快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 356851
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2025-61261 |
A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows at...
|
MEDIUM | 5.4 | 2025-11-07 |
angular angular
ckeditor ckeditor5
|
CVE NVD | |
| CVE-2025-63420 |
CrushFTP11 before 11.3.7_57 is vulnerable to stored HTML injection in the CrushFTP Admin Panel (Repo...
|
MEDIUM | 4.1 | 2025-11-07 |
crushftp crushftp
|
CVE NVD | |
| CVE-2025-63543 |
TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in the /search_results endpoint via the q ...
|
MEDIUM | 6.1 | 2025-11-07 |
nooncarlett techstore
|
CVE NVD | |
| CVE-2025-63544 |
TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in /order_notes via the id parameter.
|
MEDIUM | 6.1 | 2025-11-07 |
nooncarlett techstore
|
CVE NVD | |
| CVE-2025-63638 |
Sourcecodester AI-Powered To-Do List App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Ta...
|
MEDIUM | 6.1 | 2025-11-07 |
remyandrade ai-powered_to-do_list_app
|
CVE NVD | |
| CVE-2025-63639 |
The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to C...
|
MEDIUM | 6.1 | 2025-11-07 |
remyandrade faq_bot_with_ai_assistant
|
CVE NVD | |
| CVE-2025-63640 |
Sourcecodester Medicine Reminder App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Medici...
|
MEDIUM | 6.1 | 2025-11-07 |
rems medicine_reminder_app
|
CVE NVD | |
| CVE-2025-63686 |
There is an arbitrary file download vulnerability in GuoMinJim PersonManage thru commit 5a02b1ab208f...
|
MEDIUM | 6.5 | 2025-11-07 |
guominjim personmanage
|
CVE NVD | |
| CVE-2025-63687 |
An issue was discovered in rymcu forest thru commit f782e85 (2025-09-04) in function doBefore in fil...
|
MEDIUM | 6.5 | 2025-11-07 |
rymcu forest
|
CVE NVD | |
| CVE-2025-63689 |
Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit 11f276bd20a41f0892...
|
CRITICAL | 10.0 | 2025-11-07 |
ycf1998 money-pos
|
CVE NVD | |
| CVE-2025-63690 |
In pig-mesh Pig versions 3.8.2 and below, when setting up scheduled tasks in the Quartz management f...
|
CRITICAL | 9.1 | 2025-11-07 |
pig4cloud pig
|
CVE NVD | |
| CVE-2025-63691 |
In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System Ma...
|
CRITICAL | 9.6 | 2025-11-07 |
pig4cloud pig
|
CVE NVD | |
| CVE-2025-63713 |
Cross-Site Scripting (XSS) vulnerability in SourceCodester "MatchMaster" 1.0 allows remote attackers...
|
MEDIUM | 6.1 | 2025-11-07 |
remyandrade matching_type_test
|
CVE NVD | |
| CVE-2025-63714 |
Cross-Site Scripting (XSS) vulnerability in SourceCodester User Account Generator 1.0 allows remote ...
|
MEDIUM | 6.1 | 2025-11-07 |
remyandrade modern_user_account_generator
|
CVE NVD | |
| CVE-2025-63716 |
The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attack...
|
MEDIUM | 6.5 | 2025-11-07 |
rems leads_manager_tool
|
CVE NVD | |
| CVE-2025-63717 |
The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Groom...
|
MEDIUM | 6.5 | 2025-11-07 |
mayurik pet_grooming_management_software
|
CVE NVD | |
| CVE-2025-63718 |
A SQL injection vulnerability exists in the SourceCodester PQMS (Patient Queue Management System) 1....
|
MEDIUM | 6.5 | 2025-11-07 |
pamzey patients_waiting_area_queue_management_system
|
CVE NVD | |
| CVE-2025-63783 |
A Broken Object Level Authorization (BOLA) vulnerability was discovered in the tRPC project mutation...
|
HIGH | 7.6 | 2025-11-07 |
onlook onlook
|
CVE NVD | |
| CVE-2025-63784 |
An Open Redirect vulnerability exists in the OAuth callback handler in file onlook/apps/web/client/s...
|
MEDIUM | 6.5 | 2025-11-07 |
onlook onlook
|
CVE NVD | |
| CVE-2025-63785 |
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the text editor feature of the Onlook...
|
MEDIUM | 6.1 | 2025-11-07 |
onlook onlook
|
CVE NVD |