Skip to main content
CVE-2025-45157 MEDIUM POC This Month

Insecure permissions in Splashin iOS v2.0 expose precise location data for targeted users to unauthenticated network attackers via broken access control. The flaw, classified under CWE-284 (Improper Access Control), allows any remote party to query location information without credentials, bypassing the application's intended authorization model. No public exploit identified at time of analysis is inaccurate here - a publicly available proof-of-concept is documented in the referenced researcher disclosure, though EPSS remains low (0.24%, 15th percentile), suggesting opportunistic exploitation has not yet materialized at scale.

Authentication Bypass Apple Splashin
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-50586 MEDIUM POC This Month

Cross-site request forgery in StudentManage v1.0 (DayCloud) allows a remote attacker to perform unauthorized state-changing actions on behalf of an authenticated victim by luring them to a malicious webpage that auto-submits forged requests to the application. All default installations of v1.0 are affected per CPE data; no patched release has been identified. A publicly available proof-of-concept exploit exists, though no active exploitation has been recorded in CISA KEV and EPSS sits at a very low 0.19%.

CSRF Studentmanage
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-7814 MEDIUM POC This Month

A vulnerability classified as critical was found in code-projects Food Ordering Review System 1.0. This vulnerability affects unknown code of the file /pages/signup_function.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

PHP SQLi Food Ordering Review System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-45156 MEDIUM POC This Month

Splashin iOS v2.0 fails to enforce server-side rate limiting on location update frequency for free-tier accounts, allowing free users to bypass tier-based restrictions and submit location updates at an unrestricted rate. Confirmed by CPE (cpe:2.3:a:splashin:splashin:2.0:*:*:*:*:iphone_os:*:*), this business logic flaw exposes the platform's API to abuse by any free-tier account holder. A publicly available proof-of-concept is referenced via NVD exploit tag; EPSS sits at 0.36% (28th percentile), indicating low probability of widespread automated exploitation.

Apple Information Disclosure Splashin
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2025-50583 MEDIUM POC This Month

Stored XSS in DayCloud's StudentManage v1.0 allows an authenticated administrative user to inject malicious JavaScript via the 'Add A New Student' module, which executes in the browser of any user who subsequently views the affected record. The Scope:Changed metric confirms the injected script runs in a different security context (the victim's browser session), enabling session hijacking or credential theft. No active exploitation is confirmed via CISA KEV, though a public proof-of-concept exists on GitHub; EPSS at 0.22% (13th percentile) reflects low observed exploitation activity.

XSS Studentmanage
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-50582 MEDIUM POC This Month

Stored cross-site scripting in DayCloud StudentManage v1.0 allows an authenticated administrator to inject malicious JavaScript via the Add A New Course module, which then executes in the browsers of other users who view the affected course content. The CVSS vector (PR:H/UI:R/S:C) confirms this requires admin-level access and victim interaction, with scope change reflecting script execution in a different user's browser context. A public proof-of-concept is available on GitHub, though EPSS sits at 0.22% (13th percentile), and the vulnerability is not listed in CISA KEV, indicating no observed widespread exploitation.

XSS Studentmanage
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-50581 MEDIUM POC This Month

Stored cross-site scripting in MRCMS 3.1.2's admin group management endpoint allows an authenticated administrator to inject malicious JavaScript via /admin/group/save.do, which executes in the browser of any other admin who subsequently visits the affected page. The scope-changed CVSS vector (S:C) confirms the impact crosses the security boundary from the injecting session to other users' sessions. A publicly available proof-of-concept exists on GitHub, though EPSS sits at 0.22% (13th percentile), indicating limited observed exploitation activity at time of analysis.

XSS Mrcms
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-50584 MEDIUM POC This Month

Stored cross-site scripting in DayCloud's StudentManage v1.0 allows authenticated administrators to inject malicious JavaScript via the Add A New Teacher module, which executes in victims' browsers when they load the affected page. The CVSS vector (PR:H, UI:R, S:C) confirms exploitation is gated behind high privileges and requires victim interaction, but the scope change flag reflects cross-user browser impact. A public proof-of-concept is available on GitHub; however, EPSS at 0.22% (13th percentile) and no CISA KEV listing indicate no confirmed widespread exploitation at time of analysis.

XSS Studentmanage
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-52168 MEDIUM This Month

Unauthenticated arbitrary file read in Agorum Core open v11.9.2 and v11.10.1 exposes the underlying filesystem to any network-accessible attacker via the dynawebservice component. The access control failure (CWE-284) requires no authentication, no user interaction, and no special configuration - any exposed instance of these two specific versions is vulnerable. No public exploit code or CISA KEV listing exists at time of analysis, but the zero-prerequisite network vector makes this trivially exploitable once an attacker identifies the endpoint, and the ECM context means sensitive documents, credentials, and configuration files are likely stored on the affected system.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-52162 MEDIUM This Month

XML External Entity (XXE) injection in agorum core open's RSSReader endpoint enables remote attackers to exfiltrate sensitive server-side data by submitting crafted XML payloads. Affected versions are v11.9.2 and v11.10.1 of this document management platform. EPSS exploitation probability sits at 0.22% (13th percentile), no public exploit code has been identified, and the vulnerability is not listed in CISA's KEV catalog - indicating low observed exploitation pressure despite the network-accessible, unauthenticated attack surface described by the CVSS vector.

XXE Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-52163 MEDIUM This Month

Server-Side Request Forgery in Agorum core open's TunnelServlet component exposes internal and external network resources to unauthenticated remote attackers through crafted HTTP requests. Affected versions are 11.9.2 and 11.10.1 of the agorum Software GmbH document management platform. No active exploitation is confirmed and the EPSS score sits at the 10th percentile (0.20%), indicating low observed exploitation pressure at time of analysis, though the zero-authentication requirement lowers the barrier for opportunistic scanning.

SSRF Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-52166 MEDIUM This Month

Privilege escalation in Agorum core open v11.9.2 and v11.10.1 allows authenticated users to elevate their privileges to Administrator level, gaining access to sensitive components and information within the document management platform. The vulnerability stems from incorrect access control (CWE-284), meaning the application fails to properly enforce authorization boundaries between standard user and administrative roles. No public exploit code or active exploitation has been identified at time of analysis, and the EPSS score of 0.20% at the 10th percentile confirms low current exploitation interest, though the impact of gaining full admin access warrants prompt remediation.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-7784 MEDIUM PATCH This Month

Privilege escalation in Keycloak's Fine-Grained Admin Permissions v2 (FGAPv2) allows administrative users with the manage-users role to escalate privileges to realm-admin through improper privilege enforcement. When FGAPv2 is enabled, this vulnerability enables unauthorized elevation of administrative access rights, compromising the separation of administrative duties. No public exploit code or active exploitation has been identified at the time of analysis.

Privilege Escalation Build Of Keycloak Red Hat
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-6717 MEDIUM This Month

SQL Injection in B1.lt WordPress plugin up to version 2.2.56 allows authenticated attackers with Subscriber-level access to extract sensitive database information via an unescaped 'id' parameter. The vulnerability requires valid user credentials and network access but involves minimal interaction, making it a moderate risk for WordPress installations with many trusted users. No public exploit code or active exploitation has been confirmed.

WordPress SQLi
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2024-13175 MEDIUM This Month

Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER allows Forceful Browsing.41.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-7801 MEDIUM This Month

A vulnerability has been found in BossSoft CRM 6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /crm/module/HNDCBas_customPrmSearchDtl.jsp. The manipulation of the argument cstid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-6726 MEDIUM This Month

Block Editor Gallery Slider plugin for WordPress up to version 1.1.1 allows authenticated Subscriber-level attackers to modify post metadata for arbitrary posts due to a missing capability check in the classic_gallery_slider_options() function. The vulnerability has a CVSS score of 4.3 and requires only low-privileged authenticated access with no user interaction, but carries limited impact (data integrity only, no confidentiality or availability breach). No public exploit code or active exploitation has been identified at time of analysis.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy