Filter and search through 196,377 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-40730 | HTML injection in Vox Media's Chorus CMS. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a m... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2025-40727 | A Reflected Cross Site Scripting (XSS) vulnerability was found in '/search' in Phoenix Site CMS from Phoenix, which allows remote attackers to execute... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40726 | Reflected Cross-Site Scripting (XSS) vulnerability in /pages/search-results-page in Nosto, which allows remote attackers to execute arbitrary code via... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40725 | Reflected Cross-Site Scripting (XSS) vulnerability in Azon Dominator. This vulnerability allows an attacker to execute JavaScript code in the victim's... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40724 | Stored Cross-Site Scripting (XSS) vulnerability in Pharmacy POS PHP Script. This vulnerability allows an attacker to execute JavaScript code in the vi... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40723 | Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of prope... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40722 | Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of prope... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40710 | Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web appli... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40698 | SQL injection vulnerability in Prevengos v2.44 by Nedatec Consulting. This vulnerability allows an attacker to retrieve, create, update, and delete da... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40681 | Cross-site Scripting (XSS) vulnerability reflected in xCally's Omnichannel v3.30.1. This vulnerability allowsan attacker to executed JavaScript code i... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40680 | Lack of sensitive data encryption in CapillaryScope v2.5.0 of Capillary io, which stores both the proxy credentials and the JWT session token in plain... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40679 | HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POS... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40678 | Unrestricted upload vulnerability for dangerous file types on Summar Software´s Portal del Empleado. This vulnerability allows an attacker to upload a... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40677 | SQL injection vulnerability in Summar Software´s Portal del Empleado. This vulnerability allows an attacker to retrieve, create, update, and delete th... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-40676 | Insecure Direct Object Reference (IDOR) in Negotiator v3.15.2 from Biobanking and Biomolecular Resources - European Research Infrastructure (BBMRI-ERI... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40674 | Reflected Cross-Site Scripting (XSS) in osCommerce v4. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sen... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40673 | A Missing Authorization vulnerability has been found in DinoRANK. This vulnerability allows an attacker to access invoices of any user via accessing... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40672 | A Privilege Escalation vulnerability has been found in ProactivaNet v3.24.0.0 from Grupo Espiral MS. This vulnerability allows any user to override th... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40671 | SQL injection vulnerability in AES Multimedia's Gestnet v1.07. This vulnerability allows an attacker to retrieve, create, update and delete databases ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40663 | Stored Cross-Site Scripting (XSS) vulnerability in i2A-Cronos version 23.02.01.17, from i2A. It allows an authenticated attacker to upload a malicious... | 0.0 | 0 | Neutral | No | No |