CVE-2026-4250

A vulnerability was found in Albert Sağlık Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android. Affected is an unknown function of the file resources/assets/service-account.json of the component Google Cloud Service Account Key Handler. Performing a manipulation results in unprotected...

CVE-2025-15083

A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks o...

CVE-2025-14214 itsourcecode Student Information System section_edit1.php sql injection

A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...

EUVD-2025-24954

Malicious code in bioql PyPI...

EUVD-2025-25763

Malicious code in bioql PyPI...

CVE-2025-9528

A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly...

CVE-2025-9028

A flaw has been found in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /adphar.php. Executing manipulation of the argument phuname can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2025-9012

A vulnerability was identified in PHPGurukul Online Shopping Portal Project 2.0. This affects an unknown part of the file shopping/bill-ship-addresses.php. The manipulation of the argument billingpincode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-8985

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2025-8987

Affected product: SourceCodester COVID 19 Testing Management System 1.0. Vulnerable component: file /test-details.php; vulnerable parameter: remark. Root cause: SQL injection due to manipulation of remark, enabling remote attack. CVSS indicators in the included documents show high–critical impact...

CVE-2025-8755

CVE-2025-8755 affects macrozheng mall up to 1.0.3, specifically the UmsMemberController.detail(orderId) function. Root cause is an authorization bypass caused by manipulation of the orderId parameter, enabling remote access without proper rights. Several connected sources (e.g., PT-2025-32440) de...

CVE-2025-4494 JAdmin-JAVA JAdmin Admin Backend NoNeedLoginController.java toLogin improper authentication

A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected is the function toLogin of the file NoNeedLoginController.java of the component Admin Backend. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The...

CVE-2025-3570

A vulnerability was found in JamesZBL/code-projects db-hospital-drug 1.0. It has been classified as problematic. This affects the function Save of the file ContentController.java. The manipulation of the argument content leads to cross site scripting. It is possible to initiate the attack remotel...

CVE-2024-3689

A vulnerability classified as problematic has been found in Zhejiang Land Zongheng Network Technology O2OA up to 20240403. Affected is an unknown function of the file /xportalassemblesurface/jaxrs/portal/list?v=8.2.3-4-43f4fe3. The manipulation leads to information disclosure. It is possible to...