CVE-2025-53923 Emlog vulnerable to reflected Cross-site Scripting in admin panel

Emlog is an open source website building system. A cross-site scripting XSS vulnerability in emlog up to and including pro-2.5.17 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. Due to lack of sanitization it is possible to inject HTML/JS code into keywor...

CVE-2025-2973

A vulnerability, which was classified as critical, was found in code-projects College Management System 1.0. This affects an unknown part of the file /Admin/student.php. The manipulation of the argument profileimage leads to unrestricted upload. It is possible to initiate the attack remotely. The...