CVE Alert: CVE-2025-46538
Vulnerability Summary: CVE-2025-46538 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webplanetsoft Inline Text Popup allows...
CVE
CVE Alert: CVE-2025-43859
Vulnerability Summary: CVE-2025-43859 h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of...
CVE Alert: CVE-2025-46540
Vulnerability Summary: CVE-2025-46540 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Mok GNA Search Shortcode...
CVE Alert: CVE-2024-30114
Vulnerability Summary: CVE-2024-30114 Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment. Affected Endpoints: No affected...
CVE Alert: CVE-2023-45720
Vulnerability Summary: CVE-2023-45720 Insufficient default configuration in HCL Leap allows anonymous access to directory information. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2024-30113
Vulnerability Summary: CVE-2024-30113 Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML...
CVE Alert: CVE-2025-31324
Vulnerability Summary: CVE-2025-31324 SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to...
CVE Alert: CVE-2023-37534
Vulnerability Summary: CVE-2023-37534 Insufficient URI protocol whitelist in HCL Leap allows script injection through query parameters. Affected Endpoints: No affected...
CVE Alert: CVE-2024-30147
Vulnerability Summary: CVE-2024-30147 Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications. Affected...
CVE Alert: CVE-2022-44760
Vulnerability Summary: CVE-2022-44760 Unsafe default file type filter policy in HCL Leap allows execution of unsafe JavaScript in deployed applications....
CVE Alert: CVE-2022-44759
Vulnerability Summary: CVE-2022-44759 Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications. Affected Endpoints:...
CVE Alert: CVE-2025-1294
Vulnerability Summary: CVE-2025-1294 The eForm - WordPress Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all...
CVE Alert: CVE-2023-37516
Vulnerability Summary: CVE-2023-37516 Missing "no cache" headers in HCL Leap permits user directory information to be cached. Affected Endpoints: No...
CVE Alert: CVE-2024-30127
Vulnerability Summary: CVE-2024-30127 Missing "no cache" headers in HCL Leap permits sensitive data to be cached. Affected Endpoints: No affected...
CVE Alert: CVE-2025-46275
Vulnerability Summary: CVE-2025-46275 WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could allow an attacker to create an administrator account without...
CVE Alert: CVE-2025-43861
Vulnerability Summary: CVE-2025-43861 ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 2f177dc, ManageWiki is vulnerable...
CVE Alert: CVE-2025-46274
Vulnerability Summary: CVE-2025-46274 UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read, manipulate and create entries in...
CVE Alert: CVE-2025-46271
Vulnerability Summary: CVE-2025-46271 UNI-NMS-Lite is vulnerable to a command injection attack that could allow an unauthenticated attacker to read or...
CVE Alert: CVE-2025-46272
Vulnerability Summary: CVE-2025-46272 WGS-80HPT-V2 and WGS-4215-8T2S are vulnerable to a command injection attack that could allow an unauthenticated attacker to...
CVE Alert: CVE-2025-3749
Vulnerability Summary: CVE-2025-3749 The Breeze Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cal_size’ parameter in...
CVE Alert: CVE-2025-46273
Vulnerability Summary: CVE-2025-46273 UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS...
CVE Alert: CVE-2024-10306
Vulnerability Summary: CVE-2024-10306 A vulnerability was found in mod_proxy_cluster. The issue is that the directive should be replaced by the...
CVE Alert: CVE-2025-2703
Vulnerability Summary: CVE-2025-2703 The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions...
CVE Alert: CVE-2025-45428
Vulnerability Summary: CVE-2025-45428 In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform/SetSysAutoRebbotCfg has a stack overflow vulnerability,...
