CVE-2025-4924

A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /uservoidtransaction.php. The manipulation of the argument orderid leads to sql injection. It is possible to launch the attack remotely...

CVE-2025-4882

A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/teamupdate.php. The manipulation of the argument team leads to sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2025-4753

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R68125 and classified as problematic. Affected by this issue is some unknown functionality of the file /login.data. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to th...

CVE-2025-4723

A vulnerability classified as critical was found in itsourcecode Placement Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /allstudent.php. The manipulation of the argument delete leads to sql injection. The attack can be launched remotely. The exploi...

CVE-2025-4780

A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /foreigner-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-4430

Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP allows file manipulation.This issue affects EZD RP in versions before 20.19 published on 22nd August 2024...

PT-2025-21715 · Unknown · Sourcecodester/Oretnom23 Stock Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester/oretnom23 Stock Management System version 1.0 Description: A critical issue affects the processing of the file "/admin/?page=return/view return". The manipulation of the ID argument leads to SQL injection. This issue can be...

CVE-2025-4430

Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP allows file manipulation.This issue affects EZD RP in versions before 20.19 published on 22nd August 2024...

CVE-2025-4430

CVE-2025-4430 describes an unauthorized access vulnerability in EZD RP where the endpoint /api/Token/gettoken can be exploited to manipulate files. The issue affects EZD RP versions before 20.19 (published 22 Aug 2024). Based on connected documents, the root cause is an access control/endpoint ex...

CVE-2025-4430 Unauthorized file manipulation in EZD RP

Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP allows file manipulation.This issue affects EZD RP in versions before 20.19 published on 22nd August 2024...

CVE-2025-4430 Unauthorized file manipulation in EZD RP

Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP allows file manipulation.This issue affects EZD RP in versions before 20.19 published on 22nd August 2024...

NASK EZD RP 安全漏洞

NASK EZD RP is a modern document management and archiving system from NASK designed for seamless electronic management. A security vulnerability exists in NASK EZD RP versions prior to 20.19 that stems from unauthorized access that may result in file manipulation...

PT-2025-21144 · Ezd Rp · Ezd Rp

Name of the Vulnerable Software and Affected Versions: EZD RP versions prior to 20.19 Description: The issue allows unauthorized access to the "/api/Token/gettoken" endpoint in EZD RP, enabling file manipulation. Recommendations: For versions prior to 20.19, update to version 20.19 or later to...

CVE-2025-4495

A vulnerability has been found in JAdmin-JAVA JAdmin 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /memoAjax/save. The manipulation of the argument ID leads to cross site scripting. The attack can be launched remotely. The exploit has be...

CVE-2025-4470

A vulnerability classified as problematic was found in SourceCodester Online Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-student.php. The manipulation of the argument Fullname leads to cross site scripting. The attack can be...

CVE-2025-4466

A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=savepayment. The manipulation of the argument registrationid leads to sql injection. It is possible to initiate the attack remotely. T...

PT-2025-20590

Name of the Vulnerable Software and Affected Versions itsourcecode Gym Management System version 1.0 Description A critical issue affects the processing of the file "/ajax.php?action=delete plan". The manipulation of the ID argument leads to SQL injection. The attack may be initiated remotely...

CVE-2025-4303

A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. The attack ma...

CVE-2025-20967

Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery...

CVE-2025-4242

A vulnerability classified as critical was found in PHPGurukul Online Birth Certificate System 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/between-dates-report.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched...