NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-50867	A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0, where the Q5 POST parameter is directl...	2025-07-31	6.5	NETWORK	MEDIUM	NVD
CVE-2025-50850	An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential security controls such as CAPTCHA verification and rat...	2025-07-31	8.6	NETWORK	HIGH	NVD
CVE-2025-50848	A file upload vulnerability was discovered in CS Cart 4.18.3, allows attackers to execute arbitrary code. CS Cart 4.18.3 allows unrestricted upload of...	2025-07-31	6.1	NETWORK	MEDIUM	NVD
CVE-2025-50847	Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list via a crafted HTTP req...	2025-07-31	6.5	NETWORK	MEDIUM	NVD
CVE-2025-46809	A Insertion of Sensitive Information into Log File vulnerability in SUSE Multi Linux Manager exposes the HTTP proxy credentials. This issue affects Co...	2025-07-31	5.7	NETWORK	MEDIUM	NVD
CVE-2025-29556	ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3, ExaGrid enforces restrictions preventing users with the Adm...	2025-07-31	7.3	NETWORK	HIGH	NVD
CVE-2025-8408	A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. Affected is an unknown function of the file /fil...	2025-07-31	7.3	NETWORK	HIGH	NVD
CVE-2025-52289	A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted reques...	2025-07-31	8.0	NETWORK	HIGH	NVD
CVE-2025-51569	A cross-site scripting (XSS) vulnerability exists in the LB-Link BL-CPE300M 01.01.02P42U14_06 router's web interface. The /goform/goform_get_cmd_proce...	2025-07-31	6.1	NETWORK	MEDIUM	NVD
CVE-2025-50849	CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR). The user profile functionality allows enabling or disabling stickers through ...	2025-07-31	8.0	NETWORK	HIGH	NVD
CVE-2025-50475	An OS command injection vulnerability exists in Russound MBX-PRE-D67F firmware version 3.1.6, allowing unauthenticated attackers to execute arbitrary ...	2025-07-31	9.8	NETWORK	CRITICAL	NVD
CVE-2025-50270	A stored Cross Site Scripting (xss) vulnerability in the "content management" feature in AnQiCMS v.3.4.11 allows a remote attacker to execute arbitrar...	2025-07-31	6.1	NETWORK	MEDIUM	NVD
CVE-2025-34146	A prototype pollution vulnerability exists in @nyariv/sandboxjs versions <= 0.8.23, allowing attackers to inject arbitrary properties into Object.prot...	2025-07-31	7.0	LOCAL	HIGH	NVD
CVE-2025-29557	ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint, where users with operator-level privileg...	2025-07-31	5.4	NETWORK	MEDIUM	NVD
CVE-2024-34328	An open redirect in Sielox AnyWare v2.1.2 allows attackers to execute a man-in-the-middle attack via a crafted URL.	2025-07-31	6.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.