Web Directory Free

CVEs (3)

CVE	Sev	Risk	CVSS	Published	Description
CVE-2025-28904	Cri	0.60	9.3	Mar 25, 2025	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shamalli Web Directory Free web-directory-free allows Blind SQL Injection.This issue affects Web Directory Free: from n/a through <= 1.7.6.
CVE-2025-30908	Hig	0.46	7.1	Apr 3, 2025	Cross-Site Request Forgery (CSRF) vulnerability in Shamalli Web Directory Free web-directory-free allows Stored XSS.This issue affects Web Directory Free: from n/a through <= 1.7.6.
CVE-2025-69018	Med	0.42	6.5	Dec 30, 2025	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through <= 1.7.12.

CVE-2025-28904CriMar 25, 2025
risk 0.60cvss 9.3epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shamalli Web Directory Free web-directory-free allows Blind SQL Injection.This issue affects Web Directory Free: from n/a through <= 1.7.6.
CVE-2025-30908HigApr 3, 2025
risk 0.46cvss 7.1epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Shamalli Web Directory Free web-directory-free allows Stored XSS.This issue affects Web Directory Free: from n/a through <= 1.7.6.
CVE-2025-69018MedDec 30, 2025
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shamalli Web Directory Free web-directory-free allows DOM-Based XSS.This issue affects Web Directory Free: from n/a through <= 1.7.12.