| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-47681 | WordPress Web Accessibility with Max Access plugin <= 2.0.9 - Cross Site Request Forgery (CSRF) Vulnerability | Ability, Inc | Web Accessibility with Max Access | Medium | 4.3 | 2025-05-07 14:20:54 | Deep Dive |
| CVE-2025-3020 | Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting | Wiesemann & Theis | ERP-Gateway 12x Digital Input, 6x Digital Relais | Medium | 5.4 | 2025-05-06 08:01:59 | Deep Dive |
| CVE-2025-4314 | SourceCodester Advanced Web Store index.php sql injection | SourceCodester | Advanced Web Store | High | 7.3 | 2025-05-06 04:31:08 | Deep Dive |
| CVE-2025-4313 | SourceCodester Advanced Web Store admin_addnew_product.php sql injection | SourceCodester | Advanced Web Store | High | 7.3 | 2025-05-06 04:31:05 | Deep Dive |
| CVE-2025-4312 | SourceCodester Advanced Web Store productdetail.php sql injection | SourceCodester | Advanced Web Store | High | 7.3 | 2025-05-06 04:00:10 | Deep Dive |
| CVE-2025-4022 | web-arena-x webarena evaluators.py HTMLContentEvaluator code injection | web-arena-x | webarena | Medium | 6.3 | 2025-04-28 13:31:04 | Deep Dive |
| CVE-2025-4000 | Seeyon Zhiyuan OA Web Application System ssoproxy.jsp cross site scripting | Seeyon | Zhiyuan OA Web Application System | Low | 3.5 | 2025-04-28 04:00:07 | Deep Dive |
| CVE-2025-3999 | Seeyon Zhiyuan OA Web Application System URL Parameter date.jsp cross site scripting | Seeyon | Zhiyuan OA Web Application System | Low | 3.5 | 2025-04-28 03:31:06 | Deep Dive |
| CVE-2025-3928 | Commvault Web Server unspecified vulnerability | Commvault | Web Server | High | 8.8 | 2025-04-25 15:56:28 | Deep Dive |
| CVE-2025-0632 | Local File Inclusion (LFI) leading to sensitive data exposure | Formulatrix | Rock Maker Web | 中危 | - | 2025-04-21 05:27:06 | Deep Dive |
| CVE-2025-3826 | SourceCodester Web-based Pharmacy Product Management System add-supplier.php cross site scripting | SourceCodester | Web-based Pharmacy Product Management System | Low | 2.4 | 2025-04-20 13:00:12 | Deep Dive |
| CVE-2025-3825 | SourceCodester Web-based Pharmacy Product Management System add-category.php cross site scripting | SourceCodester | Web-based Pharmacy Product Management System | Low | 2.4 | 2025-04-20 11:31:05 | Deep Dive |
| CVE-2025-3824 | SourceCodester Web-based Pharmacy Product Management System add-product.php cross site scripting | SourceCodester | Web-based Pharmacy Product Management System | Low | 2.4 | 2025-04-20 11:00:09 | Deep Dive |
| CVE-2025-3823 | SourceCodester Web-based Pharmacy Product Management System add-stock.php cross site scripting | SourceCodester | Web-based Pharmacy Product Management System | Low | 2.4 | 2025-04-20 10:31:06 | Deep Dive |
| CVE-2025-3822 | SourceCodester Web-based Pharmacy Product Management System changepassword.php cross site scripting | SourceCodester | Web-based Pharmacy Product Management System | Low | 2.4 | 2025-04-20 06:31:05 | Deep Dive |
| CVE-2025-3821 | SourceCodester Web-based Pharmacy Product Management System add-admin.php cross site scripting | SourceCodester | Web-based Pharmacy Product Management System | Low | 2.4 | 2025-04-20 04:00:13 | Deep Dive |
| CVE-2025-3818 | webpy web.py db.py PostgresDB._process_insert_query sql injection | webpy | web.py | Medium | 6.3 | 2025-04-19 19:31:20 | Deep Dive |
| CVE-2024-45651 | IBM Sterling Connect:Direct Web Services session fixation | IBM | Sterling Connect:Direct Web Services | Medium | 6.3 | 2025-04-18 11:04:56 | Deep Dive |
| CVE-2024-49808 | IBM Sterling Connect:Direct Web Services improper authorization | IBM | Sterling Connect:Direct Web Services | Medium | 6.3 | 2025-04-18 11:03:59 | Deep Dive |
| CVE-2025-3783 | SourceCodester Web-based Pharmacy Product Management System add-product.php unrestricted upload | SourceCodester | Web-based Pharmacy Product Management System | Medium | 6.3 | 2025-04-18 05:31:05 | Deep Dive |