CVE-2026-10225

A vulnerability was detected in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file logincheck.php of the component Login. Performing a manipulation of the argument Username results in sql injection. The...

CVE-2026-9471 yashpokharna2555 StudentManagementSystem student.php cross site scripting

A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRSTNAME results in cross site scripting. The attack can be initiated remotely...

Improper Check for Unusual or Exceptional Conditions

Overview openssl-encrypt is an A package for secure file encryption and decryption based on modern ciphers using heavy-compute-load chaining of hashing and KDF to generate strong encryption password based on users provided password to ensure secure encryption of files Affected versions of this...

PT-2026-24849

Name of the Vulnerable Software and Affected Versions xierongwkhd weimai-wetapp versions up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2 Description A flaw exists in xierongwkhd weimai-wetapp. The issue affects the getLikeMovieList function within the file source-code/src/main/java/com/moke/wp/wx...

CVE-2026-1835

CVE-2026-1835 affects lcg0124 BootDo, with versions prior to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb identified as vulnerable. The issue is a cross-site request forgery that can be exploited remotely and for which an exploit is publicly available. The affected product uses a rolling release stra...

CVE-2025-14192

A vulnerability was found in RashminDungrani online-banking up to 2337ad552ea9d385b4e07b90e6f32d011b7c68a2. This affects an unknown part of the file /site/dist/authlogin.php. Performing manipulation of the argument Username results in sql injection. The attack can be initiated remotely. The explo...

CVE-2025-13783

A security flaw has been discovered in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. This affects the function check/uncheck/delete of the file application/Comment/Controller/CommentadminController.class.php of the component CommentadminController. The manipulation of the argument...

OESA-2025-2362 gimp security update

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...

CVE-2025-11594

A vulnerability has been found in ywxbear PHP-Bookstore-Website-Example and PHP Basic BookStore Website up to 0e0b9f542f7a2d90a8d7f8c83caca69294e234e4. This issue affects some unknown processing of the file /index.php of the component Quantity Handler. Such manipulation leads to improper validati...

CVE-2025-11319

A weakness has been identified in nahiduddinahammed Hospital-Management-System-Website up to e6562429e14b2f88bd2139cae16e87b965024097. This issue affects some unknown processing of the file /delete.php. This manipulation of the argument ai causes sql injection. It is possible to initiate the atta...

CVE-2023-47806

Cross-Site Request Forgery CSRF vulnerability in Saint Systems Disable User Login.This issue affects Disable User Login: from n/a through 1.3.7...

PT-2025-15357 · Unknown · Mymagicpower Aias

Name of the Vulnerable Software and Affected Versions: mymagicpower AIAS 20250308 Description: A critical issue was found in mymagicpower AIAS, affecting an unknown function of the file 2 training platform/train-platform/src/main/java/top/aias/training/controller/InferController.java. The...

PT-2025-3892 · Netvision Information · Airpass

Name of the Vulnerable Software and Affected Versions: airPASS from NetVision Information affected versions not specified Description: The issue allows unauthenticated remote attackers to access specific administrative functionality, enabling them to retrieve all accounts and passwords. This pose...

PT-2025-3833 · Unknown · Codezips Project Management System

Name of the Vulnerable Software and Affected Versions: Codezips Project Management System version 1.0 Description: A critical issue has been found in Codezips Project Management System, affecting an unknown part of the file /pages/forms/teacher.php. The manipulation of the argument name leads to...

PT-2025-4577 · Unknown · Bozdoz Quote Tweet

Name of the Vulnerable Software and Affected Versions: bozdoz Quote Tweet versions n/a through 0.7 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application, and...

PT-2024-10666 · Unknown · /Proc/Driver/Wmt Dbg

Name of the Vulnerable Software and Affected Versions: /proc/driver/wmt dbg driver affected versions not specified Description: The issue concerns the /proc/driver/wmt dbg driver, where several possible out of bounds writes could lead to local escalation of privilege. System execution privileges...

PT-2024-33353 · Unknown · Madiri Salman Aashish

Name of the Vulnerable Software and Affected Versions: Madiri Salman Aashish versions n/a through 1.1 Description: The issue is related to Incorrect Privilege Assignment in the registration system, allowing Privilege Escalation when adding drop down roles. This can be exploited due to the incorre...

PT-2024-38795 · Unknown · Sourcecodester E-Commerce System

Name of the Vulnerable Software and Affected Versions: SourceCodester E-Commerce System version 1.0 Description: A critical vulnerability has been found in the SourceCodester E-Commerce System, affecting unknown code of the file /ecommerce/admin/login.php of the component Admin Login. The...

PT-2024-40356 · Unknown · Laravel Framework

Name of the Vulnerable Software and Affected Versions: Laravel Framework affected versions not specified Description: The issue arises when a field, normally a non-array value, is crafted as an array in a request and this input is not validated or cast to its expected type before being passed to...

PT-2024-13272 · Unknown · Webreports

Name of the Vulnerable Software and Affected Versions: WebReports affected versions not specified Description: The issue allows an administrative user of WebReports to perform a Cross Site Scripting XSS and/or Man in the Middle MITM exploit through SAML configuration. Recommendations: At the...