| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-49559 | Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) | Adobe | Adobe Commerce | Medium | 5.3 | 2025-08-12 17:55:06 | Deep Dive |
| CVE-2025-49555 | Adobe Commerce | Cross-Site Request Forgery (CSRF) (CWE-352) | Adobe | Adobe Commerce | High | 8.1 | 2025-08-12 17:55:05 | Deep Dive |
| CVE-2025-34148 | Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via WISP SSID | Shenzhen Aitemi E Commerce Co. Ltd. | M300 Wi-Fi Repeater | - | - | 2025-08-07 16:45:26 | Deep Dive |
| CVE-2025-34149 | Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via WPA2 Key | Shenzhen Aitemi E Commerce Co. Ltd. | M300 Wi-Fi Repeater | - | - | 2025-08-07 16:45:19 | Deep Dive |
| CVE-2025-34150 | Shenzhen Aitemi M300 Wi-Fi Repeater PPPoE Username Command Injection | Shenzhen Aitemi E Commerce Co. Ltd. | M300 Wi-Fi Repeater | - | - | 2025-08-07 16:45:12 | Deep Dive |
| CVE-2025-34151 | Shenzhen Aitemi M300 Wi-Fi Repeater PPPoE Password Command Injection | Shenzhen Aitemi E Commerce Co. Ltd. | M300 Wi-Fi Repeater | - | - | 2025-08-07 16:45:06 | Deep Dive |
| CVE-2025-34152 | Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via Time Parameter | Shenzhen Aitemi E Commerce Co. Ltd. | M300 Wi-Fi Repeater | - | - | 2025-08-07 16:45:00 | Deep Dive |
| CVE-2025-34147 | Shenzhen Aitemi M300 Wi-Fi Repeater OS Command Injection via SSID | Shenzhen Aitemi E Commerce Co. Ltd. | M300 Wi-Fi Repeater | - | - | 2025-08-04 17:34:59 | Deep Dive |
| CVE-2025-34139 | Sitecore XM/XP/XC and Managed Cloud 8.0 - 10.4 Arbitrary File Read | Sitecore | Experience Manager (XM) | 中危 | - | 2025-07-25 15:54:25 | Deep Dive |
| CVE-2015-10135 | WPshop 2 – E-Commerce < 1.3.9.6 - Arbitrary File Upload | eoxia | WPshop 2 – E-Commerce | Critical | 9.8 | 2025-07-19 09:23:52 | Deep Dive |
| CVE-2025-7756 | code-projects E-Commerce Site cross-site request forgery | code-projects | E-Commerce Site | Medium | 4.3 | 2025-07-17 20:44:06 | Deep Dive |
| CVE-2025-52836 | WordPress The E-Commerce ERP <= 2.1.1.3 - Privilege Escalation Vulnerability | Unity Business Technology Pty Ltd | The E-Commerce ERP | Critical | 9.8 | 2025-07-16 11:27:53 | Deep Dive |
| CVE-2025-54013 | WordPress Welcart e-Commerce plugin <= 2.11.16 - Cross Site Scripting (XSS) Vulnerability | info@welcart | Welcart e-Commerce | Medium | 5.9 | 2025-07-16 10:36:42 | Deep Dive |
| CVE-2025-7175 | code-projects E-Commerce Site users_photo.php unrestricted upload | code-projects | E-Commerce Site | Medium | 6.3 | 2025-07-08 11:02:06 | Deep Dive |
| CVE-2025-49550 | Adobe Commerce | Incorrect Authorization (CWE-863) | Adobe | Adobe Commerce | Medium | 4.3 | 2025-06-25 17:41:59 | Deep Dive |
| CVE-2025-49549 | Adobe Commerce | Incorrect Authorization (CWE-863) | Adobe | Adobe Commerce | Low | 2.7 | 2025-06-25 17:41:14 | Deep Dive |
| CVE-2025-34510 | Sitecore XM, XC, and XP Post-Auth RCE via Zip Slip | Sitecore | Experience Manager | High | 8.8 | 2025-06-17 18:46:04 | Deep Dive |
| CVE-2025-48446 | Commerce Alphabank Redirect - Moderately critical - Access bypass - SA-CONTRIB-2025-067 | Drupal | Commerce Alphabank Redirect | - | - | 2025-06-11 14:34:50 | Deep Dive |
| CVE-2025-48445 | Commerce Eurobank (Redirect) - Moderately critical - Access bypass - SA-CONTRIB-2025-066 | Drupal | Commerce Eurobank (Redirect) | - | - | 2025-06-11 14:31:04 | Deep Dive |
| CVE-2025-27206 | Adobe Commerce | Improper Access Control (CWE-284) | Adobe | Adobe Commerce | Medium | 5.3 | 2025-06-10 16:08:57 | Deep Dive |