Ahmed Thaiban ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
webapps python CVE-2025-28062

Sn1p3r-H4ck3r Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
webapps php CVE-2025-47226

Van Lam Nguyen Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
webapps go CVE-n/a

Milad karimi WordPress Core 6.2 - Directory Traversal
webapps php CVE-2023-2745

VeryLazyTech FoxCMS 1.2.5 - Remote Code Execution (RCE)
webapps multiple CVE-2025-29306

Milad karimi Drupal 11.x-dev - Full Path Disclosure
webapps php CVE-2024-45440

samogod KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
webapps php CVE-2024-11728

Cyd Tseng UJCMS 9.6.3 - User Enumeration via IDOR
webapps multiple CVE-2024-12483

pointedsec Inventio Lite 4 - SQL Injection
webapps php CVE-2024-44541

Arjun Chaudhary Apache Commons Text 1.10.0 - Remote Code Execution
webapps multiple CVE-2022-42889

Milad karimi Tatsu 3.3.11 - Unauthenticated RCE
webapps php CVE-2021-25094

Jun Takemura Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
webapps multiple CVE-2024-11972

dmlino compop.ca 3.5.3 - Arbitrary code Execution
webapps multiple CVE-2024-48445

Kwangyun Keum Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation
webapps multiple CVE-2024-12955

Kjesper Usermin 2.100 - Username Enumeration
webapps multiple CVE-2024-44762

Ravindu Wickramasinghe Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE)
webapps multiple CVE-2024-42640