PT-2025-30509 · Tenda · Tenda Ac23

Name of the Vulnerable Software and Affected Versions: Tenda AC23 version 16.03.07.52 Description: A critical vulnerability exists in the Tenda AC23. The vulnerability is located in the httpd component, specifically within the sub 46C940 function of the /goform/setMacFilterCfg file. Manipulation ...

PT-2025-30095 · Mrcms · Mrcms

Name of the Vulnerable Software and Affected Versions: MRCMS version 3.1.2 Description: The software contains a cross-site scripting XSS issue in the /admin/group/save.do component. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

PT-2025-23978 · Unknown · Phpgurukul Human Metapneumovirus Testing Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Human Metapneumovirus Testing Management System version 1.0 Description: A critical issue has been discovered, affecting some unknown functionality of the file /search-report-result.php. The manipulation of the serachdata argument...

PT-2025-22664 · Unknown · Phpgurukul Medical Card Generation System

Name of the Vulnerable Software and Affected Versions: PHPGURUKUL Medical Card Generation System version 1.0 Description: The issue concerns stored cross-site scripting XSS vulnerabilities in the /mcgs/admin/contactus.php component. Attackers can execute arbitrary web scripts or HTML by injecting...

PT-2025-18255 · Unknown · Phpgurukul Curfew E-Pass Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Curfew e-Pass Management System version 1.0 Description: A critical issue affects the processing of the file /admin/edit-pass-detail.php. The manipulation of the editid argument leads to SQL injection. The attack may be initiated...

CVE-2025-31438

Cross-Site Request Forgery CSRF vulnerability in Benoit De Boeck WP Supersized wp-supersized allows Cross Site Request Forgery.This issue affects WP Supersized: from n/a through = 3.1.6...

PT-2023-19726 · Unknown · Simple Customer Relationship Management System

Name of the Vulnerable Software and Affected Versions: Simple Customer Relationship Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the oldpass parameter under the Change Password function. Recommendations:...

PT-2022-27210 · Unknown · Poultry Farm Management System

Name of the Vulnerable Software and Affected Versions: Poultry Farm Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the del parameter at the "/Redcock-Farm/farm/category.php" API endpoint. Recommendations: F...

PT-2020-20637 · Ibl · Ibl Online Weather

Name of the Vulnerable Software and Affected Versions: IBL Online Weather versions prior to 4.3.5a Description: The issue allows unauthenticated reflected XSS via the redirect page. This can lead to malicious script execution without proper authentication. Recommendations: For versions prior to...

Wolters Kluwer TeamMate 3.1 - Cross-Site Request Forgery

Hello, Please find the below vulnerability details, --------------------------------------------------------------------------------------------------------------------------------- Exploit Title: Wolters Kluwer TeamMate+ – Cross-Site Request Forgery CSRF vulnerability Date: 02/09/2019 Exploit...

Debian Security Advisory DSA 2810-1 (ruby1.9.1 - heap overflow)

Charlie Somerville discovered that Ruby incorrectly handled floating point number conversion. If an application using Ruby accepted untrusted input strings and converted them to floating point numbers, an attacker able to provide such input could cause the application to crash or, possibly, execu...