Total
8113 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-36669 | 1 Idccms Project | 1 Idccms | 2025-02-13 | 5.4 Medium |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=add. | ||||
| CVE-2024-36668 | 1 Idccms Project | 1 Idccms | 2025-02-13 | 5.4 Medium |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=del | ||||
| CVE-2024-36667 | 1 Idccms Project | 1 Idccms | 2025-02-13 | 8.8 High |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/idcProType_deal.php?mudi=add&nohrefStr=close | ||||
| CVE-2024-36550 | 1 Idccms | 1 Idccms | 2025-02-13 | 8.8 High |
| idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=add&nohrefStr=close | ||||
| CVE-2024-36549 | 1 Idccms | 1 Idccms | 2025-02-13 | 8.8 High |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=rev&nohrefStr=close | ||||
| CVE-2024-36548 | 2 Idccms, Idccms Project | 2 Idccms, Idccms | 2025-02-13 | 5.4 Medium |
| idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/vpsCompany_deal.php?mudi=del | ||||
| CVE-2024-36547 | 1 Idccms | 1 Idccms | 2025-02-13 | 8.8 High |
| idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=add | ||||
| CVE-2024-36076 | 1 Syslifters | 1 Sysreptor | 2025-02-13 | 8.8 High |
| Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session. | ||||
| CVE-2024-35475 | 1 Openkm | 1 Openkm | 2025-02-13 | 6.4 Medium |
| A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands. | ||||
| CVE-2025-26568 | 2025-02-13 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in jensmueller Easy Amazon Product Information allows Stored XSS. This issue affects Easy Amazon Product Information: from n/a through 4.0.1. | ||||
| CVE-2025-25125 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CyrilG Fyrebox Quizzes allows Stored XSS. This issue affects Fyrebox Quizzes: from n/a through 2.7. | ||||
| CVE-2025-25126 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in zmseo ZMSEO allows Stored XSS. This issue affects ZMSEO: from n/a through 1.14.1. | ||||
| CVE-2025-25149 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Danillo Nunes Login-box allows Stored XSS. This issue affects Login-box: from n/a through 2.0.4. | ||||
| CVE-2025-25145 | 2025-02-12 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in jordan.hatch Infusionsoft Analytics allows Cross Site Request Forgery. This issue affects Infusionsoft Analytics: from n/a through 2.0. | ||||
| CVE-2025-25140 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Scriptonite Simple User Profile allows Stored XSS. This issue affects Simple User Profile: from n/a through 1.9. | ||||
| CVE-2025-25135 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Victor Barkalov Custom Links On Admin Dashboard Toolbar allows Stored XSS. This issue affects Custom Links On Admin Dashboard Toolbar: from n/a through 3.3. | ||||
| CVE-2025-25138 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Rishi On Page SEO + Whatsapp Chat Button allows Stored XSS. This issue affects On Page SEO + Whatsapp Chat Button: from n/a through 2.0.0. | ||||
| CVE-2025-25156 | 2025-02-12 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Stanko Metodiev Quote Comments allows Stored XSS. This issue affects Quote Comments: from n/a through 2.2.1. | ||||
| CVE-2025-25160 | 1 Markbarnes | 1 Style Tweaker | 2025-02-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Mark Barnes Style Tweaker allows Stored XSS. This issue affects Style Tweaker: from n/a through 0.11. | ||||
| CVE-2025-25166 | 1 Gabrieldarezzo | 1 Inlocation | 2025-02-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation allows Stored XSS. This issue affects InLocation: from n/a through 1.8. | ||||