NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-34506	WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability that allows administrators to upload malicious modules....	2025-12-11	8.6	NETWORK	HIGH	NVD
CVE-2025-34504	KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers ca...	2025-12-11	5.3	NETWORK	MEDIUM	NVD
CVE-2025-34499	AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with eleva...	2025-12-11	6.9	NETWORK	MEDIUM	NVD
CVE-2025-13668	A potential security vulnerability in Quartus® Prime Pro Edition Design Software may allow escalation of privilege.	2025-12-11	6.7	LOCAL	MEDIUM	NVD
CVE-2024-58313	xbtitFM 4.1.18 contains an insecure file upload vulnerability that allows authenticated attackers with administrative privileges to upload and execute...	2025-12-11	8.6	NETWORK	HIGH	NVD
CVE-2024-58312	xbtitFM 4.1.18 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL para...	2025-12-11	8.7	NETWORK	HIGH	NVD
CVE-2024-58310	APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipu...	2025-12-11	8.7	NETWORK	HIGH	NVD
CVE-2024-58309	xbtitFM 4.1.18 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries by injecting malici...	2025-12-11	8.7	NETWORK	HIGH	NVD
CVE-2024-58308	Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating the login fo...	2025-12-11	9.3	NETWORK	CRITICAL	NVD
CVE-2024-58307	CSZCMS 1.3.0 contains an authenticated SQL injection vulnerability in the members view functionality that allows authenticated attackers to manipulate...	2025-12-11	9.3	NETWORK	CRITICAL	NVD
CVE-2024-58306	minaliC 2.0.0 contains a denial of service vulnerability that allows remote attackers to crash the web server by sending oversized GET requests. Attac...	2025-12-11	8.7	NETWORK	HIGH	NVD
CVE-2024-58304	SPA-CART CMS 1.9.0.3 contains a stored cross-site scripting vulnerability in the product description parameter that allows authenticated administrator...	2025-12-11	7.5	NETWORK	HIGH	NVD
CVE-2024-58303	FoF Pretty Mail 1.1.2 contains a server-side template injection vulnerability that allows administrative users to inject malicious code into email tem...	2025-12-11	8.6	NETWORK	HIGH	NVD
CVE-2024-58302	FoF Pretty Mail 1.1.2 contains a local file inclusion vulnerability that allows administrative users to include arbitrary server files in email templa...	2025-12-11	6.9	NETWORK	MEDIUM	NVD
CVE-2024-58301	Purei CMS 1.0 contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through unfiltered user inp...	2025-12-11	9.3	NETWORK	CRITICAL	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.