VeryLazyTech FoxCMS 1.2.5 - Remote Code Execution (RCE)
webapps multiple CVE-2025-29306

Milad karimi Drupal 11.x-dev - Full Path Disclosure
webapps php CVE-2024-45440

samogod KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
webapps php CVE-2024-11728

Cyd Tseng UJCMS 9.6.3 - User Enumeration via IDOR
webapps multiple CVE-2024-12483

pointedsec Inventio Lite 4 - SQL Injection
webapps php CVE-2024-44541

VeryLazyTech Langflow 1.3.0 - Remote Code Execution (RCE)
remote multiple CVE-2025-3248

Arjun Chaudhary Apache Commons Text 1.10.0 - Remote Code Execution
webapps multiple CVE-2022-42889

Milad karimi Tatsu 3.3.11 - Unauthenticated RCE
webapps php CVE-2021-25094

Jun Takemura Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
webapps multiple CVE-2024-11972

Parastou Razi AnyDesk 9.0.1 - Unquoted Service Path
local windows

dmlino compop.ca 3.5.3 - Arbitrary code Execution
webapps multiple CVE-2024-48445

Kwangyun Keum Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation
webapps multiple CVE-2024-12955

Kjesper Usermin 2.100 - Username Enumeration
webapps multiple CVE-2024-44762

Ravindu Wickramasinghe Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE)
webapps multiple CVE-2024-42640

LiquidWorm ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) - Authenticated Path Traversal
hardware php

LiquidWorm ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution
hardware php CVE-2024-48840