Latest CVE Feed
-
7.4
HIGHCVE-2025-9970
Cleartext Storage of Sensitive Information in Memory vulnerability in ABB MConfig.This issue affects MConfig: through 1.4.9.21.... Read more
Affected Products :- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Information Disclosure
-
7.5
HIGHCVE-2025-11488
A weakness has been identified in D-Link DIR-852 up to 20251002. This affects an unknown part of the file /HNAP1/. Executing manipulation can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public... Read more
Affected Products : dir-852_firmware- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Injection
-
9.3
CRITICALCVE-2025-10351
SQL injection vulnerability based on the melis-cms module of the Melis platform from Melis Technology. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'idPage' parameter in the '/melis/MelisCms/PageEditi... Read more
Affected Products : meliscms- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Injection
-
9.3
CRITICALCVE-2025-10352
Vulnerability in the melis-core module of Melis Technology's Melis Platform, which, if exploited, allows an unauthenticated attacker to create an administrator account via a request to '/melis/MelisCore/ToolUser/addNewUser'.... Read more
Affected Products :- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Authentication
-
6.5
MEDIUMCVE-2025-10649
The Welcart e-Commerce plugin for WordPress is vulnerable to SQL Injection via the cookie in all versions up to, and including, 2.11.21 due to insufficient escaping on the user supplied value and lack of sufficient preparation on the existing SQL query. T... Read more
Affected Products : welcart_e-commerce- Published: Oct. 08, 2025
- Modified: Oct. 08, 2025
- Vuln Type: Injection