PT-2025-29278 · Unknown · Campcodes Online Movie Theater Seat Reservation System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Movie Theater Seat Reservation System version 1.0 Description: A critical vulnerability exists in Campcodes Online Movie Theater Seat Reservation System 1.0. The vulnerability is due to SQL injection in an unknown functionali...

PT-2025-29276 · Campcodes · Campcodes Online Movie Theater Seat Reservation System

Name of the Vulnerable Software and Affected Versions: Campcodes Online Movie Theater Seat Reservation System version 1.0 Description: A critical issue exists in Campcodes Online Movie Theater Seat Reservation System 1.0. The manipulation of the ID argument in the /admin/manage theater.php file...

CVE-2025-7194

A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ipposition.asp of the component jhttpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launch...

CVE-2025-7161

A vulnerability classified as critical was found in PHPGurukul Zoo Management System 2.1. This vulnerability affects unknown code of the file /admin/add-normal-ticket.php. The manipulation of the argument cprice leads to sql injection. The attack can be initiated remotely. The exploit has been...

PT-2025-29194 · Tenda · Tenda Fh451

Name of the Vulnerable Software and Affected Versions: Tenda FH451 versions up to 1.0.0.9 Description: A critical vulnerability exists in Tenda FH451. The issue affects the fromAddressNat function within the /goform/addressNat file of the POST Request Handler component. Manipulation of the page...

CVE-2025-7115

A vulnerability was found in rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97. It has been rated as critical. Affected by this issue is the function PUT of the file apps/rowboat/app/api/uploads/fileId/route.ts of the component Session Handler. The manipulation of the argument...

PT-2025-29369 · Tenda · Tenda Fh1202

Name of the Vulnerable Software and Affected Versions: Tenda FH1202 version 1.2.0.14408 Description: A critical vulnerability exists in the Tenda FH1202 router firmware. The fromGstDhcpSetSer function within the /goform/GstDhcpSetSer file is affected. Manipulation of the dips argument leads to a...

PT-2025-29371 · Tenda · Tenda Fh1202

Name of the Vulnerable Software and Affected Versions: Tenda FH1202 version 1.2.0.14408 Description: A critical vulnerability has been identified in Tenda FH1202. The issue resides in the fromPptpUserAdd function within the /goform/PPTPDClient file. Manipulation of the Username argument leads to ...

CVE-2025-7173 code-projects Library System add-student.php sql injection

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

CVE-2025-7157 code-projects Online Note Sharing login.php sql injection

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

PT-2025-28133 · Rowboatlabs · Rowboat

Name of the Vulnerable Software and Affected Versions: rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97 Description: A critical issue has been found, affecting the function PUT of the file apps/rowboat/app/api/uploads/fileId/route.ts in the Session Handler component. The...

PT-2025-28131

Name of the Vulnerable Software and Affected Versions: SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b Description: A critical issue was found in the Session Handler component, specifically affecting the POST function of the file apps/sim/app/api/files/upload/route.ts. The...

CVE-2025-7087 Belkin F9K1122 webs formL2TPSetup stack-based overflow

A vulnerability classified as critical was found in Belkin F9K1122 1.00.33. Affected by this vulnerability is the function formL2TPSetup of the file /goform/formL2TPSetup of the component webs. The manipulation of the argument L2TPUserName leads to stack-based buffer overflow. The attack can be...

PT-2025-29174 · Tenda · Tenda O3V2

Name of the Vulnerable Software and Affected Versions: Tenda O3V2 version 1.0.0.123880 Description: A critical issue exists in Tenda O3V2 due to a stack-based buffer overflow. The vulnerability is located in the fromPingResultGet function within the /goform/setPing file of the httpd component...

PT-2025-29424 · Lb Link · Lb-Link Bl-Ac3600 +5

Name of the Vulnerable Software and Affected Versions: LB-LINK BL-AC1900, BL-AC2100 AZ3, BL-AC3600, BL-AX1800, BL-AX5400P, BL-WR9000 versions up to 20250702 Description: A critical vulnerability exists in the Web Interface component of the affected devices. The vulnerability is related to the...

PT-2025-27407 · Unknown · Phpgurukul Teachers Record Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Teachers Record Management System version 2.1 Description: A critical issue was found in the system, affecting the /admin/changeimage.php file. The tid argument is vulnerable to sql injection, allowing remote attacks. The issue has...

CVE-2025-6827 code-projects Inventory Management System editOrder.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /phpaction/editOrder.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

Security Bulletin: IBM MQ is affected by multiple vulnerabilities in the IBM Semeru Runtime Environment (CVE-2025-21587, CVE-2025-30698, CVE-2025-2900)

Summary Multiple issues were identified with the IBM Semeru Runtime Environment which is shipped with IBM MQ Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high...

CVE-2025-6657

PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

PT-2025-27251

Name of the Vulnerable Software and Affected Versions: eosphoros-ai db-gpt versions up to 0.7.2 Description: A critical issue has been found, affecting the import flow function of the file /api/v2/serve/awel/flow/import. The manipulation of the File argument leads to path traversal, allowing for...