CVE-2019-9025

creationtimestamp| type| source ---|---|--- 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

CVE-2016-9025

Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php...

CVE-2025-9025

A vulnerability was determined in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /portal.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

CVE-2025-9025 code-projects Simple Cafe Ordering System portal.php sql injection

A vulnerability was determined in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /portal.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the...

MAL-2025-9025 Malicious code in @malware-test-tumid-neive-genre-sided/test-mlw3-tumid-neive-genre-sided (npm)

The package @malware-test-tumid-neive-genre-sided/test-mlw3-tumid-neive-genre-sided was found to contain malicious code...

CVE-2024-9025

creationtimestamp| type| source ---|---|--- 2024-09-26 12:07:12+00:00| seen| https://t.me/cvedetector/6394...

WordPress Sight Plugin <= 1.1.2 is vulnerable to Broken Access Control

Software Sight Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9025 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9329f95a0ef5 Credits Francesco Carlucci Required privilege...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9025)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-9025 advisory. 4.14.35-2025.404.1.2.el7 - Revert 'rds: Deregister all FRWR mr with freemr' aru kolappan Orabug: 32426280 Tenable has extracted the preceding descripti...

CVE-2016-9025

creationtimestamp| type| source ---|---|--- 2020-12-31 07:31:24+00:00| seen| https://t.me/cibsecurity/21449...

CVE-2016-9025

CVE-2016-9025 affects Exponent CMS prior to 2.6.0 due to improper input validation in purchaseOrderController.php. The vulnerability exposes high-impact risks on confidentiality, integrity, and availability (CVSS v3.1: Network, NONE user interaction, C/H/I/H). Public references confirm the issue ...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-2035)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1874)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : php (EulerOS-SA-2020-1874)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers...

CVE-2019-9025

An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mbsplit function in ext/mbstring/phpmbregex.c can cause PHP to execute memcpy with a negative argument, which could read and write past buffers allocated for the data...

CVE-2020-9025

Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script...

CVE-2020-9025

CVE-2020-9025 affects Iteris Vantage Velocity Field Unit, version 2.4.2. The vulnerability is a class of stored XSS occurring in all parameters of the Start Data Viewer feature implemented by the /cgi-bin/loaddata.py script. The root cause is stated as a lack of proper validation of client-side d...

PHP 5.6.x < 5.6.40 Multiple vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.40, 7.1.x prior to 7.1.26, 7.2.x prior to 7.2.14 or 7.3.x prior to 7.3.1. It is, therefore, affected by multiple vulnerabilities: - An integer underflow condition exists in gdContributionsAlloc...

PHP 7.1.x < 7.1.26 Multiple vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.40, 7.1.x prior to 7.1.26, 7.2.x prior to 7.2.14 or 7.3.x prior to 7.3.1. It is, therefore, affected by multiple vulnerabilities: - An integer underflow condition exists in gdContributionsAlloc...

PHP 7.3.0 Memory Corruption Vulnerability - Linux

An invalid multibyte string supplied as an argument to the mbsplit function in ext/mbstring/phpmbregex.c can cause PHP to execute memcpy with a negative argument, which could read and write past buffers allocated for the data. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might...

CVE-2019-9025

An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mbsplit function in ext/mbstring/phpmbregex.c can cause PHP to execute memcpy with a negative argument, which could read and write past buffers allocated for the data...