Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Vulnerabilidades CVE
Todos el contenido
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Todo el contenido
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Noticias
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-13251
2025-11-16
MEDIUM
6.3
A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The attack may be launched…
CVE-2025-13250
2025-11-16
MEDIUM
6.3
A vulnerability was detected in WeiYe-Jing datax-web up to 2.1.2. This impacts the function remove/update/pause/start/triggerJob of the component Job Handler. Performing manipulation results in improper access controls. The…
CVE-2025-13249
2025-11-16
MEDIUM
6.3
A security vulnerability has been detected in Jiusi OA up to 20251102. This affects an unknown function of the file /OfficeServer?isAjaxDownloadTemplate=false of the component OfficeServer Interface. Such manipulation…
CVE-2025-13248
2025-11-16
HIGH
7.3
A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is an unknown function of the file /php/api_patient_schedule.php. This manipulation of…
CVE-2025-13247
2025-11-16
HIGH
7.3
A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument…
CVE-2025-13246
2025-11-16
MEDIUM
6.3
A vulnerability was identified in shsuishang ShopSuite ModulithShop up to 45a99398cec3b7ad7ff9383694f0b53339f2d35a. Impacted is the function JwtAuthenticationFilter of the file src/main/java/com/suisung/shopsuite/common/security/JwtAuthenticationFilter.java. The manipulation leads to path traversal. It is…
CVE-2025-13245
2025-11-16
LOW
3.5
A vulnerability was identified in code-projects Student Information System 2.0. The impacted element is an unknown function of the file /editprofile.php. Such manipulation leads to cross site scripting.…
CVE-2025-13244
2025-11-16
MEDIUM
4.3
A vulnerability was determined in code-projects Student Information System 2.0. The affected element is an unknown function of the file /register.php. This manipulation causes cross site scripting. It…
CVE-2025-13243
2025-11-16
MEDIUM
6.3
A vulnerability was found in code-projects Student Information System 2.0. Impacted is an unknown function of the file /editprofile.php. The manipulation results in sql injection. The attack may…
CVE-2025-13242
2025-11-16
HIGH
7.3
A vulnerability has been found in code-projects Student Information System 2.0. This issue affects some unknown processing of the file /register.php. The manipulation leads to sql injection. The…
CVE-2025-13241
2025-11-16
HIGH
7.3
A flaw has been found in code-projects Student Information System 2.0. This vulnerability affects unknown code of the file /index.php. Executing manipulation of the argument Username can lead…
CVE-2025-13240
2025-11-16
HIGH
7.3
A vulnerability was detected in code-projects Student Information System 2.0. This affects an unknown part of the file /searchquery.php. Performing manipulation of the argument s results in sql…
CVE-2025-13239
2025-11-16
MEDIUM
4.3
A security vulnerability has been detected in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution 5. Affected by this issue is some unknown functionality of the file /submit_checkout.…
CVE-2025-13238
2025-11-16
MEDIUM
6.3
A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this vulnerability is an unknown functionality of the file /agent/profile/edit of the component Edit Profile…
CVE-2025-13237
2025-11-16
HIGH
7.3
A security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. The manipulation of the argument U_USERNAME results…
CVE-2025-12482
2025-11-16
HIGH
7.5
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including,…
CVE-2025-13236
2025-11-16
MEDIUM
6.3
A vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=edit. The manipulation of the argument ID leads to sql…
CVE-2025-13235
2025-11-16
HIGH
7.3
A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipulation of the argument user_email can lead to…
CVE-2025-13234
2025-11-16
MEDIUM
6.3
A vulnerability was found in itsourcecode Inventory Management System 1.0. The impacted element is an unknown function of the file /index.php?q=product. Performing manipulation of the argument PROID results…
CVE-2025-13233
2025-11-16
HIGH
7.3
A vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=single-item. Such manipulation of the argument ID…
CVE-2025-13232
2025-11-16
LOW
3.5
A flaw has been found in projectsend up to r1720. Impacted is an unknown function of the component File Editor/Custom Download Aliases. This manipulation causes cross site scripting.…
CVE-2025-2448
2025-11-15
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-13221
2025-11-15
MEDIUM
5.3
A weakness has been identified in Intelbras UnniTI 24.07.11. The affected element is an unknown function of the file /xml/sistema/usuarios.xml. Executing manipulation of the argument Usuario/Senha can lead…
CVE-2025-13210
2025-11-15
MEDIUM
4.7
A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=add. Such manipulation of the argument PROMODEL leads…
CVE-2025-13209
2025-11-15
MEDIUM
6.3
A weakness has been identified in bestfeng oa_git_free up to 9.5. This affects the function updateWriteBack of the file yimioa-oa9.5\server\c-flow\src\main\java\com\cloudweb\oa\controller\WorkflowPredefineController.java. This manipulation of the argument writeProp causes xml…
CVE-2025-13208
2025-11-15
MEDIUM
6.3
A security flaw has been discovered in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. The impacted element is an unknown function of the file controller/api/hotelList.php. The manipulation of the…
CVE-2025-13203
2025-11-15
HIGH
7.3
A weakness has been identified in code-projects Simple Cafe Ordering System 1.0. This vulnerability affects unknown code of the file /addmem.php. Executing manipulation of the argument studentnum can…
CVE-2025-13202
2025-11-15
LOW
3.5
A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects an unknown part of the file /add_to_cart. Performing manipulation of the argument product_name…
CVE-2025-13201
2025-11-15
HIGH
7.3
A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /login.php. Such manipulation of the argument…
CVE-2025-13200
2025-11-15
MEDIUM
5.3
A vulnerability was determined in SourceCodester Farm Management System 1.0. Affected by this vulnerability is an unknown functionality. This manipulation causes exposure of information through directory listing. The…
CVE-2025-13199
2025-11-15
MEDIUM
5.3
A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path…
CVE-2025-13198
2025-11-15
MEDIUM
4.7
A vulnerability has been found in DouPHP up to 1.8 Release 20251022. This impacts an unknown function of the file upload/include/file.class.php. The manipulation of the argument File leads…
CVE-2025-12983
2025-11-15
LOW
3.5
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated…
CVE-2025-7736
2025-11-15
LOW
3.1
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated…
CVE-2025-7000
2025-11-15
MEDIUM
4.3
An issue has been discovered in GitLab CE/EE affecting all versions from 17.6 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that, under specific conditions, could have…
CVE-2025-6945
2025-11-15
LOW
3.5
GitLab has remediated an issue in GitLab EE affecting all versions from 17.8 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated…
CVE-2025-6171
2025-11-15
MEDIUM
5.3
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated…
CVE-2025-2615
2025-11-15
MEDIUM
4.3
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.7 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that could have allowed a blocked…
CVE-2025-11990
2025-11-15
LOW
3.1
GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to gain…
CVE-2025-11865
2025-11-15
MEDIUM
4.3
An issue has been discovered in GitLab EE affecting all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that, under certain circumstances, could have…
CVE-2025-13191
2025-11-15
HIGH
8.8
A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This issue affects the function soapcgi_main of the file /soap.cgi. This manipulation causes stack-based buffer overflow. It is possible to…
CVE-2025-13190
2025-11-15
HIGH
8.8
A vulnerability was found in D-Link DIR-816L 2_06_b09_beta. This vulnerability affects the function scandir_main of the file /portal/__ajax_exporer.sgi. The manipulation of the argument en results in stack-based buffer…
CVE-2025-12849
2025-11-15
MEDIUM
5.3
The Contest Gallery plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 28.0.2. This is due to the plugin registering the `cg_check_wp_admin_upload_v10`…
CVE-2025-8994
2025-11-15
MEDIUM
6.5
The Project Management, Team Collaboration, Kanban Board, Gantt Charts, Task Manager and More – WP Project Manager plugin for WordPress is vulnerable to time-based SQL Injection via the…
CVE-2025-13189
2025-11-15
HIGH
8.8
A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument SERVER_ID/HTTP_SID leads to stack-based buffer…
CVE-2025-12847
2025-11-15
MEDIUM
4.3
The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to unauthorized arbitrary media attachment deletion due…
CVE-2025-12494
2025-11-15
MEDIUM
4.3
The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ajax_import_file function…
CVE-2025-65072
2025-11-15
N/A
0.0
Rejected reason: Not used
CVE-2025-65071
2025-11-15
N/A
0.0
Rejected reason: Not used
CVE-2025-65070
2025-11-15
N/A
0.0
Rejected reason: Not used
« Anterior
Página 289 de 3934
Siguiente »
Page load link
Go to Top
