NA - CVE-2024-48590 - Inflectra SpiraTeam 7.2.00 is vulnerable to...
Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information.
NA - CVE-2025-0254 - HCL Digital Experience components Ring API and...
HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226. An attacker could intercept and potentially alter communication...
NA - CVE-2025-29410 - A cross-site scripting (XSS) vulnerability in...
A cross-site scripting (XSS) vulnerability in the component /contact.php of Hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...
NA - CVE-2025-29412 - A cross-site scripting (XSS) vulnerability in...
A cross-site scripting (XSS) vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted...
NA - CVE-2024-48591 - Inflectra SpiraTeam 7.2.00 is vulnerable to...
Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing.
NA - CVE-2025-29411 - An arbitrary file upload vulnerability in the...
An arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
Medium - CVE-2025-2546 - A vulnerability classified as problematic was...
A vulnerability classified as problematic was found in D-Link DIR-618 and DIR-605L 2.02/3.02. This vulnerability affects unknown code of the file /goform/formAdvFirewall of the component Firewall...