Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-32654 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Stylemix Motors allows PHP Local File Inclusion. This issue affects Motors: from n/a through 1.4.65.
CVSS: HIGH (8.1) EPSS Score: 0.15%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32650 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ability, Inc Accessibility Suite by Online ADA allows SQL Injection. This issue affects Accessibility Suite by Online ADA: from n/a through 4.18.
CVSS: HIGH (8.5) EPSS Score: 0.03%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32633 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in neoslab Database Toolset allows Path Traversal. This issue affects Database Toolset: from n/a through 1.8.4.
CVSS: HIGH (8.6) EPSS Score: 0.06%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32632 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KaizenCoders Automatic Ban IP allows Reflected XSS. This issue affects Automatic Ban IP: from n/a through 1.0.7.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32631 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in oxygensuite Oxygen MyData for WooCommerce allows Path Traversal. This issue affects Oxygen MyData for WooCommerce: from n/a through 1.0.63.
CVSS: HIGH (8.6) EPSS Score: 0.06%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32629 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CMSJunkie - WordPress Business Directory Plugins WP-BusinessDirectory allows Path Traversal. This issue affects WP-BusinessDirectory: from n/a through 3.1.2.
CVSS: HIGH (8.6) EPSS Score: 0.06%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32627 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager allows PHP Local File Inclusion. This issue affects JS Job Manager: from n/a through 2.0.2.
CVSS: HIGH (8.1) EPSS Score: 0.15%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32618 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PickPlugins Wishlist allows SQL Injection. This issue affects Wishlist: from n/a through 1.0.43.
CVSS: HIGH (8.5) EPSS Score: 0.03%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32614 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashan Perera EventON allows PHP Local File Inclusion. This issue affects EventON: from n/a through 2.3.2.
CVSS: HIGH (8.8) EPSS Score: 0.11%
April 11th, 2025 (9 days ago)
|
|
CVE-2025-32601 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in twispay Twispay Credit Card Payments allows Reflected XSS. This issue affects Twispay Credit Card Payments: from n/a through 2.1.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
April 11th, 2025 (9 days ago)
|