Skip to main content
CVE-2025-3686 MEDIUM POC This Month

A vulnerability classified as problematic was found in misstt123 oasys 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Oasys
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2025-3684 MEDIUM POC This Month

A vulnerability was found in Xianqi Kindergarten Management System 2.0 Bulid 20190808. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Kindergarten Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3676 MEDIUM POC This Month

A vulnerability classified as critical has been found in xxyopen Novel-Plus 3.5.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Novel Plus
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-32385 MEDIUM POC This Month

EspoCRM is an Open Source Customer Relationship Management software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

XSS Espocrm
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-3697 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Web Based Pharmacy Product Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3696 MEDIUM POC This Month

A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Web Based Pharmacy Product Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3685 MEDIUM POC This Month

A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Patient Record Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3687 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in misstt123 oasys 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Oasys
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3691 MEDIUM POC This Month

A vulnerability was found in mirweiye Seven Bears Library CMS 2023. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Seven Bears Library Cms
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.6%
CVE-2025-39557 CRITICAL Act Now

Unrestricted Upload of File with Dangerous Type vulnerability in Ben Ritner - Kadence WP Kadence WooCommerce Email Designer allows Upload a Web Shell to a Web Server.5.14. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress File Upload
NVD
CVSS 3.1
9.1
EPSS
0.4%
CVE-2024-22036 CRITICAL PATCH Act Now

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Docker Privilege Escalation Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
0.2%
CVE-2024-53303 HIGH This Week

A remote code execution (RCE) vulnerability in the upload_file function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection
NVD GitHub
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-40070 MEDIUM POC This Month

Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via id_generator/classes/Users.php?f=save. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP RCE File Upload Online Id Generator System
NVD GitHub
CVSS 3.1
5.1
EPSS
0.1%
CVE-2025-1568 HIGH This Week

Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 16063.87.0 allows an attacker with a registered Gerrit account to inject malicious code into ChromeOS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Google Authentication Bypass Denial Of Service Chrome Os +1
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2025-39570 HIGH This Week

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Lomu WPCOM Member allows PHP Local File Inclusion.7.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure LFI PHP
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-52281 HIGH PATCH This Week

A: Improper Neutralization of Input During Web Page Generation vulnerability in SUSE rancher allows a malicious actor to perform a Stored XSS attack through the cluster description field.9.0 before. Rated high severity (CVSS 8.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Suse
NVD GitHub
CVSS 3.1
8.9
EPSS
0.0%
CVE-2025-32872 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32871 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32870 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32867 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32866 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32865 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32864 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32863 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32862 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32861 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32860 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32859 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32858 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32857 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32856 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32855 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32854 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32853 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32852 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32851 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32850 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32849 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32848 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32847 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32846 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32845 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32844 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32843 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32842 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32841 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32840 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32839 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32838 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
CVE-2025-32837 HIGH This Week

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Telecontrol Server Basic
NVD
CVSS 4.0
8.7
EPSS
0.9%
Prev Page 2 of 8 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy