High
CVE-2024-56028
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lemonade Coding Studio Lemonade Social Networks Autoposter Pinterest allows Reflected XSS.This is…
Read moreAll CVEs — 2025
Page 225/225.
Browse all CVEs by publication year. Use filters to refine.
CVSS ≥ 0.0
2025-01-02
High
CVE-2024-56027
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BizSwoop a CPF Concepts, LLC Brand Leads CRM allows Reflected XSS.This issue affects Leads CRM: f…
Read more
Medium
CVE-2024-56019
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gavin Rehkemper Inline Footnotes allows Stored XSS.This issue affects Inline Footnotes: from n/a…
Read more
Medium
CVE-2024-13103
A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the…
Read more
Medium
CVE-2024-13102
A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manip…
Read more
High
CVE-2024-13062
An unintended entry point vulnerability has been identified in certain router models, which may allow for arbitrary command execution. Refer to the ' 01/02/2025 ASUS Router AiCloud vulnerability' sec…
Read more
Medium
CVE-2024-13093
A vulnerability, which was classified as critical, has been found in code-projects Job Recruitment 1.0. This issue affects some unknown processing of the file /_parse/_call_main_search_ajax.php of th…
Read more
Medium
CVE-2024-13092
A vulnerability classified as critical was found in code-projects Job Recruitment 1.0. This vulnerability affects unknown code of the file /_parse/_call_job/search_ajax.php of the component Job Post…
Read more
High
CVE-2024-12912
An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS…
Read more
Medium
CVE-2024-12595
The AHAthat Plugin WordPress plugin through 1.6 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in…
Read more
Medium
CVE-2024-11357
The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scriptin…
Read more
Medium
CVE-2024-56830
The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong randomization module is present.
Read more
Medium
CVE-2002-20002
The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand(), which is not a strong random number generator, for cryptographic keys.
Read more
Medium
CVE-2025-22214
Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection.
Read more
Critical
CVE-2024-56829
Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx.
Read more2025-01-01
Medium
CVE-2025-0168
A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument per…
Read more
Medium
CVE-2024-56021
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibnuyahya Category Post Shortcode allows Stored XSS.This issue affects Category Post Shortcode: f…
Read more
Medium
CVE-2024-56020
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mario Di Pasquale SvegliaT Buttons allows Stored XSS.This issue affects SvegliaT Buttons: from n/…
Read more