CVE-2025-34144 - Apache HTTP Server Remote File Inclusion
CVE ID : CVE-2025-34144
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34144
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34145 - Apache HTTP Server Cross-Site Scripting
CVE ID : CVE-2025-34145
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34145
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34166 - Apache HTTP Server Path Traversal
CVE ID : CVE-2025-34166
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34166
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34167 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-34167
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34167
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34168 - Apache HTTP Server Remote Code Execution
CVE ID : CVE-2025-34168
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34168
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34169 - Apache SSH Denial of Service
CVE ID : CVE-2025-34169
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34169
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34170 - Apache HTTP Server Remote Code Execution
CVE ID : CVE-2025-34170
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34170
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34171 - Apache HTTP Server Remote Code Execution
CVE ID : CVE-2025-34171
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34171
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34213 - Apache HTTP Server Denial of Service
CVE ID : CVE-2025-34213
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34213
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34214 - Apache HTTP Server Remote Code Execution
CVE ID : CVE-2025-34214
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34214
Published : Jan. 2, 2026, 5:15 p.m. | 14 minutes ago
Description : Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-69416 - Plex Media Server Device Token Information Disclosure Vulnerability
CVE ID : CVE-2025-69416
Published : Jan. 2, 2026, 5:16 p.m. | 4 hours, 15 minutes ago
Description : In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve other tokens (intended for unrelated access) via clients.plex.tv/devices.xml.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-69416
Published : Jan. 2, 2026, 5:16 p.m. | 4 hours, 15 minutes ago
Description : In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve other tokens (intended for unrelated access) via clients.plex.tv/devices.xml.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-69417 - Plex Media Server Unauthorized Share Token Disclosure
CVE ID : CVE-2025-69417
Published : Jan. 2, 2026, 5:16 p.m. | 4 hours, 15 minutes ago
Description : In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve share tokens (intended for unrelated access) via a shared_servers endpoint.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-69417
Published : Jan. 2, 2026, 5:16 p.m. | 4 hours, 15 minutes ago
Description : In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-server device token can retrieve share tokens (intended for unrelated access) via a shared_servers endpoint.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-0566 - code-projects Content Management System edit_posts.php unrestricted upload
CVE ID : CVE-2026-0566
Published : Jan. 2, 2026, 5:16 p.m. | 4 hours, 15 minutes ago
Description : A security vulnerability has been detected in code-projects Content Management System 1.0. Impacted is an unknown function of the file /admin/edit_posts.php. The manipulation of the argument image leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-0566
Published : Jan. 2, 2026, 5:16 p.m. | 4 hours, 15 minutes ago
Description : A security vulnerability has been detected in code-projects Content Management System 1.0. Impacted is an unknown function of the file /admin/edit_posts.php. The manipulation of the argument image leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-0567 - code-projects Content Management System pages.php sql injection
CVE ID : CVE-2026-0567
Published : Jan. 2, 2026, 6:15 p.m. | 3 hours, 16 minutes ago
Description : A vulnerability was detected in code-projects Content Management System 1.0. The affected element is an unknown function of the file /pages.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-0567
Published : Jan. 2, 2026, 6:15 p.m. | 3 hours, 16 minutes ago
Description : A vulnerability was detected in code-projects Content Management System 1.0. The affected element is an unknown function of the file /pages.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-0568 - code-projects Online Music Site ViewSongs.php sql injection
CVE ID : CVE-2026-0568
Published : Jan. 2, 2026, 6:15 p.m. | 3 hours, 16 minutes ago
Description : A flaw has been found in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Frontend/ViewSongs.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-0568
Published : Jan. 2, 2026, 6:15 p.m. | 3 hours, 16 minutes ago
Description : A flaw has been found in code-projects Online Music Site 1.0. The impacted element is an unknown function of the file /Frontend/ViewSongs.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-21429 - Emlog has Broken Access Control (BAC)
CVE ID : CVE-2026-21429
Published : Jan. 2, 2026, 6:15 p.m. | 3 hours, 16 minutes ago
Description : Emlog is an open source website building system. In version 2.5.23, the admin can set controls which makes users unable to edit or delete their articles after publishing them. As of time of publication, no known patched versions are available.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-21429
Published : Jan. 2, 2026, 6:15 p.m. | 3 hours, 16 minutes ago
Description : Emlog is an open source website building system. In version 2.5.23, the admin can set controls which makes users unable to edit or delete their articles after publishing them. As of time of publication, no known patched versions are available.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-0569 - code-projects Online Music Site AlbumByCategory.php sql injection
CVE ID : CVE-2026-0569
Published : Jan. 2, 2026, 7:15 p.m. | 2 hours, 16 minutes ago
Description : A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown function of the file /Frontend/AlbumByCategory.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-0569
Published : Jan. 2, 2026, 7:15 p.m. | 2 hours, 16 minutes ago
Description : A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown function of the file /Frontend/AlbumByCategory.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-0570 - code-projects Online Music Site Feedback.php sql injection
CVE ID : CVE-2026-0570
Published : Jan. 2, 2026, 7:15 p.m. | 2 hours, 16 minutes ago
Description : A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Frontend/Feedback.php. Performing manipulation of the argument fname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-0570
Published : Jan. 2, 2026, 7:15 p.m. | 2 hours, 16 minutes ago
Description : A vulnerability was found in code-projects Online Music Site 1.0. This impacts an unknown function of the file /Frontend/Feedback.php. Performing manipulation of the argument fname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-21430 - Emlog: CSRF chained with stored XSS leads to ATO
CVE ID : CVE-2026-21430
Published : Jan. 2, 2026, 7:15 p.m. | 2 hours, 16 minutes ago
Description : Emlog is an open source website building system. In version 2.5.23, article creation functionality is vulnerable to cross-site request forgery (CSRF). This can lead to a user being forced to post an article with arbitrary, attacker-controlled content. This, when combined with stored cross-site scripting, leads to account takeover. As of time of publication, no known patched versions are available.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-21430
Published : Jan. 2, 2026, 7:15 p.m. | 2 hours, 16 minutes ago
Description : Emlog is an open source website building system. In version 2.5.23, article creation functionality is vulnerable to cross-site request forgery (CSRF). This can lead to a user being forced to post an article with arbitrary, attacker-controlled content. This, when combined with stored cross-site scripting, leads to account takeover. As of time of publication, no known patched versions are available.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-21431 - Emlog vulnerable to stored Cross-site Scripting via image name
CVE ID : CVE-2026-21431
Published : Jan. 2, 2026, 7:15 p.m. | 2 hours, 16 minutes ago
Description : Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability in the `Resource media library ` function while publishing an article. As of time of publication, no known patched versions are available.
Severity: 2.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-21431
Published : Jan. 2, 2026, 7:15 p.m. | 2 hours, 16 minutes ago
Description : Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability in the `Resource media library ` function while publishing an article. As of time of publication, no known patched versions are available.
Severity: 2.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-21432 - Emlog has stored Cross-site Scripting issue that can lead to admin or another account ATO
CVE ID : CVE-2026-21432
Published : Jan. 2, 2026, 7:15 p.m. | 2 hours, 16 minutes ago
Description : Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability that can lead to account takeover, including takeover of admin accounts. As of time of publication, no known patched versions are available.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-21432
Published : Jan. 2, 2026, 7:15 p.m. | 2 hours, 16 minutes ago
Description : Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability that can lead to account takeover, including takeover of admin accounts. As of time of publication, no known patched versions are available.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...