Skip to main content
CVE-2025-11146 MEDIUM This Month

Reflected Cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apt Cacher Ng
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-10342 MEDIUM This Month

HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'name' at the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Perfex Crm
NVD
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-10341 MEDIUM This Month

HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter 'company' at the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Perfex Crm
NVD
CVSS 4.0
5.3
EPSS
0.0%
CVE-2024-5200 MEDIUM Monitor

The Postie WordPress plugin before 1.9.71 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS
NVD WPScan
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-10504 MEDIUM CISA This Month

Heap-based Buffer Overflow vulnerability in ABB Terra AC wallbox.8.33. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Abb
NVD
CVSS 4.0
6.9
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy