CVE-2025-3306

A vulnerability was found in code-projects Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /don.php. The manipulation of the argument fullname leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-3379

A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. Affected by this vulnerability is an unknown functionality of the component EPSV Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the publi...

CVE-2025-3369

A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /novel/friendLink/list. The manipulation of the argument sort leads to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2025-3323

A vulnerability classified as critical was found in godcheese/code-projects Nimrod 0.8. Affected by this vulnerability is the function searchAllByName of the file ViewMenuCategoryRestController.java. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely...

CVE-2025-3188

A vulnerability classified as critical has been found in PHPGurukul e-Diary Management System 1.0. This affects an unknown part of the file /add-notes.php. The manipulation of the argument Category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-3305

A vulnerability has been found in 1902756969/code-projects IKUNLibrary 1.0 and classified as problematic. This vulnerability affects the function addInterceptors of the file MvcConfig.java of the component Borrow Handler. The manipulation leads to improper access controls. The attack can be...

CVE-2025-3296 SourceCodester Online Eyewear Shop Users.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=deletecustomer. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely...

CVE-2025-3296

CVE-2025-3296 affects SourceCodester Online Eyewear Shop 1.0. The vulnerability is an SQL injection caused by improper handling of the ID parameter in /classes/Users.php?f=delete_customer, allowing remote exploitation. Descriptions across multiple sources confirm a critical issue with variant CVS...

CVE-2025-3213

CVE-2025-3213 affects PHPGurukul e-Diary Management System 1.0. The vulnerability is in view-note.php?noteid=11 where the remark parameter enables SQL injection due to improper input validation. Exploitation appears remote (network vector) with potential data exposure. Multiple connected sources ...

CVE-2025-3206 code-projects Hospital Management System doctor-specilization.php sql injection

A vulnerability has been found in code-projects Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. The attack can be initiated...

CVE-2025-3206 code-projects Hospital Management System doctor-specilization.php sql injection

A vulnerability has been found in code-projects Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. The attack can be initiated...

CVE-2025-3204

A vulnerability, which was classified as critical, has been found in CodeAstro Car Rental System 1.0. Affected by this issue is some unknown functionality of the file /returncar.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has...

CVE-2025-3172

A vulnerability, which was classified as critical, has been found in Project Worlds Online Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyerbooking.php. The manipulation of the argument unblockid leads to sql injection. The attack may be initiated...

CVE-2025-3170

A vulnerability classified as critical has been found in Project Worlds Online Lawyer Management System 1.0. This affects an unknown part of the file /adminuser.php. The manipulation of the argument blockid/unblockid leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-2984

A vulnerability was found in code-projects Payroll Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /delete.php. The manipulation of the argument empid leads to sql injection. The attack may be launched remotely. The exploit has be...

CVE-2025-3036

A vulnerability, which was classified as problematic, was found in yzk2356911358 StudentServlet-JSP cc0cdce25fbe43b6c58b60a77a2c85f52d2102f5/d4d7a0643f1dae908a4831206f2714b21820f991. This affects an unknown part of the component Student Management Handler. The manipulation of the argument Name...

CVE-2025-2999

A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpacksequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

CVE-2025-2989

The CVE-2025-2989 entry concerns the Tenda FH1202 router (firmware 1.2.0.14(408)) with a vulnerability in the Web Management Interface, specifically the file path /goform/AdvSetWrl. The root cause is described as improper access controls in that component, enabling remote exploitation. The impact...

CVE-2025-2925

A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MMrealloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to th...

CVE-2025-2847

A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. This issue affects some unknown processing of the file /dashboard/admin/overmonth.php. The manipulation of the argument mm leads to sql injection. The attack may be initiated remotely. The...