Skip to main content
CVE-2025-0199 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in code-projects Point of Sales and Inventory Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Point Of Sales And Inventory Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2024-55897 MEDIUM Monitor

IBM PowerHA SystemMirror for i 7.4 and 7.5 does not set the secure attribute on authorization tokens or session cookies. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Powerha System Mirror
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-55896 MEDIUM This Month

IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass IBM
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-12237 MEDIUM Monitor

The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.15 via the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-22376 MEDIUM This Month

In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Red Hat Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-0198 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in code-projects Point of Sales and Inventory Management System 1.0.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Point Of Sales And Inventory Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2024-56332 MEDIUM PATCH This Month

Next.js is a React framework for building full-stack web applications. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Red Hat Next.js Vercel
NVD GitHub
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-0197 MEDIUM POC This Month

A vulnerability classified as critical was found in code-projects Point of Sales and Inventory Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Point Of Sales And Inventory Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-0196 MEDIUM POC This Month

A vulnerability classified as critical has been found in code-projects Point of Sales and Inventory Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Point Of Sales And Inventory Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-0195 MEDIUM POC This Month

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Point Of Sales And Inventory Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2024-56412 MEDIUM POC PATCH Monitor

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Phpspreadsheet
NVD GitHub
CVSS 4.0
4.8
EPSS
0.3%
CVE-2024-56411 MEDIUM POC PATCH Monitor

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Phpspreadsheet
NVD GitHub
CVSS 4.0
4.8
EPSS
0.9%
CVE-2024-56410 MEDIUM POC PATCH Monitor

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Phpspreadsheet
NVD GitHub
CVSS 4.0
4.8
EPSS
0.7%
CVE-2024-36613 MEDIUM PATCH This Month

FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Ffmpeg Red Hat Suse
NVD GitHub
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-21610 MEDIUM PATCH This Month

Trix is a what-you-see-is-what-you-get rich text editor for everyday writing. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

XSS
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-56514 MEDIUM PATCH This Month

Karmada is a Kubernetes management system that allows users to run cloud-native applications across multiple Kubernetes clusters and clouds. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Path Traversal Suse
NVD GitHub
CVSS 4.0
5.3
EPSS
0.2%
CVE-2024-5591 MEDIUM Monitor

IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Jazz Foundation
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-41780 MEDIUM Monitor

IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could could allow a physical user to obtain sensitive information due to not masking passwords during entry. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.

IBM Information Disclosure Jazz Foundation
NVD
CVSS 3.1
4.2
EPSS
0.1%
CVE-2024-12132 MEDIUM PATCH Monitor

The WP Job Portal - A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass WordPress Wp Job Portal
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2024-53839 MEDIUM This Month

In GetCellInfoList() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-53836 MEDIUM This Month

In wbrc_bt_dev_write of wb_regon_coordinator.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-0176 MEDIUM POC This Month

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Point Of Sales And Inventory Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-0175 MEDIUM POC This Month

A vulnerability was found in code-projects Online Shop 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Shop
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-0174 MEDIUM POC This Month

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Point Of Sales And Inventory Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy