Latest CVE Feed
-
6.5
MEDIUMCVE-2025-15088
A vulnerability was detected in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is the function postilService.loadPostils of the file /je/postil/postil/loadPostil. Performing manipulation of the argument keyWord results in sql injection. Remote ex... Read more
Affected Products :- Published: Dec. 25, 2025
- Modified: Dec. 29, 2025
- Vuln Type: Injection
-
7.6
HIGHCVE-2025-2406
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Trizbi allows Cross-Site Scripting (XSS).This issue affects Trizbi: b... Read more
Affected Products :- Published: Dec. 25, 2025
- Modified: Dec. 29, 2025
- Vuln Type: Cross-Site Scripting
-
6.5
MEDIUMCVE-2025-15081
A vulnerability has been found in JD Cloud BE6500 4.4.1.r4308. This issue affects the function sub_4780 of the file /jdcapi. Such manipulation of the argument ddns_name leads to command injection. The attack may be performed from remote. The exploit has b... Read more
Affected Products :- Published: Dec. 25, 2025
- Modified: Dec. 29, 2025
- Vuln Type: Injection
-
7.6
HIGHCVE-2025-2405
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Titarus allows Cross-Site Scripting (XSS).This issue affects Titarus:... Read more
Affected Products :- Published: Dec. 25, 2025
- Modified: Dec. 29, 2025
- Vuln Type: Cross-Site Scripting