CVE-2025-28091 - Maccms10 SSRF in Add Article
CVE ID : CVE-2025-28091
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : maccms10 v2025.1000.4047 has a Server-Side Request Forgery (SSRF) vulnerability via Add Article.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-28091
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : maccms10 v2025.1000.4047 has a Server-Side Request Forgery (SSRF) vulnerability via Add Article.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-28092 - ShopXO SSRF
CVE ID : CVE-2025-28092
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) via image upload function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-28092
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) via image upload function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-28093 - ShopXO SSRF
CVE ID : CVE-2025-28093
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) in Email Settings.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-28093
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : ShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) in Email Settings.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-28094 - Shopxo SSRF and XSS Vulnerabilities
CVE ID : CVE-2025-28094
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : shopxo v6.4.0 has a ssrf/xss vulnerability in multiple places.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-28094
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : shopxo v6.4.0 has a ssrf/xss vulnerability in multiple places.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-28096 - OneNav SSRF Vulnerability
CVE ID : CVE-2025-28096
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : OneNav 1.1.0 is vulnerable to Server-Side Request Forgery (SSRF) in custom headers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-28096
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : OneNav 1.1.0 is vulnerable to Server-Side Request Forgery (SSRF) in custom headers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-28097 - OneNav HTTP Header XSS
CVE ID : CVE-2025-28097
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : OneNav 1.1.0 is vulnerable to Cross Site Scripting (XSS) in custom headers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-28097
Published : March 28, 2025, 10:15 p.m. | 3 hours, 44 minutes ago
Description : OneNav 1.1.0 is vulnerable to Cross Site Scripting (XSS) in custom headers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2781 - WatchGuard Mobile VPN with SSL Client Directory Permission Escalation Vulnerability
CVE ID : CVE-2025-2781
Published : March 28, 2025, 11:15 p.m. | 2 hours, 44 minutes ago
Description : The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. This issue affects Mobile VPN with SSL Client: from 11.0 through 12.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2781
Published : March 28, 2025, 11:15 p.m. | 2 hours, 44 minutes ago
Description : The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. This issue affects Mobile VPN with SSL Client: from 11.0 through 12.11.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2782 - WatchGuard Terminal Services Agent Directory Permissions Escalation
CVE ID : CVE-2025-2782
Published : March 28, 2025, 11:15 p.m. | 2 hours, 44 minutes ago
Description : The WatchGuard Terminal Services Agent on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. This issue affects Terminal Services Agent: from 12.0 through 12.10.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2782
Published : March 28, 2025, 11:15 p.m. | 2 hours, 44 minutes ago
Description : The WatchGuard Terminal Services Agent on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. This issue affects Terminal Services Agent: from 12.0 through 12.10.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-43186 - IBM InfoSphere Information Server Local File Disclosure
CVE ID : CVE-2024-43186
Published : March 29, 2025, 12:15 a.m. | 1 hour, 44 minutes ago
Description : IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-43186
Published : March 29, 2025, 12:15 a.m. | 1 hour, 44 minutes ago
Description : IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-51477 - IBM InfoSphere Information Server Information Disclosure Vulnerability
CVE ID : CVE-2024-51477
Published : March 29, 2025, 12:15 a.m. | 1 hour, 44 minutes ago
Description : IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-51477
Published : March 29, 2025, 12:15 a.m. | 1 hour, 44 minutes ago
Description : IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-7577 - IBM InfoSphere Information Server Credentials Disclosure Vulnerability
CVE ID : CVE-2024-7577
Published : March 29, 2025, 12:15 a.m. | 1 hour, 44 minutes ago
Description : IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-7577
Published : March 29, 2025, 12:15 a.m. | 1 hour, 44 minutes ago
Description : IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31367 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-31367
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31367
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31368 - Apache HTTP Server Command Injection
CVE ID : CVE-2025-31368
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31368
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31369 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-31369
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31369
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31370 - Apache HTTP Server Denial of Service
CVE ID : CVE-2025-31370
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31370
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31371 - Apache HTTP Server Command Injection
CVE ID : CVE-2025-31371
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31371
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31372 - Cisco Webex Meeting Server Unvalidated Redirect
CVE ID : CVE-2025-31372
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31372
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31373 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-31373
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31373
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31374 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-31374
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31374
Published : March 29, 2025, 4:15 a.m. | 1 hour, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-1217 - Apache HTTP Server HTTP Response Header Parsing Vulnerability
CVE ID : CVE-2025-1217
Published : March 29, 2025, 6:15 a.m. | 3 hours, 43 minutes ago
Description : In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME types, etc.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-1217
Published : March 29, 2025, 6:15 a.m. | 3 hours, 43 minutes ago
Description : In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME types, etc.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-13557 - United Themes WordPress Shortcodes Arbitrary Execution Vulnerability
CVE ID : CVE-2024-13557
Published : March 29, 2025, 7:15 a.m. | 2 hours, 44 minutes ago
Description : The Shortcodes by United Themes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.1.6. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-13557
Published : March 29, 2025, 7:15 a.m. | 2 hours, 44 minutes ago
Description : The Shortcodes by United Themes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.1.6. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...