| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-53901 | WBCE CMS 1.6.1 Cross-Site Scripting and Open Redirect Vulnerability | Unknown | WBCE CMS | Medium | 5.4 | 2025-12-16 17:03:48 | Deep Dive |
| CVE-2023-53892 | Blackcat CMS 1.4 Remote Code Execution via Jquery Plugin Manager | blackcat-cms | Blackcat CMS | - | - | 2025-12-15 20:28:25 | Deep Dive |
| CVE-2023-53891 | Blackcat CMS 1.4 Stored Cross-Site Scripting via Page Modification | blackcat-cms | Blackcat CMS | - | - | 2025-12-15 20:28:24 | Deep Dive |
| CVE-2023-53884 | Webedition CMS v2.9.8.8 Stored Cross-Site Scripting via SVG Upload | Webedition | Webedition CMS | - | - | 2025-12-15 20:28:21 | Deep Dive |
| CVE-2023-53883 | Webedition CMS v2.9.8.8 Remote Code Execution via PHP Page Creation | Webedition | Webedition CMS | - | - | 2025-12-15 20:28:20 | Deep Dive |
| CVE-2025-34506 | WBCE CMS 1.6.3 Authenticated Remote Code Execution via Module Upload | WBCE | WBCE CMS | - | - | 2025-12-11 21:44:04 | Deep Dive |
| CVE-2024-58308 | Quick.CMS 6.7 SQL Injection Authentication Bypass via Admin Login | opensolution | Quick.CMS | - | - | 2025-12-11 21:42:10 | Deep Dive |
| CVE-2024-58304 | SPA-CART CMS 1.9.0.3 Stored Cross-Site Scripting | SPA-Cart | SPA-CART CMS | High | 7.5 | 2025-12-11 21:40:42 | Deep Dive |
| CVE-2024-58301 | Purei CMS 1.0 SQL Injection via Multiple Vulnerable Endpoints | purei | Purei CMS | - | - | 2025-12-11 21:39:50 | Deep Dive |
| CVE-2024-58283 | WBCE CMS 1.6.2 Remote Code Execution via Elfinder File Upload | wbce | WBCE CMS | - | - | 2025-12-10 21:14:55 | Deep Dive |
| CVE-2025-66625 | Umbraco Vulnerable to Improper File Access and Credential Exposure through Dictionary Import Functionality | umbraco | Umbraco-CMS | Medium | 4.9 | 2025-12-09 20:09:27 | Deep Dive |
| CVE-2025-66571 | UNA CMS 9.0.0-RC1 - 14.0.0-RC4 PHP Object Injection | Unknown | UNA CMS | - | - | 2025-12-04 20:43:52 | Deep Dive |
| CVE-2025-66468 | Aimeos GrapesJS CMS extension possible stores XSS exploitable by authenticated editors | aimeos | ai-cms-grapesjs | High | 7.6 | 2025-12-02 18:40:44 | Deep Dive |
| CVE-2025-13561 | SourceCodester Company Website CMS index.php sql injection | SourceCodester | Company Website CMS | High | 7.3 | 2025-11-23 17:32:06 | Deep Dive |
| CVE-2025-13560 | SourceCodester Company Website CMS reset-password.php sql injection | SourceCodester | Company Website CMS | High | 7.3 | 2025-11-23 17:02:06 | Deep Dive |
| CVE-2025-59116 | User enumeration in Windu CMS | JCD | Windu CMS | - | - | 2025-11-18 13:26:57 | Deep Dive |
| CVE-2025-59111 | Broken Access Control in Windu CMS | JCD | Windu CMS | - | - | 2025-11-18 13:26:39 | Deep Dive |
| CVE-2025-59117 | Multiple Stored XSS in Windu CMS | JCD | Windu CMS | - | - | 2025-11-18 13:26:33 | Deep Dive |
| CVE-2025-59114 | Cross-Site Request Forgery in Windu CMS | JCD | Windu CMS | - | - | 2025-11-18 13:26:32 | Deep Dive |
| CVE-2025-59113 | Bruteforce Protection Bypass in Windu CMS | JCD | Windu CMS | - | - | 2025-11-18 13:26:32 | Deep Dive |