Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Improper Control of Generation of Code ('Code Injection') vulnerability in PickPlugins Job Board Manager job-board-manager allows Code Injection.This issue affects Job Board Manager: from n/a through
Deserialization of Untrusted Data vulnerability in PickPlugins Job Board Manager job-board-manager allows Object Injection.This issue affects Job Board Manager: from n/a through <= 2.1.61.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Job Board Manager allows Stored XSS.This issue affects Job Board Manager: from
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Job Board Manager job-board-manager allows DOM-Based XSS.This issue affects Job Board
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Job Board Manager job-board-manager allows Reflected XSS.This issue affects Job Board
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JobScore Job Manager job-manager-by-jobscore allows Stored XSS.This issue affects Job Manager: fro
Improper Control of Generation of Code ('Code Injection') vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows Code Injection.This issue affects Real Estate Manager: from n/a t
Deserialization of Untrusted Data vulnerability in PickPlugins Question Answer question-answer allows Object Injection.This issue affects Question Answer: from n/a through <= 1.2.73.
Improper Control of Generation of Code ('Code Injection') vulnerability in The4 Molla molla allows Code Injection.This issue affects Molla: from n/a through <= 1.5.13.
CVE-2025-49887
CRITICAL CVSS 9.9
Find Similar
Improper Control of Generation of Code ('Code Injection') vulnerability in WPFactory Product XML Feed Manager for WooCommerce product-xml-feeds-for-woocommerce allows Remote Code Inclusion.This issue
Improper Control of Generation of Code ('Code Injection') vulnerability in Laborator Kalium kalium allows Code Injection.This issue affects Kalium: from n/a through <= 3.25.
Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System a
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Stored XSS. This issue affects Team Showcase: from n/a through 1
CVE-2025-60206
CRITICAL CVSS 10.0
Find Similar
Improper Control of Generation of Code ('Code Injection') vulnerability in Beplusthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through <= 7.8.3.
A vulnerability, which was classified as problematic, has been found in Gnuboard g6 up to 6.0.10. This issue affects some unknown processing of the file /bbs/scrap_popin_update/qa/ of the component Po
Improper Control of Generation of Code ('Code Injection') vulnerability in GS Plugins GS Testimonial Slider gs-testimonial allows Code Injection.This issue affects GS Testimonial Slider: from n/a thro
Improper Control of Generation of Code ('Code Injection') vulnerability in Beplusthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through < 7.8.5.
CVE-2024-50492
CRITICAL CVSS 9.8
Find Similar
Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson ScottCart scottcart allows Code Injection.This issue affects ScottCart: from n/a through <= 1.1.
Improper Control of Generation of Code ('Code Injection') vulnerability in Beplusthemes Alone alone allows Remote Code Inclusion.This issue affects Alone: from n/a through <= 7.8.2.
CVE-2025-54466
CRITICAL CVSS 9.8
Find Similar
Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE in Apache OFBiz scrum plugin. This issue affects Apache OFBiz: before 24.09.02 only when the scrum pl
Page 1+ Next →