JustDinooo/CVEs

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-51543 ↗	Aug 19, 2025Tuesday, 19 August 2025, 20:15	9.8 CRITICAL	—
An issue was discovered in Cicool builder 3.4.4 allowing attackers to reset the administrator's password via the /administrator/auth/reset_password endpoint.
CVE-2024-42697 ↗	Sep 20, 2024Friday, 20 September 2024, 18:15	6.1 MEDIUM	—
Cross Site Scripting vulnerability in Leotheme Leo Product Search Module v.2.1.6 and earlier allows a remote attacker to execute arbitrary code via the q parameter of the product search function.