CVE ID : CVE-2025-53093
Published : June 27, 2025, 6:15 p.m. | 57 minutes ago
Description : TabberNeue is a MediaWiki extension that allows the wiki to create tabs. Starting in version 3.0.0 and prior to version 3.1.1, any user can insert arbitrary HTMLinto the DOM by inserting a payload into any allowed attribute of the “ tag. Version 3.1.1 contains a patch for the bug.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-5310
Published : June 27, 2025, 6:15 p.m. | 57 minutes ago
Description : Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework (TCF) interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6522
Published : June 27, 2025, 6:15 p.m. | 57 minutes ago
Description : Unauthenticated users on an adjacent network with the Sight Bulb Pro can
run shell commands as root through a vulnerable proprietary TCP
protocol available on Port 16668. This vulnerability allows an attacker
to run arbitrary commands on the Sight Bulb Pro by passing a well formed
JSON string.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
MongoDB Server Pre-Authentication Vulnerability Let Attackers Trigger DoS Condition
A critical pre-authentication denial of service vulnerability was identified as CVE-2025-6709, affecting multiple versions of MongoDB Server across its 6.0, 7.0, and 8.0 release branches.
Summary1. Mo …
Read more
Published Date:
Jun 27, 2025 (4 hours, 36 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-6709
Securitybedrijf meldt mogelijk misbruik van nieuw CitrixBleed-lek
Een nieuwe kwetsbaarheid in NetScaler ADC en NetScaler Gateway, die de naam CitrixBleed 2 heeft gekregen, wordt mogelijk actief misbruik bij aanvallen, zo stelt securitybedrijf ReliaQuest. NetScaler z …
Read more
Published Date:
Jun 27, 2025 (4 hours, 1 minute ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-6543
CVE-2025-5777
CVE ID : CVE-2025-49885
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme Drag and Drop Multiple File Upload (Pro) – WooCommerce allows Upload a Web Shell to a Web Server. This issue affects Drag and Drop Multiple File Upload (Pro) – WooCommerce: from n/a through 5.0.6.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-49886
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in WebGeniusLab Zikzag Core allows PHP Local File Inclusion. This issue affects Zikzag Core: from n/a through 1.4.5.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52709
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Deserialization of Untrusted Data vulnerability in wpeverest Everest Forms allows Object Injection. This issue affects Everest Forms: from n/a through 3.2.2.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52717
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in chrisbadgett LifterLMS allows SQL Injection. This issue affects LifterLMS: from n/a through 8.0.6.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52722
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in JoinWebs Classiera allows SQL Injection. This issue affects Classiera: from n/a through 4.0.34.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52723
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in codesupplyco Networker allows PHP Local File Inclusion. This issue affects Networker: from n/a through 1.2.0.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52724
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Deserialization of Untrusted Data vulnerability in BoldThemes Amwerk allows Object Injection. This issue affects Amwerk: from n/a through 1.2.0.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52725
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Deserialization of Untrusted Data vulnerability in pebas CouponXxL allows Object Injection. This issue affects CouponXxL: from n/a through 3.0.0.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52726
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Incorrect Privilege Assignment vulnerability in pebas CouponXxL Custom Post Types allows Privilege Escalation. This issue affects CouponXxL Custom Post Types: from n/a through 3.0.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52729
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in thembay Diza allows PHP Local File Inclusion. This issue affects Diza: from n/a through 1.3.9.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52809
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in John Russell National Weather Service Alerts allows PHP Local File Inclusion. This issue affects National Weather Service Alerts: from n/a through 1.3.5.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52811
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Path Traversal vulnerability in Creanncy Davenport – Versatile Blog and Magazine WordPress Theme allows PHP Local File Inclusion. This issue affects Davenport – Versatile Blog and Magazine WordPress Theme: from n/a through 1.3.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52808
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in real-web RealtyElite allows PHP Local File Inclusion. This issue affects RealtyElite: from n/a through 1.0.0.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52810
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Path Traversal vulnerability in TMRW-studio Katerio – Magazine allows PHP Local File Inclusion. This issue affects Katerio – Magazine: from n/a through 1.5.1.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52812
Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in ApusWP Domnoo allows PHP Local File Inclusion. This issue affects Domnoo: from n/a through 1.49.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…