Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2025-22214

    Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection.... Read more

    Affected Products :
    • Published: Jan. 02, 2025
    • Modified: Jan. 02, 2025
    • Vuln Type: Injection

  • 10.0

    CRITICAL
    CVE-2024-56829

    Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx.... Read more

    Affected Products :
    • Published: Jan. 02, 2025
    • Modified: Jan. 06, 2025
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2025-0168

    A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument person leads to sql injection. It is possible to initiate t... Read more

    Affected Products : job_recruitment
    • Published: Jan. 01, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Injection

  • 6.1

    MEDIUM
    CVE-2024-11846

    The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin... Read more

    Affected Products :
    • Published: Jan. 01, 2025
    • Modified: Jan. 02, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2024-56021

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibnuyahya Category Post Shortcode allows Stored XSS.This issue affects Category Post Shortcode: from n/a through 2.4.... Read more

    Affected Products :
    • Published: Jan. 01, 2025
    • Modified: Jan. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2024-56020

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mario Di Pasquale SvegliaT Buttons allows Stored XSS.This issue affects SvegliaT Buttons: from n/a through 1.3.0.... Read more

    Affected Products :
    • Published: Jan. 01, 2025
    • Modified: Jan. 01, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.1

    MEDIUM
    CVE-2024-56803

    Ghostty is a cross-platform terminal emulator. Ghostty, as allowed by default in 1.0.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the u... Read more

    Affected Products :
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 6.5

    MEDIUM
    CVE-2024-56063

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through 6.0.7.... Read more

    Affected Products : essential_addons_for_elementor
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 6.5

    MEDIUM
    CVE-2024-56062

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through 1.3.987.... Read more

    Affected Products : royal_elementor_addons
    • Published: Dec. 31, 2024
    • Modified: Mar. 21, 2025

  • 9.8

    CRITICAL
    CVE-2024-13085

    A vulnerability, which was classified as critical, has been found in PHPGurukul Land Record System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. The manipulation of the argument username leads to sql injection. Th... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 9.8

    CRITICAL
    CVE-2024-13084

    A vulnerability classified as critical was found in PHPGurukul Land Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search-property.php. The manipulation of the argument searchdata leads to sql injection. T... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 5.4

    MEDIUM
    CVE-2024-13083

    A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. Affected is an unknown function of the file /admin/admin-profile.php. The manipulation of the argument Admin Name leads to cross site scripting. It is possible ... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 6.1

    MEDIUM
    CVE-2024-13082

    A vulnerability was found in PHPGurukul Land Record System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/search-property.php. The manipulation of the argument Search By leads to cross site scripting. ... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 5.4

    MEDIUM
    CVE-2024-13081

    A vulnerability was found in PHPGurukul Land Record System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/contactus.php. The manipulation of the argument Page Description leads to cross site scripting.... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 5.4

    MEDIUM
    CVE-2024-13080

    A vulnerability was found in PHPGurukul Land Record System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/aboutus.php. The manipulation of the argument Page Description leads to cross site scripting. It is poss... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Apr. 30, 2025

  • 8.8

    HIGH
    CVE-2024-13079

    A vulnerability was found in PHPGurukul Land Record System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/property-details.php. The manipulation of the argument editid leads to sql injection. The at... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 8.8

    HIGH
    CVE-2024-13078

    A vulnerability has been found in PHPGurukul Land Record System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument searchdata leads to sql injection. The atta... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 5.4

    MEDIUM
    CVE-2024-13077

    A vulnerability, which was classified as problematic, was found in PHPGurukul Land Record System 1.0. Affected is an unknown function of the file /admin/add-property.php. The manipulation of the argument Land Subtype leads to cross site scripting. It is p... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 5.4

    MEDIUM
    CVE-2024-13076

    A vulnerability, which was classified as problematic, has been found in PHPGurukul Land Record System 1.0. This issue affects some unknown processing of the file /admin/edit-propertytype.php. The manipulation of the argument Property Type leads to cross s... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025

  • 5.4

    MEDIUM
    CVE-2024-13075

    A vulnerability classified as problematic was found in PHPGurukul Land Record System 1.0. This vulnerability affects unknown code of the file /admin/add-propertytype.php. The manipulation of the argument Land Property Type leads to cross site scripting. T... Read more

    Affected Products : land_record_system
    • Published: Dec. 31, 2024
    • Modified: Jan. 06, 2025
Showing 20 of 293613 Results