Skip to main content
CVE-2025-50585 HIGH POC This Week

SQL injection in DayCloud StudentManage v1.0 lets an authenticated attacker inject arbitrary SQL through the /admin/adminStudentUrl component, exposing the full backing database. Rated CVSS 8.8, the flaw yields complete confidentiality, integrity, and availability impact against the application data store. Publicly available exploit code exists (referenced GitHub issue), though the product is an obscure open-source project on Gitee with no evidence of active exploitation.

SQLi Studentmanage
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-45157 MEDIUM POC This Month

Insecure permissions in Splashin iOS v2.0 expose precise location data for targeted users to unauthenticated network attackers via broken access control. The flaw, classified under CWE-284 (Improper Access Control), allows any remote party to query location information without credentials, bypassing the application's intended authorization model. No public exploit identified at time of analysis is inaccurate here - a publicly available proof-of-concept is documented in the referenced researcher disclosure, though EPSS remains low (0.24%, 15th percentile), suggesting opportunistic exploitation has not yet materialized at scale.

Authentication Bypass Apple Splashin
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-50586 MEDIUM POC This Month

Cross-site request forgery in StudentManage v1.0 (DayCloud) allows a remote attacker to perform unauthorized state-changing actions on behalf of an authenticated victim by luring them to a malicious webpage that auto-submits forged requests to the application. All default installations of v1.0 are affected per CPE data; no patched release has been identified. A publicly available proof-of-concept exploit exists, though no active exploitation has been recorded in CISA KEV and EPSS sits at a very low 0.19%.

CSRF Studentmanage
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-7814 MEDIUM POC This Month

A vulnerability classified as critical was found in code-projects Food Ordering Review System 1.0. This vulnerability affects unknown code of the file /pages/signup_function.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

PHP SQLi Food Ordering Review System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-45156 MEDIUM POC This Month

Splashin iOS v2.0 fails to enforce server-side rate limiting on location update frequency for free-tier accounts, allowing free users to bypass tier-based restrictions and submit location updates at an unrestricted rate. Confirmed by CPE (cpe:2.3:a:splashin:splashin:2.0:*:*:*:*:iphone_os:*:*), this business logic flaw exposes the platform's API to abuse by any free-tier account holder. A publicly available proof-of-concept is referenced via NVD exploit tag; EPSS sits at 0.36% (28th percentile), indicating low probability of widespread automated exploitation.

Apple Information Disclosure Splashin
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2025-50583 MEDIUM POC This Month

Stored XSS in DayCloud's StudentManage v1.0 allows an authenticated administrative user to inject malicious JavaScript via the 'Add A New Student' module, which executes in the browser of any user who subsequently views the affected record. The Scope:Changed metric confirms the injected script runs in a different security context (the victim's browser session), enabling session hijacking or credential theft. No active exploitation is confirmed via CISA KEV, though a public proof-of-concept exists on GitHub; EPSS at 0.22% (13th percentile) reflects low observed exploitation activity.

XSS Studentmanage
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-50582 MEDIUM POC This Month

Stored cross-site scripting in DayCloud StudentManage v1.0 allows an authenticated administrator to inject malicious JavaScript via the Add A New Course module, which then executes in the browsers of other users who view the affected course content. The CVSS vector (PR:H/UI:R/S:C) confirms this requires admin-level access and victim interaction, with scope change reflecting script execution in a different user's browser context. A public proof-of-concept is available on GitHub, though EPSS sits at 0.22% (13th percentile), and the vulnerability is not listed in CISA KEV, indicating no observed widespread exploitation.

XSS Studentmanage
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-50581 MEDIUM POC This Month

Stored cross-site scripting in MRCMS 3.1.2's admin group management endpoint allows an authenticated administrator to inject malicious JavaScript via /admin/group/save.do, which executes in the browser of any other admin who subsequently visits the affected page. The scope-changed CVSS vector (S:C) confirms the impact crosses the security boundary from the injecting session to other users' sessions. A publicly available proof-of-concept exists on GitHub, though EPSS sits at 0.22% (13th percentile), indicating limited observed exploitation activity at time of analysis.

XSS Mrcms
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-50584 MEDIUM POC This Month

Stored cross-site scripting in DayCloud's StudentManage v1.0 allows authenticated administrators to inject malicious JavaScript via the Add A New Teacher module, which executes in victims' browsers when they load the affected page. The CVSS vector (PR:H, UI:R, S:C) confirms exploitation is gated behind high privileges and requires victim interaction, but the scope change flag reflects cross-user browser impact. A public proof-of-concept is available on GitHub; however, EPSS at 0.22% (13th percentile) and no CISA KEV listing indicate no confirmed widespread exploitation at time of analysis.

XSS Studentmanage
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-6718 HIGH This Week

SQL injection in the B1.lt WordPress plugin (versions ≤2.2.57) allows authenticated users with Subscriber-level privileges to execute arbitrary database commands via the b1_run_query AJAX action. The vulnerability stems from a missing capability check (CWE-862), enabling low-privileged authenticated attackers to access database functionality normally restricted to administrators. With CVSS 8.8 (network-accessible, low complexity, high impact on confidentiality/integrity/availability) and successful exploitation requiring only subscriber credentials, this represents a critical privilege escalation vector. No public exploit identified at time of analysis, though the technical details disclosed increase weaponization risk.

Authentication Bypass WordPress SQLi
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-52164 HIGH This Week

Plaintext credential storage in agorum core open versions 11.9.2 and 11.10.1 exposes stored account credentials to anyone able to read the underlying storage, undermining the confidentiality of any account whose secrets are persisted by this German enterprise content and document management platform. The flaw, tracked as CWE-256 and reported in usd HeroLab advisory usd-2025-0023, carries a vendor/NVD CVSS of 8.2 but no public exploit identified at time of analysis and no CISA KEV listing. Disclosed credentials can be reused to impersonate users or pivot into connected systems.

Information Disclosure
NVD
CVSS 3.1
8.2
EPSS
0.2%
CVE-2025-52169 HIGH This Week

Reflected cross-site scripting in agorum core open versions 11.9.2 and 11.10.1 allows attackers to inject and execute arbitrary JavaScript in a victim's browser session by luring an authenticated or unauthenticated user into clicking a crafted link. The flaw was disclosed in usd HeroLab advisory usd-2025-0026 and carries a CVSS 7.1 rating driven by a scope change (S:C). No public exploit has been identified at time of analysis and it is not listed in CISA KEV.

XSS
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-7789 LOW POC PATCH Monitor

Token generation in Xuxueli xxl-job up to version 3.1.1 uses password hashing with insufficient computational effort (weak bcrypt configuration or equivalent), allowing attackers to crack authentication tokens through brute force. The vulnerability affects the makeToken function in IndexController.java and has low practical impact (confidentiality impact only, no integrity or availability damage), but exploitation requires high attack complexity and is not known to be actively exploited at scale despite public disclosure of the vulnerability.

Information Disclosure Java Xxl Job
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.0%
CVE-2025-52168 MEDIUM This Month

Unauthenticated arbitrary file read in Agorum Core open v11.9.2 and v11.10.1 exposes the underlying filesystem to any network-accessible attacker via the dynawebservice component. The access control failure (CWE-284) requires no authentication, no user interaction, and no special configuration - any exposed instance of these two specific versions is vulnerable. No public exploit code or CISA KEV listing exists at time of analysis, but the zero-prerequisite network vector makes this trivially exploitable once an attacker identifies the endpoint, and the ECM context means sensitive documents, credentials, and configuration files are likely stored on the affected system.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-52162 MEDIUM This Month

XML External Entity (XXE) injection in agorum core open's RSSReader endpoint enables remote attackers to exfiltrate sensitive server-side data by submitting crafted XML payloads. Affected versions are v11.9.2 and v11.10.1 of this document management platform. EPSS exploitation probability sits at 0.22% (13th percentile), no public exploit code has been identified, and the vulnerability is not listed in CISA's KEV catalog - indicating low observed exploitation pressure despite the network-accessible, unauthenticated attack surface described by the CVSS vector.

XXE Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-52163 MEDIUM This Month

Server-Side Request Forgery in Agorum core open's TunnelServlet component exposes internal and external network resources to unauthenticated remote attackers through crafted HTTP requests. Affected versions are 11.9.2 and 11.10.1 of the agorum Software GmbH document management platform. No active exploitation is confirmed and the EPSS score sits at the 10th percentile (0.20%), indicating low observed exploitation pressure at time of analysis, though the zero-authentication requirement lowers the barrier for opportunistic scanning.

SSRF Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-52166 MEDIUM This Month

Privilege escalation in Agorum core open v11.9.2 and v11.10.1 allows authenticated users to elevate their privileges to Administrator level, gaining access to sensitive components and information within the document management platform. The vulnerability stems from incorrect access control (CWE-284), meaning the application fails to properly enforce authorization boundaries between standard user and administrative roles. No public exploit code or active exploitation has been identified at time of analysis, and the EPSS score of 0.20% at the 10th percentile confirms low current exploitation interest, though the impact of gaining full admin access warrants prompt remediation.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-7784 MEDIUM PATCH This Month

Privilege escalation in Keycloak's Fine-Grained Admin Permissions v2 (FGAPv2) allows administrative users with the manage-users role to escalate privileges to realm-admin through improper privilege enforcement. When FGAPv2 is enabled, this vulnerability enables unauthorized elevation of administrative access rights, compromising the separation of administrative duties. No public exploit code or active exploitation has been identified at the time of analysis.

Privilege Escalation Build Of Keycloak Red Hat
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-6717 MEDIUM This Month

SQL Injection in B1.lt WordPress plugin up to version 2.2.56 allows authenticated attackers with Subscriber-level access to extract sensitive database information via an unescaped 'id' parameter. The vulnerability requires valid user credentials and network access but involves minimal interaction, making it a moderate risk for WordPress installations with many trusted users. No public exploit code or active exploitation has been confirmed.

WordPress SQLi
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-7788 LOW POC Monitor

OS command injection in Xuxueli xxl-job up to version 3.1.1 allows authenticated remote attackers to execute arbitrary operating system commands via the commandJobHandler function in SampleXxlJob.java. The vulnerability has a publicly available exploit and is rated critical by the discoverer, though the CVSS 4.0 score of 2.1 reflects limited scope (authenticated access required, low confidentiality/integrity/availability impact). With EPSS at 0.71% (72nd percentile), real-world exploitation probability is low despite public POC availability.

Command Injection Xxl Job
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.7%
CVE-2025-7787 LOW POC Monitor

Server-side request forgery in Xuxueli xxl-job up to version 3.1.1 allows authenticated remote attackers to perform SSRF attacks via the httpJobHandler function, enabling access to internal network resources. The vulnerability has a low CVSS score (2.1) due to required authentication and limited confidentiality impact, but publicly available exploit code exists and should be remediated promptly in affected deployments.

SSRF Xxl Job
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7785 LOW POC PATCH Monitor

Open redirect in JeeSite's SSO controller allows remote attackers to redirect users to arbitrary external URLs by manipulating the redirect parameter, exploiting user trust to facilitate phishing or credential theft attacks. Affects JeeSite up to version 5.12.0. Publicly available exploit code exists and requires user interaction (clicking a malicious link), but no active exploitation in the wild has been confirmed. CVSS score is low (2.1) due to UI requirement and limited impact, though EPSS (0.11%) indicates minimal real-world exploitation probability.

Java Open Redirect Jeesite
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7802 LOW POC Monitor

Reflected cross-site scripting (XSS) in PHPGurukul Complaint Management System 2.0 allows authenticated users to inject malicious scripts via the Search parameter in /admin/complaint-search.php. The vulnerability requires user interaction (victim clicks malicious link) and authenticated access, limiting its real-world impact despite public exploit availability. EPSS score of 0.05% indicates very low exploitation probability in practice.

PHP XSS Complaint Management System
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-7791 LOW POC Monitor

Stored cross-site scripting (XSS) in PHPGurukul Online Security Guards Hiring System 1.0 allows authenticated attackers to inject malicious scripts via the searchdata parameter in /admin/search.php, which are executed in the context of other users' browsers. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), limiting but not preventing exploitation. Publicly available exploit code exists, though real-world risk remains low due to authentication and interaction requirements combined with a very low EPSS score of 0.05%.

PHP XSS Online Security Guards Hiring System
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-7767 LOW POC Monitor

Reflected cross-site scripting (XSS) in PHPGurukul Art Gallery Management System 1.1 allows authenticated attackers to inject malicious scripts via the artmed parameter in /admin/edit-art-medium-detail.php. The vulnerability requires user interaction (UI:P) and valid login credentials (PR:L) but impacts only integrity of the admin interface. Publicly available exploit code exists, though EPSS probability remains very low at 0.05%, suggesting limited real-world exploitation despite disclosure.

PHP XSS Art Gallery Management System
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-7786 LOW POC Monitor

Cross-site scripting (XSS) vulnerability in Gnuboard g6 up to version 6.0.10 allows authenticated remote attackers to inject arbitrary JavaScript into the Post Reply Handler component at /bbs/scrap_popin_update/qa/ path, requiring user interaction for exploitation. The vulnerability has been publicly disclosed with exploit code available; however, the low EPSS score (0.05%, 15th percentile) and CVSS 2.0 rating suggest limited real-world exploitation probability despite public availability of proof-of-concept.

XSS Gnuboard
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2024-13175 MEDIUM This Month

Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER allows Forceful Browsing.41.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-7801 MEDIUM This Month

A vulnerability has been found in BossSoft CRM 6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /crm/module/HNDCBas_customPrmSearchDtl.jsp. The manipulation of the argument cstid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-6726 MEDIUM This Month

Block Editor Gallery Slider plugin for WordPress up to version 1.1.1 allows authenticated Subscriber-level attackers to modify post metadata for arbitrary posts due to a missing capability check in the classic_gallery_slider_options() function. The vulnerability has a CVSS score of 4.3 and requires only low-privileged authenticated access with no user interaction, but carries limited impact (data integrity only, no confidentiality or availability breach). No public exploit code or active exploitation has been identified at time of analysis.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-7798 LOW Monitor

SQL injection in Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System versions up to 8.2 allows authenticated remote attackers to execute arbitrary SQL queries via manipulation of the Struccture_ID parameter in the /admin/system/structure/getdirectorydata/web/baseinfo/companyManage endpoint. Despite critical severity designation in the description, CVSS 4.0 scoring reflects low confidentiality and integrity impact (CVSS:4.0 with VC:L/VI:L/VA:L), and EPSS exploitation probability is extremely low at 0.04% (12th percentile), indicating this attack requires valid authentication and specific deployment context. Public exploit disclosure exists (E:P flag), but no active exploitation confirmed in CISA KEV.

SQLi
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy