CVE-2025-5980

A vulnerability classified as critical was found in code-projects Restaurant Order System 1.0. This vulnerability affects unknown code of the file /order.php. The manipulation of the argument tabidNoti leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...

CVE-2025-5971

A vulnerability was found in code-projects School Fees Payment System 1.0. It has been classified as critical. This affects an unknown part of the file /ajx.php. The manipulation of the argument namestartsWith leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

Important: dotnet8.0

Issue Overview: External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network. CVE-2025-26646 Affected Packages: dotnet8.0 Issue Correction: Run dnf update dotnet8.0 --releasever 2023.7.20250609 to...

GHSA-X5GF-QVW8-R2RM pm2 Regular Expression Denial of Service vulnerability

A vulnerability classified as problematic was found in Unitech pm2 prior to 7.0.0. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to...

External Control of File Name or Path

Overview elmsln/haxcms is a Headless CMS for managing and publishing hybrid static, web component driven sites. Affected versions of this package are vulnerable to External Control of File Name or Path via the location parameter in the saveOutline API endpoint. An attacker can read arbitrary file...

CVE-2025-3055

The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteavatarajax function in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above,...

CVE-2025-5779

A vulnerability has been found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /birthing.php. The manipulation of the argument itrno/compid leads to sql injection. The attack can be launched...

CVE-2025-48781

An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths...

CVE-2025-48781

An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths...

CVE-2025-48781 Soar Cloud HRD Human Resource Management System - External Control of File Name or Path

An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths...

CVE-2025-48781 Soar Cloud HRD Human Resource Management System - External Control of File Name or Path

An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths...

PT-2025-24063

Name of the Vulnerable Software and Affected Versions Soar Cloud HRD Human Resource Management System versions prior to 7.3.2025.0408 Description The issue allows remote attackers to obtain partial files by specifying arbitrary file paths due to an external control of file name or path...

PT-2025-23895 · WordPress · Wp User Frontend Pro

Name of the Vulnerable Software and Affected Versions: WP User Frontend Pro plugin for WordPress versions up to, and including, 4.1.3 Description: The issue is related to insufficient file path validation in the delete avatar ajax function, allowing authenticated attackers with Subscriber-level...

Teledyne FLIR AX8 命令注入漏洞

Teledyne FLIR AX8 is a series of thermal surveillance cameras from Teledyne FLIR USA. A command injection vulnerability exists in Teledyne FLIR AX8 version 1.46.16 and earlier, which stems from a command injection in the file /usr/www/application/models/subscriptions.php in the component Backend...

oa_system 路径遍历漏洞

oasystem is aaluoxiang individual developer of an application system for the daily operation and management of organizations, used by employees and managers. A path traversal vulnerability exists in oasystem, which stems from a path traversal caused by incorrect operation of the file...

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

Multilaser Sirius RE016 授权问题漏洞

Multilaser Sirius RE016 is a network appliance from Multilaser Sirius. An authorization issue vulnerability exists in Multilaser Sirius RE016 MLT version 1.0, which stems from improper authentication in the file /cgi-bin/cstecgi.cgi...

Blogbook 注入漏洞

Blogbook is a content management system project by Chaitak Gorai, an individual developer. Blogbook has an injection vulnerability that stems from a SQL injection in the parameter uid in the file /user.php...

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

CVE-2025-32802 Insecure handling of file paths allows multiple local attacks

Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions...