PT-2025-47107

A flaw has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /manufacturer/edit unit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

PT-2025-46834

A flaw has been found in Fabian Ros/SourceCodester Simple E-Banking System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been published and may be used...

CVE-2025-12312

A flaw has been found in PHPGurukul Curfew e-Pass Management System 1.0. Impacted is an unknown function of the file view-pass-detail.php. This manipulation of the argument Fullname/Category causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may ...

EUVD-2025-36230

A flaw has been found in PHPGurukul Curfew e-Pass Management System 1.0. The impacted element is an unknown function of the file admin-profile.php. Executing manipulation of the argument adminname/email can lead to cross site scripting. The attack may be launched remotely. The exploit has been...

CVE-2025-11437

CVE-2025-11437 affects JhumanJ OpnForm ≤1.9.3, specifically the Form Editor’s /api/open/forms component. The issue enables cross-site scripting via that file, with remote initiation possible. Exploitation has been published and may be used in the wild. The vendor states the vulnerable feature is ...

CVE-2025-11410 Campcodes Advanced Online Voting Management System voters_add.php sql injection

A flaw has been found in Campcodes Advanced Online Voting Management System 1.0. This affects an unknown function of the file /admin/votersadd.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be executed remotely. The exploit has been published and m...

CVE-2025-11354

A flaw has been found in code-projects Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/addslideexec.php. Executing manipulation of the argument image can lead to unrestricted upload. The attack may be performed from remote. The exploit has been published an...

CVE-2025-11313 Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 findRolePage.do findRolePage sql injection

A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been published and may...

EUVD-2025-27097

Malicious code in bioql PyPI...

EUVD-2025-30371

Malicious code in bioql PyPI...

CVE-2025-11031

A flaw has been found in DataTables up to 1.10.13. The affected element is an unknown function of the file /examples/resources/examples.php. This manipulation of the argument src causes path traversal. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-10768 h2oai h2o-3 IBMDB2 JDBC Driver ImportSQLTable deserialization

A flaw has been found in h2oai h2o-3 up to 3.46.08. The impacted element is an unknown function of the file /99/ImportSQLTable of the component IBMDB2 JDBC Driver. This manipulation of the argument connectionurl causes deserialization. The attack may be initiated remotely. The exploit has been...

CVE-2025-9470 itsourcecode Apartment Management System add_m_committee.php sql injection

A flaw has been found in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /management/addmcommittee.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-9246

A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Impacted is the function checkportconflict of the file /goform/checkportconflict. Executing manipulation of the argument singleportrule/portrangerule can lea...

webchat File Include Vulnerability

webchat Class: File Include Vulnerability Published 2007/1/21 Remote: Yes Critical Level : Dangerous Site: http://www.easy-script.com/compt.php?id=1705 || http://sourceforge.net/projects/webdev-webchat/ Author: TheViper-hacker Contact: [email protected] file ; frame.php...