CVE Alert: CVE-2025-28917
Vulnerability Summary: CVE-2025-28917 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Custom Smilies allows Stored...
CVE
CVE Alert: CVE-2025-28916
Vulnerability Summary: CVE-2025-28916 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound...
CVE Alert: CVE-2025-28911
Vulnerability Summary: CVE-2025-28911 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gravity2pdf Gravity 2 PDF allows...
CVE Alert: CVE-2025-28899
Vulnerability Summary: CVE-2025-28899 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Event Ticketing allows...
CVE Alert: CVE-2025-28903
Vulnerability Summary: CVE-2025-28903 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Driving Directions allows Reflected...
CVE Alert: CVE-2025-28935
Vulnerability Summary: CVE-2025-28935 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in puzich Fancybox Plus allows Reflected...
CVE Alert: CVE-2025-28898
Vulnerability Summary: CVE-2025-28898 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound WP Multistore...
CVE Alert: CVE-2025-28939
Vulnerability Summary: CVE-2025-28939 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound WP Google...
CVE Alert: CVE-2025-28934
Vulnerability Summary: CVE-2025-28934 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Simple Post Series allows...
CVE Alert: CVE-2025-28928
Vulnerability Summary: CVE-2025-28928 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sureshdsk Are you robot google...
CVE Alert: CVE-2025-2820
Vulnerability Summary: CVE-2025-2820 An authenticated attacker can compromise the availability of the device via the network Affected Endpoints: No affected...
CVE Alert: CVE-2025-2819
Vulnerability Summary: CVE-2025-2819 There is a risk of unauthorized file uploads in GT-SoftControl and potential file overwrites due to insufficient...
CVE Alert: CVE-2025-28942
Vulnerability Summary: CVE-2025-28942 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Trust Payments Trust...
CVE Alert: CVE-2025-28924
Vulnerability Summary: CVE-2025-28924 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ZenphotoPress allows Reflected XSS....
CVE Alert: CVE-2025-30524
Vulnerability Summary: CVE-2025-30524 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in origincode Product Catalog...
CVE Alert: CVE-2025-30225
Vulnerability Summary: CVE-2025-30225 Directus is a real-time API and App dashboard for managing SQL database content. The `@directus/storage-driver-s3` package starting...
CVE Alert: CVE-2025-27406
Vulnerability Summary: CVE-2025-27406 Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework...
CVE Alert: CVE-2025-27405
Vulnerability Summary: CVE-2025-27405 Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in...
CVE Alert: CVE-2025-2783
Vulnerability Summary: CVE-2025-2783 Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed...
CVE Alert: CVE-2025-2825
Vulnerability Summary: CVE-2025-2825 CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability that may result...
CVE Alert: CVE-2025-2499
Vulnerability Summary: CVE-2025-2499 Client side access control bypass in the permission component in Devolutions Remote Desktop Manager on Windows. An...
CVE Alert: CVE-2025-30350
Vulnerability Summary: CVE-2025-30350 Directus is a real-time API and App dashboard for managing SQL database content. The `@directus/storage-driver-s3` package starting...
CVE Alert: CVE-2025-2562
Vulnerability Summary: CVE-2025-2562 Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user...
CVE Alert: CVE-2025-30351
Vulnerability Summary: CVE-2025-30351 Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 10.10.0...
