CVE-2025-10688

A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file /admin/operation/paid.php. This manipulation of the argument invno/instaamt causes sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-10427

A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/operation/user.php. Executing manipulation of the argument websiteimage can lead to unrestricted upload. It is possible to launch the attack remotely. The...

CVE-2025-10427

A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/operation/user.php. Executing manipulation of the argument websiteimage can lead to unrestricted upload. It is possible to launch the attack remotely. The...

CVE-2025-10427 SourceCodester Pet Grooming Management Software user.php unrestricted upload

A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/operation/user.php. Executing manipulation of the argument websiteimage can lead to unrestricted upload. It is possible to launch the attack remotely. The...

CVE-2025-10427

SourceCodester Pet Grooming Management Software 1.0 is affected. The vulnerability lies in the file /admin/operation/user.php where manipulating the website_image argument enables unrestricted file uploads, potentially allowing remote and unauthenticated or low-privilege attackers to upload arbit...

CVE-2025-50370

A Cross-Site Request Forgery CSRF vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul Medical Card Generation System 1.0. The vulnerable endpoint allows an authenticated admin to delete inquiry records via a simple GET request, without requiring ...

CVE-2023-1552

ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user's context through the deserialization of an untrusted configurati...

CVE-2024-37140

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an OS command injection vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the syste...

CVE-2024-37139

CVE-2024-37139 affects Dell PowerProtect DD before 8.0 and certain LTS branches (7.13.1.0.7.10.1.30, 7.7.5.40) with an improper control of a resource through its lifetime in an admin operation. This could allow a remote, low-privilege attacker to cause temporary resource constraint in a system ap...

PT-2024-27330 · Dell · Dell Powerprotect Dd

Name of the Vulnerable Software and Affected Versions: Dell PowerProtect DD versions prior to 8.0 Dell PowerProtect DD LTS 7.13.1.0 Dell PowerProtect DD LTS 7.10.1.30 Dell PowerProtect DD LTS 7.7.5.40 Description: The issue is an OS command injection vulnerability in an admin operation. A remote...

CVE-2023-48668

Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 on DDMC contain an OS command injection vulnerability in an admin operation. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands o...