Skip to main content
CVE-2025-2196 LOW POC Monitor

A vulnerability was found in MRCMS 3.1.2. It has been declared as problematic. [CVSS 3.5 LOW]

XSS
NVD VulDB GitHub
CVSS 3.1
3.5
EPSS
0.1%
CVE-2025-2195 LOW POC Monitor

A vulnerability was found in MRCMS 3.1.2. It has been classified as problematic. [CVSS 3.5 LOW]

XSS
NVD GitHub VulDB
CVSS 3.1
3.5
EPSS
0.1%
CVE-2025-2194 LOW POC Monitor

A vulnerability was found in MRCMS 3.1.2 and classified as problematic. This issue affects the function list of the file /admin/file/list.do of the component org.marker.mushroom.controller.FileController. [CVSS 3.5 LOW]

XSS
NVD GitHub VulDB
CVSS 3.1
3.5
EPSS
0.1%
CVE-2024-13615 LOW POC Monitor

The Social Snap WordPress plugin fails to properly clean user input in its settings, allowing administrators to inject malicious code that gets stored and executed in the browser. This affects websites using the plugin version 1.3.6 and earlier, particularly in multisite setups where admin accounts shouldn't normally have permission to run unfiltered code. An attacker with admin access could inject JavaScript code that runs for all site visitors, potentially stealing credentials or performing unauthorized actions.

WordPress XSS
NVD WPScan
CVSS 3.1
3.5
EPSS
0.1%
CVE-2025-2211 LOW POC Monitor

A vulnerability was found in aitangbao springboot-manager 3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /sysDictDetail/add. [CVSS 2.4 LOW]

XSS
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-2210 LOW POC Monitor

A vulnerability has been found in aitangbao springboot-manager 3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /sysJob/add. [CVSS 2.4 LOW]

XSS
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-2209 LOW POC Monitor

A vulnerability, which was classified as problematic, was found in aitangbao springboot-manager 3.0. Affected is an unknown function of the file /sysDict/add. [CVSS 2.4 LOW]

XSS
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-2208 LOW POC Monitor

A vulnerability, which was classified as problematic, has been found in aitangbao springboot-manager 3.0. This issue affects some unknown processing of the file /sysFiles/upload of the component Filename Handler. [CVSS 2.4 LOW]

XSS
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-2207 LOW POC Monitor

A vulnerability classified as problematic was found in aitangbao springboot-manager 3.0. This vulnerability affects unknown code of the file /sys/dept. [CVSS 2.4 LOW]

XSS
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-2206 LOW POC Monitor

A vulnerability classified as problematic has been found in aitangbao springboot-manager 3.0. This affects an unknown part of the file /sys/permission. [CVSS 2.4 LOW]

XSS
NVD GitHub VulDB
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-27893 LOW POC Monitor

In Archer Platform 6 through 6.14.00202.10024, an authenticated user with record creation privileges can manipulate immutable fields, such as the creation date, by intercepting and modifying a Copy request via a GenericContent/Record.aspx?id= URI. [CVSS 1.8 LOW]

RCE
NVD GitHub
CVSS 3.1
1.8
EPSS
0.1%
CVE-2025-27397 LOW Monitor

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. [CVSS 3.8 LOW]

Path Traversal Siemens
NVD
CVSS 3.1
3.8
EPSS
0.1%
CVE-2024-55592 LOW Monitor

An incorrect authorization vulnerability [CWE-863] in FortiSIEM 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions, may allow an authenticated attacker to perform unauthorized operations on incidents via crafted HTTP requests. [CVSS 3.8 LOW]

Authentication Bypass
NVD
CVSS 3.1
3.8
EPSS
0.0%
CVE-2024-41760 LOW Monitor

IBM's cryptographic software (versions 7.0.0-7.5.51) has a timing-based weakness that leaks information during RSA encryption operations, allowing attackers to potentially recover sensitive cryptographic keys or data by measuring how long operations take to complete. This affects organizations using IBM Common Cryptographic Architecture for security operations. An attacker with the ability to measure response times could exploit this flaw to gradually deduce private key information used in RSA encryption.

IBM Information Disclosure
NVD
CVSS 3.1
3.7
EPSS
0.1%
CVE-2025-27430 LOW Monitor

Under certain conditions, an SSRF vulnerability in SAP CRM and SAP S/4HANA (Interaction Center) allows an attacker with low privileges to access restricted information. [CVSS 3.5 LOW]

RCE
NVD
CVSS 3.1
3.5
EPSS
0.1%
CVE-2025-0900 LOW Monitor

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. [CVSS 3.3 LOW]

Information Disclosure
NVD
CVSS 3.0
3.3
EPSS
0.0%
CVE-2025-26655 LOW Monitor

SAP Just In Time(JIT) does not perform necessary authorization checks for an authenticated user, allowing attacker to escalate privileges that would otherwise be restricted, potentially causing a low impact on the integrity of the application.Confidentiality and Availability are not impacted. [CVSS 3.1 LOW]

Authentication Bypass SAP
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2024-28607 LOW Monitor

The ip-utils package through 2.4.0 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via a falsy isPrivate return value. [CVSS 2.9 LOW]

Node.js SSRF
NVD GitHub
CVSS 3.1
2.9
EPSS
0.0%
CVE-2025-27398 LOW Monitor

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly neutralize special characters when interpreting user controlled log paths. [CVSS 2.7 LOW]

Command Injection Siemens
NVD
CVSS 3.1
2.7
EPSS
0.1%
CVE-2025-2191 LOW Monitor

A vulnerability, which was classified as problematic, has been found in Claro A7600-A1 RNR4-A72T-2x16_v2110403_CLA_32_160817. Affected by this issue is some unknown functionality of the file /form2pingv6.cgi of the component Ping6 Diagnóstico. [CVSS 2.4 LOW]

XSS
NVD VulDB
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-2213 LOW Monitor

A vulnerability was found in Castlenet CBW383G2N versions up to 20250301. is affected by cross-site scripting (xss) (CVSS 2.4).

XSS
NVD VulDB
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-2212 LOW Monitor

A vulnerability was found in Castlenet CBW383G2N versions up to 20250301. is affected by cross-site scripting (xss) (CVSS 2.4).

XSS
NVD VulDB
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-27432 LOW Monitor

The eDocument Cockpit (Inbound NF-e) in SAP Electronic Invoicing for Brazil allows an authenticated attacker with certain privileges to gain unauthorized access to each transaction. [CVSS 2.4 LOW]

Authentication Bypass SAP
NVD
CVSS 3.1
2.4
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy