EUVD-2025-205608

A vulnerability was determined in code-projects Assessment Management 1.0. Affected by this issue is some unknown functionality of the file /admin/add-module.php. This manipulation of the argument linked causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

CVE-2025-15195 code-projects Assessment Management add-module.php sql injection

A vulnerability was determined in code-projects Assessment Management 1.0. Affected by this issue is some unknown functionality of the file /admin/add-module.php. This manipulation of the argument linked causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

PT-2025-50683

Name of the Vulnerable Software and Affected Versions Ruijie X30-PRO version X30-PRO-V1 09241521 Description An issue exists in Ruijie X30-PRO version X30-PRO-V1 09241521 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module set paramet...

PT-2025-50684

Name of the Vulnerable Software and Affected Versions Ruijie X60 PRO versions V1.00 through V2.00 Description An OS Command Injection issue exists in Ruijie X60 PRO. Attackers can execute arbitrary commands by sending a specially crafted POST request to the module set function within the...

PT-2025-50665

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1200G PRO versions 1.00 through 4.00 Description An issue exists in Ruijie RG-EW1200G PRO that allows attackers to execute arbitrary commands. This is due to an OS Command Injection flaw within the nbr cwmp.lua file located at...

PT-2025-50654

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX PRO versions B11P226 EW1800GX-PRO 10223117 Description An issue exists in Ruijie RG-EW1800GX PRO that may allow attackers to execute arbitrary commands. This can occur through a specially crafted POST request sent to the...

EUVD-2025-29908

Malicious code in bioql PyPI...

EUVD-2025-26463

Malicious code in bioql PyPI...

EUVD-2025-27179

Malicious code in bioql PyPI...

GO-2025-3950 Mattermost Missing Authorization vulnerability in github.com/mattermost/mattermost-server

Mattermost Missing Authorization vulnerability in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...

GO-2025-3919 NeuVector process with sensitive arguments lead to leakage in github.com/neuvector/neuvector

NeuVector process with sensitive arguments lead to leakage in github.com/neuvector/neuvector. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...

i-Educar 授权问题漏洞

i-Educar is a free educational software from Portábilis Open Source. An authorization issue vulnerability exists in i-Educar versions 2.10 and earlier, which stems from an improper authorization issue in the /module/Api/turma file...

CVE-2025-10011

A weakness has been identified in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /module/TabelaArredondamento/edit. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made availabl...

PT-2025-35639

Name of the Vulnerable Software and Affected Versions: itsourcecode Student Information Management System version 1.0 Description: A SQL injection issue exists in the file /admin/modules/subject/index.php due to manipulation of the ID argument. The attack can be launched remotely. The exploit is...

PT-2025-35640

Name of the Vulnerable Software and Affected Versions: itsourcecode Student Information Management System version 1.0 Description: A security flaw exists in itsourcecode Student Information Management System 1.0. Manipulation of the ID argument in the file /admin/modules/course/index.php can lead...

CVE-2025-7969

CVE-2025-7969 is an XSS issue in markdown-it (improper neutralization of input during web page generation) affecting the lib/renderer.mjs path, with markdown-it 14.1.0 as the vulnerable version. IBM and related advisories reference this CVE across multiple products, noting remediation requires up...

CVE-2025-9169

A vulnerability was determined in SolidInvoice up to 2.4.0. Impacted is an unknown function of the file /quotes of the component Quote Module. This manipulation of the argument Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

Linux Distros Unpatched Vulnerability : CVE-2020-1735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destinati...

MAL-2025-8973 Malicious code in @malware-test-sucre-tabes-gyrus-doree/test-mlw3-sucre-tabes-gyrus-doree (npm)

The package @malware-test-sucre-tabes-gyrus-doree/test-mlw3-sucre-tabes-gyrus-doree was found to contain malicious code...

CVE-2025-45317

A zip slip vulnerability in the /modules/ImportModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary code via a crafted archive...