PT-2025-27349 · Code Projects · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue was found in the code, affecting the /forum edit.php file. The manipulation of the iii argument leads to SQL injection. This issue can be exploited remotely. Recommendations...

PT-2025-26651

Name of the Vulnerable Software and Affected Versions: 70mai M300 up to 20250611 Description: A vulnerability has been found in the RTSP Live Video Stream Endpoint of the 70mai M300, affecting an unknown functionality of the file /livestream/12. This leads to improper authentication. The attack...

PT-2025-26557 · Unknown · Simple Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: Simple Pizza Ordering System version 1.0 Description: A critical issue has been found in the Simple Pizza Ordering System. This issue affects the /salesreport.php file and is related to the manipulation of the dayfrom argument, leading to SQL...

PT-2025-26284 · Unknown · Campcodes Sales/Inventory System

Name of the Vulnerable Software and Affected Versions: Campcodes Sales and Inventory System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file /pages/cat update.php. The manipulation of the ID argument leads to SQL injection. It is possibl...

PT-2025-25541 · Unknown · Parking Management System

Name of the Vulnerable Software and Affected Versions: Das Parking Management System version 6.2.0 Description: A critical issue was found in the API component, specifically affecting an unknown part of the /IntraFieldVehicle/Search file. The manipulation of the Value argument leads to SQL...

PT-2025-24428 · Tcman · Tcman'S Gim

Name of the Vulnerable Software and Affected Versions: TCMAN's GIM version 11 Description: The issue is related to an incorrect authorization vulnerability. This vulnerability allows an attacker with a low privilege level to change the password of other users through a POST request using the...

PT-2025-23976 · Unknown · Phpgurukul Human Metapneumovirus Testing Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Human Metapneumovirus Testing Management System version 1.0 Description: A critical issue has been identified in the system, affecting an unknown functionality of the file /bwdates-report-result.php. The manipulation of the fromdat...

PT-2025-21913 · Unknown · Phpgurukul Auto Taxi Stand Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Auto Taxi Stand Management System version 1.0 Description: A critical issue affects the processing of the file /admin/admin-profile.php, where the manipulation of the mobilenumber argument leads to SQL injection. The attack can be...

PT-2025-21573 · Sourcecodester · Sourcecodester Student Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Result Management System version 1.0 Description: A critical issue was found in the system, affecting the file academic/core/drop student.php. The manipulation of the img argument leads to path traversal. This issue can...

PT-2025-20646

Name of the Vulnerable Software and Affected Versions Discord version 1.0.9188 Description A critical issue has been found in Discord, affecting some unknown functionality in the library WINSTA.dll. This issue leads to an uncontrolled search path. The attack must be approached locally and has a...

PT-2025-20420 · Totolink · Totolink A950Rg

Name of the Vulnerable Software and Affected Versions: TOTOlink A950RG version 4.1.2cu.5204 B20210112 Description: The issue arises from improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of the /lib/cste modules/system.so module. This leads to a buffer overflow...

PT-2025-20387 · Slims · Slims

Name of the Vulnerable Software and Affected Versions: Slims Senayan Library Management Systems version 9.6.1 Description: The issue is related to SQL Injection in the admin/modules/master file/author.php file. This allows for potential exploitation. No information is provided about the estimated...

PT-2025-19806 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 13.3 Description: A SQL injection issue was discovered in the admin topic.php component. Recommendations: For SeaCMS version 13.3, update to a version that fixes the SQL injection vulnerability in the admin topic.php component...

PT-2025-19732 · NetGear · Netgear Rax5

Name of the Vulnerable Software and Affected Versions: NETGEAR RAX5 version 1.0.2.26 Description: A command injection issue was discovered in the NETGEAR RAX5 AX1600 WiFi Router via the ifname parameter in the apcli do enr pbc wps function. Recommendations: For version 1.0.2.26, consider...

PT-2025-18255 · Unknown · Phpgurukul Curfew E-Pass Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Curfew e-Pass Management System version 1.0 Description: A critical issue affects the processing of the file /admin/edit-pass-detail.php. The manipulation of the editid argument leads to SQL injection. The attack may be initiated...

PT-2025-18086 · Unknown · Phpgurukul Nipah Virus Testing Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Nipah Virus Testing Management System version 1.0 Description: A critical issue has been found in the processing of the file /profile.php. The manipulation of the adminname argument leads to SQL injection. The attack may be initiat...

PT-2025-17341 · Macro Video Technologies Co. · V380E6 C1 Ip Camera

Name of the Vulnerable Software and Affected Versions: Macro-video Technologies Co.,Ltd V380E6 C1 IP camera version 1020302 Description: An issue in the V380E6 C1 IP camera allows a physically proximate attacker to execute arbitrary code via the /mnt/mtd/mvconf/wifi.ini and /mnt/mtd/mvconf/user...

PT-2025-16601 · WordPress · Wp Posts Carousel

Name of the Vulnerable Software and Affected Versions: WP Posts Carousel versions 1.3.10 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For WP...

PT-2025-16216 · Huanfenz/Code Projects · Studentmanager

Name of the Vulnerable Software and Affected Versions: huanfenz/code-projects StudentManager version 1.0 Description: A critical issue was found in the Announcement Management Section of the software, specifically affecting the /upload/uploadArticle.do file. The manipulation of the File argument...

PT-2025-16083 · WordPress · Wp Online Users Stats

Name of the Vulnerable Software and Affected Versions: WP Online Users Stats versions prior to 1.0.0 Description: The issue is related to the improper neutralization of special elements used in an SQL command, allowing for Blind SQL Injection. This can be exploited through API endpoints, although...