Total
287379 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-53976 | 1 Mozilla | 1 Firefox | 2025-04-04 | N/A | 5.4 MEDIUM |
| Under certain circumstances, navigating to a webpage would result in the address missing from the location URL bar, making it unclear what the URL was for the loaded webpage. This vulnerability affects Firefox for iOS < 133. | |||||
| CVE-2025-3255 | 2025-04-04 | 4.0 MEDIUM | 4.3 MEDIUM | ||
| A vulnerability was found in xujiangfei admintwo 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /user/home. The manipulation of the argument ID leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3254 | 2025-04-04 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability was found in xujiangfei admintwo 1.0. It has been classified as critical. Affected is an unknown function of the file /resource/add. The manipulation of the argument description leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3253 | 2025-04-04 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability was found in xujiangfei admintwo 1.0 and classified as problematic. This issue affects some unknown processing of the file /ztree/insertTree. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3252 | 2025-04-04 | 4.0 MEDIUM | 3.5 LOW | ||
| A vulnerability has been found in xujiangfei admintwo 1.0 and classified as problematic. This vulnerability affects unknown code of the file /resource/add. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3204 | 2025-04-04 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability, which was classified as critical, has been found in CodeAstro Car Rental System 1.0. Affected by this issue is some unknown functionality of the file /returncar.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3203 | 2025-04-04 | 4.0 MEDIUM | 4.3 MEDIUM | ||
| A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3202 | 2025-04-04 | 7.5 HIGH | 7.3 HIGH | ||
| A vulnerability classified as critical has been found in ageerle ruoyi-ai up to 2.0.0. Affected is an unknown function of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysNoticeController.java. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is 6382e177bf90cc56ff70521842409e35c50df32d. It is recommended to upgrade the affected component. | |||||
| CVE-2025-32280 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP Project Manager allows Cross Site Request Forgery. This issue affects WP Project Manager: from n/a through 2.6.22. | |||||
| CVE-2025-32278 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wprio Table Block by RioVizual allows Cross Site Request Forgery. This issue affects Table Block by RioVizual: from n/a through 2.1.7. | |||||
| CVE-2025-32277 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Ateeq Rafeeq RepairBuddy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects RepairBuddy: from n/a through 3.8211. | |||||
| CVE-2025-32276 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Quý Lê 91 Administrator Z allows Cross Site Request Forgery. This issue affects Administrator Z: from n/a through 2025.03.04. | |||||
| CVE-2025-32274 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in axew3 WP w3all phpBB allows Cross Site Request Forgery. This issue affects WP w3all phpBB: from n/a through 2.9.2. | |||||
| CVE-2025-32273 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in freetobook Freetobook Responsive Widget allows Cross Site Request Forgery. This issue affects Freetobook Responsive Widget: from n/a through 1.1. | |||||
| CVE-2025-32272 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Wishlist allows Cross Site Request Forgery. This issue affects Wishlist: from n/a through 1.0.44. | |||||
| CVE-2025-32271 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ablancodev Woocommerce Role Pricing allows Cross Site Request Forgery. This issue affects Woocommerce Role Pricing: from n/a through 3.5.5. | |||||
| CVE-2025-32270 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Broadstreet Broadstreet allows Cross Site Request Forgery. This issue affects Broadstreet: from n/a through 1.51.1. | |||||
| CVE-2025-32269 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms allows Cross Site Request Forgery. This issue affects WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through 1.1.3. | |||||
| CVE-2025-32268 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in www.15.to QR Code Tag for WC allows Cross Site Request Forgery. This issue affects QR Code Tag for WC: from n/a through 1.9.36. | |||||
| CVE-2025-32267 | 2025-04-04 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wpzinc Post to Social Media – WordPress to Hootsuite allows Cross Site Request Forgery. This issue affects Post to Social Media – WordPress to Hootsuite: from n/a through 1.5.8. | |||||