Low - CVE-2025-1905 - A vulnerability, which was classified as...
A vulnerability, which was classified as problematic, was found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file employee.php. The manipulation of the...
Medium - CVE-2025-1906 - A vulnerability has been found in PHPGurukul...
A vulnerability has been found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation...
NA - CVE-2024-13685 - The Admin and Site Enhancements (ASE) WordPress...
The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate their value to bypass the...
NA - CVE-2024-47259 - Girishunawane, member of the AXIS OS Bug Bounty...
Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi did not have a sufficient input validation allowing for a possible command injection leading...
NA - CVE-2024-47260 - 51l3nc3, member of the AXIS OS Bug Bounty...
51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API mediaclip.cgi did not have a sufficient input validation allowing for uploading more audio clips then designed...
NA - CVE-2024-47262 - Dzmitry Lukyanenka, member of the AXIS OS Bug...
Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the web...
NA - CVE-2025-0359 - During an annual penetration test conducted on...
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the ACAP Application framework that allowed applications to access restricted D-Bus methods...
NA - CVE-2025-0360 - During an annual penetration test conducted on...
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could lead to an incorrect user privilege...
NA - CVE-2024-48248 - NAKIVO Backup & Replication before 11.0.0.88174...
NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise...