Lucene search
+L

267 matches found

OSV
OSV
added 2025/09/26 8:15 p.m.7 views

CVE-2025-11041

A vulnerability has been found in itsourcecode Open Source Job Portal 1.0. Affected by this issue is some unknown functionality of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit h...

8.8CVSS5.7AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/24 7:34 p.m.6 views

CVE-2025-10812

A vulnerability has been found in code-projects Hostel Management System 1.0. This impacts an unknown function of the file /justines/admin/modamenities/index.php?view=view. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

9.8CVSS7.3AI score0.00441EPSS
Exploits1References1
NVD
NVD
added 2025/09/23 2:15 a.m.4 views

CVE-2025-10828

A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/edit.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly an...

8.8CVSS0.00351EPSS
Exploits1References5
NVD
NVD
added 2025/09/22 9:15 p.m.5 views

CVE-2025-10814

A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/goahead. This manipulation of the argument port causes command injection. The attack can be initiated remotely. The exploit has been publicly...

8.8CVSS0.06115EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/22 8:32 p.m.5 views

CVE-2025-10814 D-Link DIR-823X goahead command injection

A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/goahead. This manipulation of the argument port causes command injection. The attack can be initiated remotely. The exploit has been publicly...

6.5CVSS6.8AI score0.06115EPSS
Exploits1References5
CVE
CVE
added 2025/09/22 7:32 p.m.21 views

CVE-2025-10812

CVE-2025-10812 affects the code-projects Hostel Management System v1.0. The vulnerability is a SQL injection in the file /justines/admin/mod_amenities/index.php?view=view, triggered by manipulation of the ID parameter. It can be exploited remotely and details have been publicly disclosed. Public ...

9.8CVSS7.2AI score0.00441EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/09/22 6:2 p.m.14 views

CVE-2025-10809 Campcodes Online Learning Management System department.php sql injection

A security vulnerability has been detected in Campcodes Online Learning Management System 1.0. The affected element is an unknown function of the file /admin/department.php. Such manipulation of the argument d leads to sql injection. The attack can be executed remotely. The exploit has been...

7.5CVSS0.00518EPSS
Exploits1References6
NVD
NVD
added 2025/09/18 12:15 p.m.6 views

CVE-2025-10664

A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing manipulation of the argument subject can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

9.8CVSS0.00387EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/09/17 7:50 a.m.5 views

CVE-2025-10431

A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/ajaxrepresent.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public...

8.8CVSS7.1AI score0.00351EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.6 views

PT-2025-38281

Name of the Vulnerable Software and Affected Versions: SourceCodester Hotel Reservation System version 1.0 Description: A SQL injection issue exists in the editroomimage.php file due to manipulation of the ID argument. This can be initiated remotely. The exploit has been publicly disclosed...

7.5CVSS7.4AI score0.00441EPSS
Exploits1References8
CVE
CVE
added 2025/09/15 3:32 a.m.19 views

CVE-2025-10424

CVE-2025-10424 affects 1000projects Online Student Project Report Submission and Evaluation System version 1.0. The vulnerability is in /admin/controller/faculty_controller.php, where manipulation of the argument new_image enables unrestricted file uploads and can be exploited remotely. Public di...

9.8CVSS7.2AI score0.00424EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/09/14 9:15 a.m.6 views

CVE-2025-10396

A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...

9.8CVSS0.00435EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/14 3:2 a.m.3 views

CVE-2025-10387 codesiddhant Jasmin Ransomware handshake.php sql injection

A vulnerability was determined in codesiddhant Jasmin Ransomware up to 1.0.1. This vulnerability affects unknown code of the file /handshake.php. This manipulation of the argument machinename/computeruser/os/date/time/ip/location/systemid/password causes sql injection. The attack can be initiated...

6.5CVSS6.5AI score0.00381EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/09/13 12:0 a.m.4 views

PT-2025-37379

Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross-site scripting issue exists in MiczFlor RPi-Jukebox-RFID. The issue affects an unknown part of the /htdocs/cardRegisterNew.php file. Remote attackers can execute manipulation...

5.1CVSS3.6AI score0.00276EPSS
Exploits1References11
Cvelist
Cvelist
added 2025/09/11 11:2 p.m.14 views

CVE-2025-10272 erjinzhi 10OA catalogue cross site scripting

A vulnerability was determined in erjinzhi 10OA 1.0. Affected is an unknown function of the file /trial/mvc/catalogue. This manipulation of the argument Name causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor...

5.3CVSS0.00332EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-6298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability affects the function main of the file PdfDocument.java. The...

6.5CVSS5.4AI score0.01101EPSS
Exploits1References2
OSV
OSV
added 2025/09/07 10:32 p.m.5 views

CVE-2025-10071 Portabilis i-Educar cancelar-enturmacao-em-lote access control

A vulnerability has been found in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /cancelar-enturmacao-em-lote/. Such manipulation leads to improper access controls. The attack may be performed from remote. The exploit has been disclosed to the public and may b...

5.3CVSS6AI score0.00296EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/09/06 1:34 a.m.5 views

CVE-2025-9942

A vulnerability has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /submitproperty.php. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

8.8CVSS6.2AI score0.00443EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/09/05 9:32 p.m.29 views

CVE-2025-10027 itsourcecode POS Point of Sale System 2512.php cross site scripting

A vulnerability was determined in itsourcecode POS Point of Sale System 1.0. Affected by this issue is some unknown functionality of the file /inventory/main/vendors/datatables/unittesting/templates/2512.php. This manipulation of the argument scripts causes cross site scripting. The attack can be...

5.1CVSS0.00264EPSS
Exploits1References5
CVE
CVE
added 2025/09/05 2:32 p.m.23 views

CVE-2025-10012

Portabilis i-Educar up to 2.10 is affected by an SQL injection in educar_historico_escolar_lst.php via manipulation of the ref_cod_aluno parameter. The issue enables remote exploitation and has been publicly disclosed. Remediation per sources is to upgrade to a version newer than 2.10 or apply th...

8.8CVSS6.4AI score0.0037EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder