EUVD-2025-31383

Malicious code in bioql PyPI...

CVE-2025-11079

A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this issue is some unknown functionality. The manipulation results in file and directory information exposure. The attack may be performed from remote. The exploit has been released to the public and may be...

CVE-2025-11014

A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible...

CVE-2025-11014

A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible...

PT-2025-39289

Name of the Vulnerable Software and Affected Versions Mangati NovoSGA versions through 2.2.9 Description A security flaw exists in Mangati NovoSGA. The issue is related to cross site scripting within the SVG File Handler component, specifically affecting the file /admin. Manipulation of the...

CVE-2025-10857 Campcodes Point of Sale System POS login.php sql injection

A security flaw has been discovered in Campcodes Point of Sale System POS 1.0. Affected by this issue is some unknown functionality of the file /login.php. Performing manipulation of the argument Username results in sql injection. The attack is possible to be carried out remotely. The exploit has...

PT-2025-39116

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description A security flaw exists in SourceCodester Pet Grooming Management Software version 1.0. The issue involves SQL injection stemming from manipulation of the ID argument withi...

CVE-2025-10807

CVE-2025-10807 affects Campcodes Online Beauty Parlor Management System v1.0. The vulnerability is an SQL injection caused by improper handling of the “editid” parameter in the file /admin/edit-customer-detailed.php, enabling remote exploitation. Public exploits have been released. Multiple sourc...

CVE-2025-10799

A security flaw has been discovered in code-projects Hostel Management System 1.0. The affected element is an unknown function of the file /justines/admin/modreservation/index.php?view=view. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is...

CVE-2025-10799

A security flaw has been discovered in code-projects Hostel Management System 1.0. The affected element is an unknown function of the file /justines/admin/modreservation/index.php?view=view. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is...

PT-2025-38717

A security flaw has been discovered in code-projects Hostel Management System 1.0. The affected element is an unknown function of the file /justines/admin/mod reservation/index.php?view=view. Performing manipulation of the argument ID results in sql injection. Remote exploitation of the attack is...

CVE-2025-10675

CVE-2025-10675 affects fuyang_lipengjun platform 1.0, specifically the AttributeController handling /attribute/queryAll. The underlying issue is improper authorization in the AttributeController, enabling remote exploitation. Public exploit is reported across sources, indicating active risk. Conn...

PT-2025-38467

Name of the Vulnerable Software and Affected Versions fuyang lipengjun platform version 1.0 Description A security flaw exists in the AttributeController function within the /attribute/queryAll file of the fuyang lipengjun platform. Manipulation of this function leads to improper authorization...

CVE-2025-10624

A security flaw has been discovered in PHPGurukul User Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument emailid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and ma...

CVE-2025-10624

A security flaw has been discovered in PHPGurukul User Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument emailid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and ma...

PT-2025-38240

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.10 Description: A security flaw has been discovered in Portabilis i-Educar. The vulnerability affects unknown code within the /agenda preferencias.php file. Manipulation of the tipoacao argument can lead t...

PT-2025-37428

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Grading System version 1.0 Description: A security flaw exists in SourceCodester Student Grading System 1.0. The issue is related to SQL injection within the /edit user.php file. Manipulation of the ID parameter can...

CVE-2025-10374 Shenzhen Sixun Business Management System OperatorStop improper authorization

A security flaw has been discovered in Shenzhen Sixun Business Management System 7/11. This affects an unknown part of the file /Adm/OperatorStop. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the...

CVE-2025-10245 Display Painéis TGA Galeria rename path traversal

A security flaw has been discovered in Display Painéis TGA up to 7.1.41. Affected by this issue is some unknown functionality of the file /gallery/rename of the component Galeria Page. The manipulation of the argument currentfolder results in path traversal. The exploit has been released to the...

CVE-2025-10075

A security flaw has been discovered in SourceCodester Online Polling System 1.0. The impacted element is an unknown function of the file /manage-profile.php. The manipulation of the argument firstname results in cross site scripting. The attack can be launched remotely. The exploit has been...