Skip to main content
CVE-2025-1226 MEDIUM POC This Month

A vulnerability was found in ywoa up to 2024.07.03. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Yimioa
NVD VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2024-12379 MEDIUM POC This Month

A denial of service vulnerability in GitLab CE/EE affecting all versions from 14.1 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to impact the availability of. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Gitlab Denial Of Service
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-57603 MEDIUM POC PATCH This Month

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ezbookkeeping Suse
NVD GitHub
CVSS 3.1
6.3
EPSS
0.4%
CVE-2024-57601 MEDIUM POC This Month

Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Easyappointments
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-25184 MEDIUM POC PATCH This Month

Rack provides an interface for developing web applications in Ruby. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Code Injection Rack Red Hat Suse
NVD GitHub
CVSS 4.0
5.7
EPSS
1.1%
CVE-2025-25741 MEDIUM POC This Month

D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the IPv6_PppoePassword parameter in the SetIPv6PppoeSettings module. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Buffer Overflow Stack Overflow Dir 853 Firmware
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-56939 MEDIUM POC This Month

LearnDash v6.7.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the ld-comment-body class. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Learndash
NVD GitHub
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-56938 MEDIUM POC This Month

LearnDash v6.7.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the materials-content class. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Learndash
NVD GitHub
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-57605 MEDIUM POC This Month

Cross Site Scripting vulnerability in Daylight Studio Fuel CMS v.1.5.2 allows an attacker to escalate privileges via the /fuel/blocks/ and /fuel/pages components. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Fuel Cms
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-1225 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03.java of the component WXCallBack Interface. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XXE Java Yimioa
NVD VulDB
CVSS 4.0
5.3
EPSS
0.3%
CVE-2025-1191 MEDIUM POC This Month

A vulnerability was found in SourceCodester Multi Restaurant Table Reservation System 1.0 and classified as critical.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Multi Restaurant Table Reservation System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-1184 MEDIUM POC This Month

A vulnerability was found in pihome-shc PiHome 1.77 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Maxair
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1214 MEDIUM POC This Month

A vulnerability classified as critical has been found in pihome-shc PiHome 2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Maxair
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1188 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Gym Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1224 MEDIUM POC This Month

A vulnerability classified as critical was found in ywoa up to 2024.07.03. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Yimioa
NVD VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1202 MEDIUM POC This Month

A vulnerability classified as critical has been found in SourceCodester Best Church Management Software 1.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Church Management Software
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1200 MEDIUM POC This Month

A vulnerability was found in SourceCodester Best Church Management Software 1.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Church Management Software
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1216 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in ywoa up to 2024.07.03.xml. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Yimioa
NVD VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1227 MEDIUM POC This Month

A vulnerability was found in ywoa up to 2024.07.03. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Yimioa
NVD VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1201 MEDIUM POC This Month

A vulnerability was found in SourceCodester Best Church Management Software 1.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Church Management Software
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1185 MEDIUM POC This Month

A vulnerability was found in pihome-shc PiHome 2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Maxair
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1199 MEDIUM POC This Month

A vulnerability was found in SourceCodester Best Church Management Software 1.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Church Management Software
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1189 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in 1000 Projects Attendance Tracking Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Attendance Tracking Management System Tenda
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1210 MEDIUM POC This Month

A vulnerability classified as critical was found in code-projects Wazifa System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wazifa System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1183 MEDIUM POC This Month

A vulnerability has been found in CodeZips Gym Management System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Gym Management System
NVD VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-1197 MEDIUM POC This Month

A vulnerability has been found in code-projects Real Estate Property Management System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Real Estate Property Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-1206 MEDIUM POC This Month

A vulnerability was found in Codezips Gym Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Gym Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-1190 MEDIUM POC This Month

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Job Recruitment
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.4%
CVE-2025-1195 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in code-projects Real Estate Property Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Real Estate Property Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.4%
CVE-2025-1209 MEDIUM POC This Month

A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Wazifa System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.4%
CVE-2025-1208 MEDIUM POC This Month

A vulnerability was found in code-projects Wazifa System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Wazifa System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.4%
CVE-2025-1196 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in code-projects Real Estate Property Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Real Estate Property Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-1213 MEDIUM POC This Month

A vulnerability was found in pihome-shc PiHome 1.77. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Maxair
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-1187 MEDIUM POC This Month

A vulnerability classified as critical was found in code-projects Police FIR Record Management System 1.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Police Fir Record Management System
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-0516 MEDIUM POC This Month

Improper Authorization in GitLab CE/EE affecting all versions from 17.7 prior to 17.7.4, 17.8 prior to 17.8.2 allow users with limited permissions to perform unauthorized actions on critical project. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Gitlab Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2024-9870 MEDIUM POC This Month

An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gitlab
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2024-54160 MEDIUM This Month

dashboards-reporting (aka Dashboards Reports) before 2.19.0.0, as shipped in OpenSearch before 2.19, allows XSS because Markdown is not sanitized when previewing a header or footer. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD GitHub
CVSS 3.1
6.4
EPSS
4.6%
CVE-2025-0109 MEDIUM This Month

An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Paloalto
NVD
CVSS 4.0
6.9
EPSS
0.1%
CVE-2024-32941 MEDIUM This Month

NULL pointer dereference for some Intel(R) MLC software before version v3.11b may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Intel Null Pointer Dereference Denial Of Service
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-26355 MEDIUM This Month

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive files via crafted. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Maxtime
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2024-0144 MEDIUM This Month

NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow issue by means of a specially crafted JPEG2000 file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Nvidia Buffer Overflow
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2024-0145 MEDIUM This Month

NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a heap-based buffer overflow issue by means of a specially crafted JPEG2000 file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Nvidia Buffer Overflow Heap Overflow RCE
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2024-42410 MEDIUM This Month

Improper input validation in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service
NVD
CVSS 4.0
6.8
EPSS
0.1%
CVE-2024-0143 MEDIUM This Month

NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds write issue by means of a specially crafted JPEG2000 file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Nvidia Memory Corruption Buffer Overflow RCE
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2024-0142 MEDIUM This Month

NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds write issue by means of a specially crafted JPEG2000 file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Nvidia Memory Corruption Buffer Overflow RCE
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2024-21859 MEDIUM This Month

Improper buffer restrictions in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 6.8). No vendor patch available.

Information Disclosure Intel Buffer Overflow
NVD VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2024-36293 MEDIUM PATCH This Month

Improper access control in the EDECCSSA user leaf function for some Intel(R) Processors with Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Authentication Bypass Denial Of Service Red Hat Suse
NVD VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2024-39279 MEDIUM PATCH This Month

Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow a authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Red Hat Suse
NVD VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2024-31157 MEDIUM PATCH This Month

Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 6.8). No vendor patch available.

Intel Information Disclosure Red Hat Suse
NVD VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2024-28047 MEDIUM PATCH This Month

Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Rated medium severity (CVSS 6.8). No vendor patch available.

Intel Information Disclosure Red Hat Suse
NVD VulDB
CVSS 4.0
6.8
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy