| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-54477 | Joomla! Core - [20250902] User-Enumeration in passkey authentication method | Joomla! Project | Joomla! CMS | - | - | 2025-09-30 16:02:40 | Deep Dive |
| CVE-2025-54476 | Joomla! Core - [20250901] Inadequate content filtering within the checkAttribute filter code | Joomla! Project | Joomla! CMS | - | - | 2025-09-30 16:02:39 | Deep Dive |
| CVE-2025-8122 | Blind SQL Injection in PAD CMS | Polska Akademia Dostępności | PAD CMS | - | - | 2025-09-30 10:05:21 | Deep Dive |
| CVE-2025-8121 | Blind SQL Injection in PAD CMS | Polska Akademia Dostępności | PAD CMS | - | - | 2025-09-30 10:05:13 | Deep Dive |
| CVE-2025-8120 | Remote Code Execution via Unrestricted File Upload in PAD CMS | Polska Akademia Dostępności | PAD CMS | - | - | 2025-09-30 10:05:03 | Deep Dive |
| CVE-2025-8119 | Cross-Site Request Forgery in PAD CMS | Polska Akademia Dostępności | PAD CMS | - | - | 2025-09-30 10:04:55 | Deep Dive |
| CVE-2025-8118 | Bruteforce Protection Bypass in PAD CMS | Polska Akademia Dostępności | PAD CMS | - | - | 2025-09-30 10:04:46 | Deep Dive |
| CVE-2025-8117 | Account Takeover via Reset Password Functionality in PAD CMS | Polska Akademia Dostępności | PAD CMS | - | - | 2025-09-30 10:04:38 | Deep Dive |
| CVE-2025-8116 | Reflected XSS in PAD CMS | Polska Akademia Dostępności | PAD CMS | - | - | 2025-09-30 10:04:26 | Deep Dive |
| CVE-2025-7065 | Remote Code Execution via Unrestricted File Upload in PAD CMS | Polska Akademia Dostępności | PAD CMS | - | - | 2025-09-30 10:04:07 | Deep Dive |
| CVE-2025-7063 | Remote Code Execution via Unrestricted File Upload in PAD CMS | Polska Akademia Dostępności | PAD CMS | - | - | 2025-09-30 10:03:59 | Deep Dive |
| CVE-2025-11136 | YiFang CMS Backend File.php webUploader unrestricted upload | YiFang | CMS | Medium | 4.7 | 2025-09-29 02:02:05 | Deep Dive |
| CVE-2025-11019 | Total.js CMS Files Menu cross site scripting | Total.js | CMS | Low | 2.4 | 2025-09-26 14:32:07 | Deep Dive |
| CVE-2025-10940 | Total.js CMS Layout admin layouts_save cross site scripting | Total.js | CMS | Low | 2.4 | 2025-09-25 10:32:05 | Deep Dive |
| CVE-2025-58687 | WordPress Current Age Plugin Plugin <= 1.6 - Cross Site Request Forgery (CSRF) Vulnerability | WP CMS Ninja | Current Age Plugin | High | 7.1 | 2025-09-22 18:22:43 | Deep Dive |
| CVE-2025-10712 | 07FLYCMS/07FLY-CMS/07FlyCRM login sql injection | - | 07FLYCMS | High | 7.3 | 2025-09-19 13:32:06 | Deep Dive |
| CVE-2025-10711 | 07FLYCMS/07FLY-CMS/07FlyCRM Login cross site scripting | - | 07FLYCMS | Medium | 4.3 | 2025-09-19 12:32:12 | Deep Dive |
| CVE-2025-10710 | 07FLYCMS/07FLY-CMS/07FlyCRM index.php cross site scripting | - | 07FLYCMS | Medium | 4.3 | 2025-09-19 12:32:09 | Deep Dive |
| CVE-2025-10320 | iteachyou Dreamer CMS updatePwd weak password | iteachyou | Dreamer CMS | Low | 3.1 | 2025-09-12 16:02:07 | Deep Dive |
| CVE-2025-59019 | Information Disclosure via CSV Download | TYPO3 | TYPO3 CMS | - | - | 2025-09-09 09:01:18 | Deep Dive |