267 matches found
CVE-2025-11041
A vulnerability has been found in itsourcecode Open Source Job Portal 1.0. Affected by this issue is some unknown functionality of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit h...
CVE-2025-10812
A vulnerability has been found in code-projects Hostel Management System 1.0. This impacts an unknown function of the file /justines/admin/modamenities/index.php?view=view. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
CVE-2025-10828
A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/edit.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly an...
CVE-2025-10814
A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/goahead. This manipulation of the argument port causes command injection. The attack can be initiated remotely. The exploit has been publicly...
CVE-2025-10814 D-Link DIR-823X goahead command injection
A vulnerability was determined in D-Link DIR-823X 240126/240802/250416. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/goahead. This manipulation of the argument port causes command injection. The attack can be initiated remotely. The exploit has been publicly...
CVE-2025-10812
CVE-2025-10812 affects the code-projects Hostel Management System v1.0. The vulnerability is a SQL injection in the file /justines/admin/mod_amenities/index.php?view=view, triggered by manipulation of the ID parameter. It can be exploited remotely and details have been publicly disclosed. Public ...
CVE-2025-10809 Campcodes Online Learning Management System department.php sql injection
A security vulnerability has been detected in Campcodes Online Learning Management System 1.0. The affected element is an unknown function of the file /admin/department.php. Such manipulation of the argument d leads to sql injection. The attack can be executed remotely. The exploit has been...
CVE-2025-10664
A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing manipulation of the argument subject can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...
CVE-2025-10431
A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/ajaxrepresent.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public...
PT-2025-38281
Name of the Vulnerable Software and Affected Versions: SourceCodester Hotel Reservation System version 1.0 Description: A SQL injection issue exists in the editroomimage.php file due to manipulation of the ID argument. This can be initiated remotely. The exploit has been publicly disclosed...
CVE-2025-10424
CVE-2025-10424 affects 1000projects Online Student Project Report Submission and Evaluation System version 1.0. The vulnerability is in /admin/controller/faculty_controller.php, where manipulation of the argument new_image enables unrestricted file uploads and can be exploited remotely. Public di...
CVE-2025-10396
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/editrole.php. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The explo...
CVE-2025-10387 codesiddhant Jasmin Ransomware handshake.php sql injection
A vulnerability was determined in codesiddhant Jasmin Ransomware up to 1.0.1. This vulnerability affects unknown code of the file /handshake.php. This manipulation of the argument machinename/computeruser/os/date/time/ip/location/systemid/password causes sql injection. The attack can be initiated...
PT-2025-37379
Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A cross-site scripting issue exists in MiczFlor RPi-Jukebox-RFID. The issue affects an unknown part of the /htdocs/cardRegisterNew.php file. Remote attackers can execute manipulation...
CVE-2025-10272 erjinzhi 10OA catalogue cross site scripting
A vulnerability was determined in erjinzhi 10OA 1.0. Affected is an unknown function of the file /trial/mvc/catalogue. This manipulation of the argument Name causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor...
Linux Distros Unpatched Vulnerability : CVE-2023-6298
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability affects the function main of the file PdfDocument.java. The...
CVE-2025-10071 Portabilis i-Educar cancelar-enturmacao-em-lote access control
A vulnerability has been found in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /cancelar-enturmacao-em-lote/. Such manipulation leads to improper access controls. The attack may be performed from remote. The exploit has been disclosed to the public and may b...
CVE-2025-9942
A vulnerability has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /submitproperty.php. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...
CVE-2025-10027 itsourcecode POS Point of Sale System 2512.php cross site scripting
A vulnerability was determined in itsourcecode POS Point of Sale System 1.0. Affected by this issue is some unknown functionality of the file /inventory/main/vendors/datatables/unittesting/templates/2512.php. This manipulation of the argument scripts causes cross site scripting. The attack can be...
CVE-2025-10012
Portabilis i-Educar up to 2.10 is affected by an SQL injection in educar_historico_escolar_lst.php via manipulation of the ref_cod_aluno parameter. The issue enables remote exploitation and has been publicly disclosed. Remediation per sources is to upgrade to a version newer than 2.10 or apply th...