnerable to a session fixation that could be used hijack accounts. | 9.8 | CRITICAL | β | 0 |
| CVE-2006-6024 Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudora WorldMail stack overflow" and (2) "Eudo... | 9.8 | CRITICAL | β | 0 |
| CVE-2006-4264 Multiple PHP remote file inclusion vulnerabilities in the lmtg_myhomepage Component (com_lmtg_myhomepage) for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_abso... | 9.8 | CRITICAL | β | 0 |
| CVE-2006-3136 Multiple PHP remote file inclusion vulnerabilities in Nucleus 3.23 allow remote attackers to execute arbitrary PHP code via a URL the DIR_LIBS parameter in (1) path/action.php, and to files in path/nu... | 9.8 | CRITICAL | β | 0 |
| CVE-2006-5610 PHP remote file inclusion vulnerability in player/includes/common.php in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40, allows remote attackers to execute arbitrary PHP code... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-40868 Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/ | 9.8 | CRITICAL | β | 0 |
| CVE-2006-5678 PHP remote file inclusion vulnerability in common/visiteurs/include/library.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other prod... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.