CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability classified as critical has been found in code-projects AVL Rooms 1.0. This affects an unknown part of the file /city.php. The manipulation of the argument city leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

9.8CVSS7.7AI score0.00399EPSS

Exploits1References1

RedhatCVE•added 2025/07/16 12:59 p.m.•10 views

CVE-2025-7605

A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has been...

9.8CVSS7.4AI score0.00396EPSS

Exploits1References1

OSV•added 2025/07/14 1:15 p.m.•2 views

CVE-2025-7606

9.8CVSS5.8AI score

Exploits0References5

NVD•added 2025/07/14 1:15 p.m.•5 views

CVE-2025-7606

9.8CVSS0.00399EPSS

Exploits1References5

OSV•added 2025/07/14 1:15 p.m.•3 views

CVE-2025-7605

9.8CVSS5.8AI score

Exploits0References5

NVD•added 2025/07/14 1:15 p.m.•5 views

CVE-2025-7605

9.8CVSS0.00396EPSS

Exploits1References5

CVE•added 2025/07/14 1:2 p.m.•21 views

CVE-2025-7606

CVE-2025-7606 affects AVL Rooms 1.0, with a SQL injection in /city.php triggered by the city parameter. The vulnerability is exploitable remotely and publicly disclosed, prompting immediate attention. Reported by multiple sources (NVD, Red Hat, CVE List) across tooling ecosystems. Root cause cent...

9.8CVSS7.5AI score0.00399EPSS

Exploits1References5Affected Software1

Cvelist•added 2025/07/14 1:2 p.m.•11 views

CVE-2025-7606 code-projects AVL Rooms city.php sql injection

7.5CVSS0.00399EPSS

Exploits1References5

Vulnrichment•added 2025/07/14 1:2 p.m.•4 views

CVE-2025-7606 code-projects AVL Rooms city.php sql injection

7.5CVSS7.7AI score0.00399EPSS

Exploits1References5

Vulnrichment•added 2025/07/14 12:44 p.m.•4 views

CVE-2025-7605 code-projects AVL Rooms profile.php sql injection

7.5CVSS7.5AI score0.00396EPSS

Exploits1References5

CVE•added 2025/07/14 12:44 p.m.•18 views

CVE-2025-7605

CVE-2025-7605 affects AVL Rooms 1.0 by Code-Projects. The vulnerability is an SQL injection in /profile.php via the first_name parameter, exploitable remotely. Exploit has been publicly disclosed. Affects unknown functionality; exploitability and impact are described as high in CVSS notes across ...

9.8CVSS7.5AI score0.00396EPSS

Exploits1References5Affected Software1

Cvelist•added 2025/07/14 12:44 p.m.•10 views

CVE-2025-7605 code-projects AVL Rooms profile.php sql injection

7.5CVSS0.00396EPSS

Exploits1References5

CNNVD•added 2025/07/14 12:0 a.m.•1 views

Code-Projects AVL Rooms 安全漏洞

Code-Projects AVL Rooms is an AVL room system from Code-Projects open source. A security vulnerability exists in Code-Projects AVL Rooms version 1.0, which stems from a SQL injection due to incorrect manipulation of the parameter city in the file /city.php...

9.8CVSS7.8AI score0.00399EPSS

Exploits1References6

Positive Technologies•added 2025/07/14 12:0 a.m.•4 views

PT-2025-29464 · Avl Rooms · Avl Rooms

Name of the Vulnerable Software and Affected Versions: AVL Rooms version 1.0 Description: A critical issue exists in AVL Rooms that allows for SQL injection. The vulnerability is located in the /city.php file, where manipulation of the city argument can trigger the attack remotely. The exploit fo...

9.8CVSS7.8AI score0.00399EPSS

Exploits1References8

CNNVD•added 2025/07/14 12:0 a.m.•2 views

Code-Projects AVL Rooms 安全漏洞

Code-Projects AVL Rooms is an AVL room system from Code-Projects open source. A security vulnerability exists in Code-Projects AVL Rooms version 1.0, which stems from SQL injection due to incorrect manipulation of the parameter firstname in the file /profile.php...

9.8CVSS7.8AI score0.00396EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by