Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Sort by:
Updated/
Published
Filtred: Bugs
Risk
Topic & Details
2025-12-28
Low
Wordpress (Easy Hide Login) plugin Stored XSS
Remote
Mr.Falcon
2025-12-27
Low
PMB SIGB 7.x - SQL Injection
Remote
DZ Mind Injector
Low
RosarioSIS 6.7.2 Cross Site Scripting (XSS)
CVE
CWE
Remote
CodeSecLab
High
River_Past_Audio_Converter - Buffer Overflow (SEH)
Local
Achilles
2025-12-24
Med.
Backdoor.Win32.Poison.jh / Insecure Permissions
Local
malvuln
Med.
Backdoor.Win32.Netbus.170 / Insecure Credential Storage
Local
malvuln
Med.
promchimexport - SQL Injection
Remote
javad rashidi
High
Ultimate Interactive Exploitation Framework for CVE-2025-55182 (React2Shell)
CVE
Remote
nu11secur1ty
2025-12-21
Med.
openSIS Community Edition 8.0 SQL Injection
CVE
CWE
Remote
CodeSecLab
Med.
cmkoo - SQL Injection
Remote
javad rashidi
High
HEUR.Backdoor.Win32.Poison.gen / Arbitrary Code Execution
Local
malvuln
High
Backdoor.Win32.ControlTotal.t / Insecure Credential Storage / MVID-2025-0702
Local
malvuln
2025-12-17
Med.
Summar Employee Portal 3.98.0 Authenticated SQL Injection
CVE
CWE
Remote
Peter Gabaldon
2025-12-14
Med.
Windows LNK File UI Misrepresentation Remote Code Execution
CVE
Remote
nu11secur1ty
High
Microsoft Windows Media Player WMDRM 'RES://' URI Arbitrary Code Execution Vulnerability
Remote
Eduardo Braun Prado
Low
phpMyFAQ 3.1.7 Reflected Cross-Site Scripting (XSS)
CVE
CWE
Remote
CodeSecLab
High
Pluck 4.7.7-dev2 PHP Code Execution
CVE
Remote
CodeSecLab
Med.
R.s.W - Sql Injection
Remote
Itqchi
Med.
NetBT e-Fatura 'InboxProcessor' Unquoted Service Path Privilege Escalation
CVE
CWE
Local
Seccops
2025-12-09
Med.
BigAnt Office Messenger 5.6.06 SQL Injection
CVE
CWE
Remote
Nicat Abbasov
Med.
phpIPAM 1.5.1 SQL Injection
CVE
CWE
Remote
CodeSecLab
High
Flask 3.0.0 CookApp - Multiple Unauthenticated RCE Vulnerabilities
Remote
Local
nu11secur1ty
High
Flask 3.1.2 CookApp - Multiple - RCE-Unauthenticated-access
Remote
Local
nu11secur1ty
High
XWiki Platform 15.10.10 Metasploit Module for Remote Code Execution (RCE)
CVE
Remote
Maksim Rogov
2025-12-01
Med.
cr-led - SQL Injection
Remote
javad rashidi
Med.
My Admin (Powered By Learning Impact) - SQL Injection Authentication Bypass
CWE
Remote
6ickzone
2025-11-24
High
Fortinet FortiWeb Auth-8.0.0 Bypass CVE-2025-64446
CVE
Remote
nu11secur1ty
High
Royal Elementor Addons - Unauthenticated Remote Code Execution
CVE
CWE
Remote
ibrahimsql
Med.
Oracle WebLogic Server and allows remote code execution
CVE
Remote
nu11secur1ty
2025-11-19
Med.
Fortinet FortiWeb Auth-8.0.0 Bypass CVE-2025-64446
Remote
nu11secur1ty
2025-11-17
High
Fortinet FortiWeb Auth. Bypass
CVE
Remote
nu11secur1ty
2025-11-13
Med.
Logitech Streamlabs Desktop 1.19.6 (overlay) CPU Exhaustion
Remote
Local
LiquidWorm
Med.
is-localhost-ip 2.0.0 - SSRF via Restrictions bypass
Remote
nu11secur1ty
Low
moew.government.bg Cross-site scripting (reflected)
Remote
nu11secur1ty
2025-11-07
Low
hop.bg | web app | Cross-site scripting (reflected)
Remote
nu11secur1ty
Med.
3kits template via imgGallery.php SQL Injection id parameter
Remote
Hossein_0xB
2025-11-04
Low
ModernShop - RXSS
CVE
CWE
Remote
CraCkEr
Med.
3kits template SQL Injection via imgGallery.php id parameter
Remote
Hossein_0xB
High
Desktop Window Manager (DWM) Core Library — Heap-based Buffer Overflow (sanitized evidence)
CVE
Local
nu11secur1ty
2025-11-01
High
Exim tls-openssl.c — Use-After-Free: unauthenticated Remote Code Execution
CVE
CWE
Remote
CyberSploit
Low
Wisenshop - Stored XSS
CVE
CWE
Remote
CraCkEr
2025-10-29
Low
RiteCMS 3.1.0 Cross Site Scripting
Remote
Chokri Hammedi
Med.
GeoVision ASManager Windows Application 6.1.2.0 Credentials Disclosure
CVE
Remote
Giorgi Dograshvili
2025-10-27
High
WordPress Backup Migration 1.3.7: Remote Command Execution
CVE
Remote
DANG
2025-10-23
Med.
Cleartext Storage of Sensitive Information in Memory in Easywork Enterprise
Remote
Ivan
2025-10-21
Med.
Fedora Gnome Privilege Escalation
Local
Tavis Ormandy
Med.
greenlife-Copyright©2025-Multiple-SQLi
Remote
nu11secur1ty
Med.
Student Record System 3.20 - 'id' Parameter Time-based Blind SQL Injection
CWE
Remote
Şeyma Yaldız
2025-10-12
Low
Perfex CRM Chatbot Cross Site Scripting
CVE
Remote
Ajansha
2025-10-09
Low
DirectAdmin v1.680 DOM Injection via return-to Parameter
CVE
Remote
Scott Sturrock
2025-10-07
Med.
GaatiTrack-1.0 Copyright©2025-Multiple-SQLi - Metasploit module
Remote
nu11secur1ty
2025-10-05
Med.
CPAS Audit Management Information System 4.9 SQL Injection
Remote
songqb-xx
Low
ERPNext 15.67.0 / Frappe 15.72.4 Cross Site Scripting
CVE
Remote
Mohammed Aloli
2025-10-01
Low
nopCommerce 4.40.3 - Stored Cross-Site Scripting (XSS)
CVE
Remote
Scott Sturrock
Med.
DirectAdmin v1.680 DOM Injection via return-to Parameter (UI Misrepresentation)
CVE
Remote
Scott Sturrock
2025-09-30
Med.
WordPress Quentn WP 1.2.8 Privilege Escalation
Local
Nxploited
High
StoryChief Wordpress Plugin 1.0.42 Arbitrary File Upload
CVE
CWE
Remote
xpl0dec
2025-09-27
Low
FVGFL - Cross Site Scripting Vulnerability (XSS)
Remote
Mahdi Karimi
Low
MatterMost information disclosure
Local
parsa rezaie khiabanlo...
2025-09-21
High
aaPanel 7.x.x Remote Command Execution
CVE
Remote
Alasdair Gorniak
Copyright
2026
, cxsecurity.com
Back to Top
