249 matches found
CVE-2025-10064
A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This issue affects some unknown processing of the file /inventory/main/vendors/datatables/unittesting/templates/domdatatwoheaders.php. The manipulation of the argument scripts results in cross site scripting. The...
CVE-2025-9928
A security flaw has been discovered in projectworlds Travel Management System 1.0. The impacted element is an unknown function of the file /viewcategory.php. Performing manipulation of the argument t1 results in sql injection. It is possible to initiate the attack remotely. The exploit has been...
PT-2025-35836
Name of the Vulnerable Software and Affected Versions: projectworlds Travel Management System version 1.0 Description: A security flaw exists in projectworlds Travel Management System. The issue involves SQL injection in the /viewcategory.php file through manipulation of the t1 argument. This...
CVE-2025-9726
A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /review.php. The manipulation of the argument pid results in sql injection. The attack may be launched remotely. The exploit has been released to the...
CVE-2025-9425
A security flaw has been discovered in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /enquiry.php. Performing manipulation of the argument pid results in sql injection. The attack is possible to be carried out remotely...
CVE-2025-9577
A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this...
PT-2025-34832
Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A security flaw exists in itsourcecode Apartment Management System version 1.0 related to the processing of the /report/fair info all.php file. Manipulation of the fid argument...
PT-2025-34728 · Unknown · 1000Projects Online Project Report Submission/Evaluation System
Name of the Vulnerable Software and Affected Versions: 1000projects Online Project Report Submission and Evaluation System version 1.0 Description: A security flaw exists in 1000projects Online Project Report Submission and Evaluation System version 1.0. The manipulation of the address argument i...
SUSE CVE-2025-9396
A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function GIstrtollinternal of the file strtoll.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be...
PT-2025-34680 · Lostvip Com · Ruoyi-Go
Name of the Vulnerable Software and Affected Versions: lostvip-com ruoyi-go versions prior to 2.1 Description: A security flaw exists in the DownloadTmp/DownloadUpload function within the modules/system/controller/CommonController.go file. Manipulation of the fileName argument can lead to a path...
CVE-2025-9396 ckolivas lrzip strtol_l.c __GI_____strtol_l_internal null pointer dereference
A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function GIstrtollinternal of the file strtoll.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be...
CVE-2025-9390
A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be...
CVE-2025-9381 FNKvision Y215 CCTV Camera wpa_supplicant.conf information disclosure
A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an unknown part of the file /tmp/wpasupplicant.conf. Performing manipulation results in information disclosure. The attack may be carried out on the physical device. The attack's complexity is rated as...
CVE-2025-9381 FNKvision Y215 CCTV Camera wpa_supplicant.conf information disclosure
A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an unknown part of the file /tmp/wpasupplicant.conf. Performing manipulation results in information disclosure. The attack may be carried out on the physical device. The attack's complexity is rated as...
PT-2025-34566 · Vim +1 · Vim +1
Name of the Vulnerable Software and Affected Versions: vim versions prior to 9.1.1616 Description: A security flaw exists in vim due to a buffer overflow in the main function of the xxd.c file within the xxd component. The vulnerability is locally exploitable. An exploit for this issue has been...
CVE-2025-9143
A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailinglists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public a...
PT-2025-34228 · Totolink · Totolink A720R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A720R version 4.1.5cu.630 B20250509 Description: A security flaw exists in TOTOLINK A720R 4.1.5cu.630 B20250509. The issue affects the setParentalRules function within the /cgi-bin/cstecgi.cgi file and allows for remote buffer overfl...
PT-2025-33883
Name of the Vulnerable Software and Affected Versions: SolidInvoice versions prior to 2.4.1 Description: A security flaw has been discovered in SolidInvoice. The impacted element is an unknown function within the /clients file of the Clients Module. Manipulation of the Name argument results in...
PT-2025-33741 · Scada-Lts · Scada-Lts
Name of the Vulnerable Software and Affected Versions: Scada-LTS version 2.7.8.1 Description: A security flaw exists in Scada-LTS 2.7.8.1 related to the mailing lists.shtm file. Manipulation of the name/userList/address argument can lead to cross-site scripting. This issue is potentially...
CVE-2025-6874
CVE-2025-6874 affects SourceCodester Best Salon Management System v1.0. The vulnerability resides in the file /panel/add_subscribe.php , where manipulating the parameters user_id/plan_id leads to a SQL injection. It can be exploited remotely and the exploit has been disclosed publicly. If exploit...