The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.
For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.
Legal Disclaimer:
Here is where you can read the NVD legal disclaimer.
-
CVE-2024-12551 - Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interactio... read CVE-2024-12551
Published: February 11, 2025; 3:15:33 PM -0500V3.1: 7.8 HIGH
-
CVE-2024-12833 - Paessler PRTG Network Monitor SNMP Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Paessler PRTG Network Monitor. Some user intera... read CVE-2024-12833
Published: February 11, 2025; 3:15:34 PM -0500V3.1: 6.1 MEDIUM
-
CVE-2025-1044 - Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is not required to exploit this v... read CVE-2025-1044
Published: February 11, 2025; 3:15:35 PM -0500V3.1: 9.8 CRITICAL
-
CVE-2025-1052 - Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mintty. User interaction is required to exploit this vulne... read CVE-2025-1052
Published: February 11, 2025; 3:15:36 PM -0500V3.1: 8.8 HIGH
-
CVE-2024-13601 - The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0.5 via the 'exportusereraserequest' function due to missing... read CVE-2024-13601
Published: February 12, 2025; 1:15:19 AM -0500V3.1: 4.3 MEDIUM
-
CVE-2024-13814 - The The Global Gallery - WordPress Responsive Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 9.1.5. This is due to the software allowing users to execute an action that does not pr... read CVE-2024-13814
Published: February 12, 2025; 4:15:08 AM -0500V3.1: 8.8 HIGH
-
CVE-2025-1187 - A vulnerability classified as critical was found in code-projects Police FIR Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the component Delete Record Handler. The manipulation leads to stack-based buf... read CVE-2025-1187
Published: February 12, 2025; 4:15:08 AM -0500V3.1: 7.8 HIGH
-
CVE-2024-13013 - A vulnerability, which was classified as problematic, was found in PHPGurukul Maid Hiring Management System 1.0. Affected is an unknown function of the file /admin/contactus.php of the component Contact Us Page. The manipulation of the argument pa... read CVE-2024-13013
Published: December 29, 2024; 9:15:04 AM -0500V3.1: 6.1 MEDIUM
-
CVE-2024-13014 - A vulnerability has been found in PHPGurukul Maid Hiring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/search-maid.php. The manipulation of the argument searchdata l... read CVE-2024-13014
Published: December 29, 2024; 10:15:05 AM -0500V3.1: 9.8 CRITICAL
-
CVE-2024-13015 - A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/search-booking-request.php. The manipulation of the argument searchdat... read CVE-2024-13015
Published: December 29, 2024; 11:15:05 AM -0500V3.1: 6.1 MEDIUM
-
CVE-2024-13016 - A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-category.php. The manipulation of the argument editid leads to sql injection. It is... read CVE-2024-13016
Published: December 29, 2024; 11:15:05 AM -0500V3.1: 9.8 CRITICAL
-
CVE-2024-13459 - The FuseDesk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fusedesk_newcase' shortcode in all versions up to, and including, 6.6.1 due to insufficient input sanitization and output escaping on user supplied at... read CVE-2024-13459
Published: February 12, 2025; 5:15:11 AM -0500V3.1: 5.4 MEDIUM
-
CVE-2024-13017 - A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/aboutus.php of the component About Us Page. The manipulation of the argument... read CVE-2024-13017
Published: December 29, 2024; 12:15:05 PM -0500V3.1: 6.1 MEDIUM
-
CVE-2024-13018 - A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/profile.php. The manipulation of the argument name leads to cross site scrip... read CVE-2024-13018
Published: December 29, 2024; 1:15:05 PM -0500V3.1: 6.1 MEDIUM
-
CVE-2024-13023 - A vulnerability has been found in PHPGurukul Maid Hiring Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/search-maid.php of the component Search Maid Page. The manipulation of the arg... read CVE-2024-13023
Published: December 29, 2024; 4:15:06 PM -0500V3.1: 6.1 MEDIUM
-
CVE-2024-3691 - A vulnerability, which was classified as critical, has been found in PHPGurukul Small CRM 3.0. Affected by this issue is some unknown functionality of the component Registration Page. The manipulation leads to sql injection. The attack may be laun... read CVE-2024-3691
Published: April 12, 2024; 12:15:40 PM -0400V3.1: 9.8 CRITICAL
-
CVE-2024-3690 - A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to sql injection. The attack can be launched ... read CVE-2024-3690
Published: April 12, 2024; 11:15:26 AM -0400V3.1: 8.8 HIGH
-
CVE-2024-12999 - A vulnerability has been found in PHPGurukul Small CRM 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit-user.php. The manipulation of the argument id leads to sql injection. The attack can be initiate... read CVE-2024-12999
Published: December 28, 2024; 9:15:17 PM -0500V3.1: 9.8 CRITICAL
-
CVE-2024-13000 - A vulnerability was found in PHPGurukul Small CRM 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/quote-details.php. The manipulation of the argument id leads to sql injection. The attack may be initia... read CVE-2024-13000
Published: December 28, 2024; 10:15:05 PM -0500V3.1: 9.8 CRITICAL
-
CVE-2024-13528 - The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.9.5. This is due to the presence of a shortcode that will generate a confirmation link with a place... read CVE-2024-13528
Published: February 12, 2025; 5:15:12 AM -0500V3.1: 7.5 HIGH