CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2319 – EZ SQL Reports Shortcode Widget and DB Backup 4.11.13 - 5.25.08 - Cross-Site Request Forgery to Remote Code Execution
https://notcve.org/view.php?id=CVE-2025-2319
24 Mar 2025 — The EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 4.11.13 to 5.25.08. This is due to missing or incorrect nonce validation on the 'ELISQLREPORTS_menu' function. This makes it possible for unauthenticated attackers to execute code on the server via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Version 5.25.10 adds a nonce check, which makes this vulnerability explo... • https://plugins.trac.wordpress.org/browser/elisqlreports/tags/4..11.13/index.php • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2706 – Digiwin ERP UploadAjaxAPI.ashx unrestricted upload
https://notcve.org/view.php?id=CVE-2025-2706
24 Mar 2025 — A vulnerability classified as critical was found in Digiwin ERP 5.0.1. Affected by this vulnerability is an unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_5.md • CWE-284: Improper Access Control CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2749 – Kentico Xperience Staging media files upload authenticated remote code execution
https://notcve.org/view.php?id=CVE-2025-2749
24 Mar 2025 — An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. • https://labs.watchtowr.com/bypassing-authentication-like-its-the-90s-pre-auth-rce-chain-s-in-kentico-xperience-cms • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2025-2747 – Kentico Xperience Staging Sync Server None password type authentication bypass
https://notcve.org/view.php?id=CVE-2025-2747
24 Mar 2025 — An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server component password handling for the server defined None type. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.178. • https://labs.watchtowr.com/bypassing-authentication-like-its-the-90s-pre-auth-rce-chain-s-in-kentico-xperience-cms • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2025-2746 – Kentico Xperience Staging Sync Server digest password authentication bypass
https://notcve.org/view.php?id=CVE-2025-2746
24 Mar 2025 — An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.172. • https://labs.watchtowr.com/bypassing-authentication-like-its-the-90s-pre-auth-rce-chain-s-in-kentico-xperience-cms • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2705 – Digiwin ERP FileUploadApi.ashx DoWebUpload unrestricted upload
https://notcve.org/view.php?id=CVE-2025-2705
24 Mar 2025 — A vulnerability classified as critical has been found in Digiwin ERP 5.1. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_3.md • CWE-284: Improper Access Control CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 5%CPEs: 42EXPL: 1CVE-2023-25610
https://notcve.org/view.php?id=CVE-2023-25610
24 Mar 2025 — A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via ... • https://github.com/qi4L/CVE-2023-25610 • CWE-124: Buffer Underwrite ('Buffer Underflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2702 – Softwin WMX3 ImageAdd.ashx ImageAdd unrestricted upload
https://notcve.org/view.php?id=CVE-2025-2702
24 Mar 2025 — A vulnerability, which was classified as critical, has been found in Softwin WMX3 3.1. This issue affects the function ImageAdd of the file /ImageAdd.ashx. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_1.md • CWE-284: Improper Access Control CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 1CVE-2025-2701 – AMTT Hotel Broadband Operation System port_setup.php popen os command injection
https://notcve.org/view.php?id=CVE-2025-2701
24 Mar 2025 — A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/port_setup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/zian10001/cve/blob/main/rce.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30615 – WordPress WP e-Commerce Style Email plugin <= 0.6.2 - CSRF to Remote Code Execution vulnerability
https://notcve.org/view.php?id=CVE-2025-30615
24 Mar 2025 — This makes it possible for unauthenticated attackers to achieve remote code execution granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/wordpress/plugin/wp-e-commerce-style-email/vulnerability/wordpress-wp-e-commerce-style-email-plugin-0-6-2-csrf-to-remote-code-execution-vulnerability? • CWE-352: Cross-Site Request Forgery (CSRF) •