Security Vulnerabilities
Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts.
CVSS Score
8.3
EPSS Score
0.0
Published
2025-10-24
PerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme function
CVSS Score
7.6
EPSS Score
0.0
Published
2025-10-24
PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function
CVSS Score
7.6
EPSS Score
0.0
Published
2025-10-24
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-24
PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function
CVSS Score
7.6
EPSS Score
0.0
Published
2025-10-24
jshERP up to commit fbda24da was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the jsh_erp function.
CVSS Score
8.2
EPSS Score
0.001
Published
2025-10-24
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetMACFilter.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSchedule.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetLog.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetPortTr.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-24