Skip to main content
CVE-2025-44654 CRITICAL Act Now

Improper access control in the Linksys E2500 wireless router (firmware 3.0.04.002) stems from its bundled vsftpd FTP service, where the reporter flags the chroot_local_user setting as enabling unauthorized reach into system files, privilege escalation, or lateral pivoting into the internal network. The E2500 is a discontinued consumer/SOHO router, and no public exploit identified at time of analysis; EPSS estimates only a 1.08% exploitation probability (61st percentile). Notably, the single reference is a third-party GitHub gist rather than a vendor advisory, and the technical claim is internally inconsistent (see risk assessment).

Authentication Bypass Privilege Escalation Linksys E2500 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2025-44655 CRITICAL Act Now

Privilege escalation and unauthorized file access affects TOTOLINK A7100RU (V7.4), A950RG (V5.9), and T10 (V5.9) routers because their bundled vsftpd FTP server ships with the chroot_local_user option enabled in vsftpd.conf, an insecure default that can let a local FTP user reach system files and escalate on the device. On these consumer routers the FTP daemon runs with high privilege and weak isolation, so a foothold on the FTP service can be used to read sensitive files, gain elevated access, and pivot into the internal network. There is no CISA KEV listing and no public exploit identified at time of analysis; the only reference is a researcher gist, and EPSS is low at 0.34% (26th percentile).

Privilege Escalation Authentication Bypass A7100Ru Firmware A950rg Firmware T10 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-7933 MEDIUM POC This Month

A vulnerability classified as critical was found in Campcodes Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /pages/settings_update.php of the component Setting Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi Sales And Inventory System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-7931 MEDIUM POC This Month

A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /members/admin_pic.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

PHP Authentication Bypass File Upload Church Donation System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-7915 MEDIUM POC This Month

A vulnerability was found in Chanjet CRM 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /mail/mailinactive.php of the component Login Page. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

PHP SQLi Chanjet Crm
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-7930 MEDIUM POC This Month

A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /members/add_members.php. The manipulation of the argument mobile leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

PHP SQLi Church Donation System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-7929 MEDIUM POC This Month

A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /members/edit_Members.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

PHP SQLi Church Donation System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-7928 MEDIUM POC This Month

A vulnerability was found in code-projects Church Donation System 1.0 and classified as critical. This issue affects some unknown processing of the file /members/edit_user.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

PHP SQLi Church Donation System
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-44653 HIGH This Week

Availability disruption in the H3C GR2200 router (firmware MiniGR1A0V100R016) arises because its bundled bftpd FTP daemon ships with USERLIMIT_GLOBAL set to 0 in /etc/bftpd.conf, imposing no ceiling on concurrent FTP sessions. Remote attackers can open large numbers of simultaneous connections to exhaust device sockets, memory, and CPU, degrading or crashing the FTP service and potentially the router itself. A public technical writeup exists and EPSS is modest (0.52%, 40th percentile); there is no public exploit identified beyond that writeup and no evidence of active exploitation (not listed in CISA KEV).

Denial Of Service Gr2200 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-44651 HIGH This Week

Uncontrolled resource consumption in the TRENDnet TPL-430AP powerline access point (firmware FW1.0) stems from its bundled bftpd FTP daemon shipping with USERLIMIT_GLOBAL=0, which imposes no cap on concurrent connections. A remote attacker can open unlimited simultaneous FTP sessions to exhaust device memory and connection resources, rendering the access point unresponsive (availability-only impact, no data compromise). No public exploit code has been confirmed, though a researcher gist and writeup describing the issue exist; EPSS risk is modest at 0.52% and the CVE is not listed in CISA KEV.

Denial Of Service Tpl 430Ap Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-44649 HIGH This Week

Cleartext identity exposure in the TRENDnet TEW-WLC100P wireless controller (firmware 2.03b03) stems from its bundled racoon IKE daemon shipping with aggressive mode as the first exchange_mode entry. Because IKE Phase 1 aggressive mode transmits identity payloads in plaintext and sends a hash of the pre-shared key that can be captured, any party observing or initiating a negotiation can harvest identities and mount offline dictionary attacks against the PSK. No public exploit identified at time of analysis and the EPSS probability is low (0.27%, 19th percentile), consistent with a configuration-hardening weakness rather than a mass-exploited flaw.

Information Disclosure Tew Wlc100P Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-4130 HIGH This Week

Sensitive constant disclosure in PAVO Inc.'s PAVO Pay (versions before 13.05.2025) allows remote attackers to extract hard-coded credentials embedded in the application binary, undermining authentication controls for the payment platform. The CVSS 7.5 score reflects high confidentiality impact with no required privileges or user interaction, though EPSS at 0.27% suggests limited mass exploitation interest and no public exploit identified at time of analysis. The disclosure originated from Turkey's national CERT (USOM), indicating a coordinated vendor advisory.

Authentication Bypass
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-4129 HIGH This Week

Authorization bypass in PAVO Inc. PAVO Pay (versions before 13.05.2025) allows remote unauthenticated attackers to access sensitive data by manipulating user-controlled identifiers (IDOR pattern). The flaw, mapped to CWE-639, enables exploitation of trusted identifiers without authentication and has no public exploit identified at time of analysis, with EPSS rating exploitation likelihood at 0.27%.

Authentication Bypass
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-1469 HIGH This Week

Information disclosure in Turtek Software's Eyotek product (versions before 11.03.2025) allows remote unauthenticated attackers to access other users' data by manipulating user-controlled identifiers (IDOR-class flaw). The CVSS 7.5 score reflects high confidentiality impact with no integrity or availability impact, and no public exploit identified at time of analysis. The flaw was reported by Turkey's national CERT (USOM) and tracked under advisory TR-25-0163.

Authentication Bypass
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-44647 HIGH This Week

Pre-Shared Key hash disclosure affects the TRENDnet TEW-WLC100P wireless LAN controller running firmware 2.03b03, whose bundled strongSwan configuration ships with the i_dont_care_about_security_and_use_aggressive_mode_psk option enabled by default. Because the IKE responder accepts IKEv1 Aggressive Mode with PSK, it transmits the PSK hash in the clear during negotiation, letting a network-positioned attacker capture it and mount an offline dictionary/brute-force crack to recover the VPN pre-shared secret. There is no public exploit identified at time of analysis, no CISA KEV listing, and EPSS is low (0.36%), reflecting an information-disclosure weakness rather than direct remote code execution.

Information Disclosure Tew Wlc100P Firmware
NVD GitHub
CVSS 3.1
7.3
EPSS
0.4%
CVE-2025-4040 HIGH This Week

Privilege escalation in Turpak Automatic Station Monitoring System versions prior to 5.0.6.51 allows authenticated remote attackers to bypass authorization controls by manipulating user-controlled keys (IDOR-style flaw). Authenticated low-privilege users can access or modify resources belonging to other accounts, including potentially higher-privileged ones. EPSS scores exploitation likelihood at 0.19% (41st percentile) and no public exploit identified at time of analysis.

Authentication Bypass Privilege Escalation
NVD VulDB
CVSS 3.1
7.1
EPSS
0.2%
CVE-2025-5681 MEDIUM This Month

Authorization bypass via user-controlled key manipulation in Turtek Software Eyotek exposes sensitive user data to remote attackers without requiring authentication. The vulnerability, classified as CWE-639 (Insecure Direct Object Reference class), permits an attacker to enumerate or substitute trusted identifiers in requests to access resources belonging to other users, resulting in high-confidentiality-impact data disclosure with no integrity or availability effect. Reported by Turkish USOM (iletisim@usom.gov.tr), no public exploit code exists and the EPSS score of 0.20% places this at the 43rd percentile, indicating low current exploitation probability.

Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-7932 LOW POC Monitor

Command injection in D-Link DIR-817L router firmware up to version 1.04B01 allows authenticated remote attackers to execute arbitrary system commands via the lxmldbc_system function in ssdpcgi, with publicly available exploit code disclosed and EPSS risk at 0.36% suggesting limited real-world exploitation despite network accessibility.

Command Injection D-Link Dir 817L Firmware
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.4%
CVE-2025-7925 LOW POC Monitor

Stored or reflected cross-site scripting (XSS) vulnerability in PHPGurukul Online Banquet Booking System 1.0 allows remote attackers to inject malicious scripts via the user_login or userpassword parameters in /admin/login.php. User interaction is required for exploitation. Publicly available exploit code exists, and EPSS score of 0.10% indicates low real-world exploitation probability despite public disclosure.

PHP XSS Online Banquet Booking System
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7927 LOW POC Monitor

SQL injection in PHPGurukul Online Banquet Booking System 1.0 allows authenticated remote attackers to manipulate the viewid parameter in /admin/view-user-queries.php, enabling database query manipulation with limited confidentiality and integrity impact. Despite a critical severity classification in the original report, the CVSS 4.0 score of 2.1 reflects low real-world risk due to required authentication and restricted impact scope. Public exploit code is available, but the low EPSS score (0.08th percentile) indicates minimal likelihood of widespread exploitation.

PHP SQLi Online Banquet Booking System
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7936 LOW POC Monitor

SQL injection in fuyang_lipengjun platform allows authenticated remote attackers to manipulate beanName and methodName parameters in the queryPage function of ScheduleJobLogController.java, resulting in limited confidentiality, integrity, and availability impact. The CVSS score of 2.1 reflects the requirement for prior authentication and the constrained scope of impact; however, exploitation probability is marked as possible (E:P in CVSS v4.0 vector), and publicly available exploit code exists. The rolling-release model means no traditional version numbers are tracked, with the vulnerability confirmed present up to commit ca9aceff6902feb7b0b6bf510842aea88430796a.

SQLi Platform
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7935 LOW POC Monitor

SQL injection in the SysLogController of fuyang_lipengjun platform allows authenticated remote attackers to execute arbitrary SQL queries via the key parameter, with publicly available exploit code disclosed. Despite a critical classification, the CVSS 4.0 score of 2.1 and low EPSS percentile (22%) indicate limited real-world impact due to requirement for prior authentication and low confidentiality/integrity scope; however, the public exploit and authenticated network access vector warrant monitoring.

SQLi Java Platform
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7934 LOW POC Monitor

SQL injection in fuyang_lipengjun platform allows authenticated remote attackers to execute arbitrary SQL queries via the beanName parameter in the queryPage function of ScheduleJobController.java. The CVSS score of 2.1 reflects limited confidentiality and integrity impact with authentication required, though publicly available exploit code exists. EPSS score of 0.07% (percentile 22%) suggests low real-world exploitation probability despite public POC availability.

SQLi Java Platform
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7944 LOW POC Monitor

Cross-site scripting (XSS) in PHPGurukul Taxi Stand Management System 1.0 allows remote attackers to inject malicious scripts via the searchdata parameter in /search.php. The vulnerability requires user interaction (clicking a malicious link) and has limited integrity impact. A publicly available proof-of-concept exists, though EPSS score of 0.07% suggests minimal real-world exploitation probability despite active public disclosure.

PHP XSS Auto Taxi Stand Management System
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7943 LOW POC Monitor

Reflected cross-site scripting (XSS) in PHPGurukul Taxi Stand Management System 1.0 allows remote attackers to inject arbitrary JavaScript via the searchdata parameter in /admin/search-autoortaxi.php. The vulnerability requires user interaction (clicking a malicious link) but no authentication. Publicly available exploit code exists, though EPSS score (0.07%) indicates low real-world exploitation probability relative to CVSS severity.

PHP XSS Auto Taxi Stand Management System
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7938 LOW POC Monitor

Authorization bypass in JPACookieShop (蛋糕商城JPA版) version 1.0 allows authenticated remote attackers to modify goods via the updateGoods function in GoodsController.java without proper privilege validation. The vulnerability has public exploit code available but carries low real-world risk due to a CVSS score of 2.1 (EPSS 0.06%), indicating exploitation is unlikely despite authenticated access requirements and public disclosure.

Authentication Bypass Jpacookieshop
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-7369 MEDIUM This Month

Execute arbitrary shortcodes in WordPress sites running WP Shortcodes Plugin - Shortcodes Ultimate through version 7.4.2 via Cross-Site Request Forgery targeting site administrators. Unauthenticated attackers can forge requests that bypass nonce validation in the preview function, allowing execution of arbitrary shortcodes if an admin clicks a malicious link. When combined with CVE-2025-7354, this enables Reflected Cross-Site Scripting. EPSS score of 6.1 (moderate CVSS) reflects the UI requirement and need for admin interaction, though real-world risk is elevated due to the attack surface in WordPress admin workflows. No public exploit code or CISA KEV confirmation identified at time of analysis.

WordPress CSRF XSS
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-7941 LOW POC Monitor

Stored cross-site scripting (XSS) in PHPGurukul Time Table Generator System 1.0 allows authenticated users to inject malicious scripts via the adminname parameter in /admin/profile.php, affecting other users who view the compromised admin profile. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), limiting direct impact to integrity (VI:L), but publicly available exploit code demonstrates feasibility for authorized attackers to escalate privileges or perform actions on behalf of administrators.

PHP XSS Time Table Generator System
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-7926 LOW POC Monitor

Stored cross-site scripting (XSS) in PHPGurukul Online Banquet Booking System 1.0 allows authenticated remote attackers to inject malicious scripts via the searchdata parameter in /admin/booking-search.php, which are then reflected to other users viewing search results. The vulnerability requires user interaction (clicking a malicious link) and authenticated access to the admin panel, resulting in session hijacking or credential theft. Publicly available exploit code exists, though the EPSS score of 0.07% (percentile 21%) and low CVSS score of 2.0 suggest limited real-world exploitation likelihood due to the authentication and user interaction requirements.

PHP XSS Online Banquet Booking System
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-7924 LOW POC Monitor

Reflected cross-site scripting (XSS) in PHPGurukul Online Banquet Booking System 1.0 allows authenticated remote attackers to inject malicious scripts via the adminname parameter in /admin/admin-profile.php. The vulnerability requires user interaction (UI:P) to trigger payload execution but carries public exploit code, making it readily weaponizable despite the low CVSS score of 2.0 and minimal EPSS probability (0.07%).

PHP XSS Online Banquet Booking System
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-7942 LOW POC Monitor

Stored cross-site scripting (XSS) in PHPGurukul Taxi Stand Management System 1.0 allows authenticated users to inject malicious scripts via the adminname parameter in /admin/admin-profile.php, affecting application integrity. The vulnerability requires user interaction (UI:P per CVSS 4.0 vector) and an authenticated admin account (PR:L), but public exploit code exists and the risk is amplified by the admin-tier access context. EPSS exploitation probability is minimal at 0.05% percentile, suggesting limited real-world weaponization despite proof-of-concept availability.

PHP XSS Auto Taxi Stand Management System
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-7962 MEDIUM PATCH This Month

SMTP injection in Eclipse Jakarta Mail (and its Angus Mail implementation) prior to version 2.0.2 allows a low-privileged attacker to inject arbitrary SMTP protocol commands by embedding raw carriage return (\r) and line feed (\n) UTF-8 characters into email fields processed by the library. The library fails to sanitize these input terminators before passing data to the SMTP command stream, enabling an attacker with control over email content to inject additional SMTP commands, forge headers, or deliver unsolicited messages through a trusted mail relay. No public exploit code has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.

Code Injection Jakarta Mail Angus Mail Red Hat Suse
NVD VulDB
CVSS 4.0
6.0
EPSS
0.8%
CVE-2025-7940 LOW POC Monitor

Improper export of Android application components in Genshin Albedo Cat House App 1.0.2 allows local attackers with user privileges to access sensitive information through AndroidManifest.xml misconfigurations in the com.house.auscat component. The vulnerability requires local access and authenticated user privileges but carries minimal real-world risk due to low EPSS (0.02%) and the constraint of local-only exploitation.

Information Disclosure Google
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-2301 MEDIUM This Month

Authorization bypass in Akbim Software Online Exam Registration allows a highly privileged, remote attacker to access confidential exam registration data belonging to other users by manipulating user-controlled identifier keys. Affected versions are all releases prior to 14.03.2025. No public exploit code has been identified at time of analysis, and EPSS exploitation probability stands at just 0.17%, reflecting low observed threat activity despite the confidentiality severity of the flaw.

Authentication Bypass
NVD VulDB
CVSS 3.1
4.4
EPSS
0.2%
CVE-2025-44657 LOW Monitor

Improper access control in Linksys EA6350 firmware 2.1.2 exposes the embedded vsftpd FTP service via a misconfigured chroot_local_user directive in a dynamically generated configuration file, allowing authenticated FTP users to traverse outside their intended jail and access sensitive system files. Affected users of this specific firmware version could face local privilege escalation or use of the device as a network pivot point for lateral movement into attached internal segments. No public exploit code has been confirmed, EPSS sits at 0.28% (20th percentile), and the device carries no CISA KEV listing, collectively suggesting limited real-world threat activity at this time.

Authentication Bypass Privilege Escalation Linksys Ea6350 Firmware
NVD GitHub
CVSS 3.1
3.9
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy