Skip to main content
CVE-2025-32262 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Robert D Payne RDP Wiki Embed allows Cross Site Request Forgery.2.20. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-32261 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Kuppuraj Advanced All in One Admin Search by WP Spotlight allows Cross Site Request Forgery.1.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-3265 MEDIUM POC This Week

A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi E Diary Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-29477 MEDIUM POC This Month

An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event. Rated medium severity (CVSS 5.5). Public exploit code available and no vendor patch available.

Denial Of Service Fluent Bit
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-3258 MEDIUM POC This Week

A vulnerability classified as critical was found in PHPGurukul Old Age Home Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Old Age Home Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3255 MEDIUM POC This Month

A vulnerability was found in xujiangfei admintwo 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Admintwo
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3254 MEDIUM POC This Month

A vulnerability was found in xujiangfei admintwo 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Admintwo
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.3%
CVE-2025-3250 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in elunez eladmin 2.7. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Eladmin
NVD VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3249 MEDIUM POC This Month

A vulnerability classified as critical was found in TOTOLINK A6000R 1.0.1-B20201211.2000. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A6000R Firmware TOTOLINK
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
7.2%
CVE-2025-3244 MEDIUM POC This Month

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass File Upload Web Based Pharmacy Product Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.3%
CVE-2025-3242 MEDIUM POC This Month

A vulnerability has been found in PHPGurukul e-Diary Management System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi E Diary Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3239 MEDIUM POC This Week

A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Fire Reporting System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3238 MEDIUM POC This Week

A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Fire Reporting System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3220 MEDIUM POC This Week

A vulnerability was found in PHPGurukul e-Diary Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi E Diary Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3215 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Restaurant Table Booking System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3086 MEDIUM This Month

Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service M Files Server
NVD
CVSS 4.0
6.3
EPSS
0.1%
CVE-2025-2279 MEDIUM POC This Month

The Maps WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Maps PHP
NVD WPScan
CVSS 3.1
5.9
EPSS
0.2%
CVE-2025-3204 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in CodeAstro Car Rental System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Car Rental System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-24310 MEDIUM Monitor

Improper restriction of rendered UI layers or frames issue exists in HMI ViewJet C-more series, which may allow a remote unauthenticated attacker to trick the product user to perform operations on. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2025-29796 MEDIUM Monitor

User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Apple Edge iOS
NVD
CVSS 3.1
4.7
EPSS
1.6%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy