EUVD-2025-9944

Malicious code in bioql PyPI...

EUVD-2022-3942

Malicious code in bioql PyPI...

EUVD-2025-23346

Malicious code in bioql PyPI...

CVE-2025-9401

A vulnerability has been found in HuangDou UTCMS 9. This vulnerability affects unknown code of the file app/modules/ut-frame/admin/login.php of the component Login. Such manipulation of the argument code leads to incorrect comparison. The attack can be executed remotely. The attack requires a hig...

CVE-2025-9401 HuangDou UTCMS Login login.php comparison

A vulnerability has been found in HuangDou UTCMS 9. This vulnerability affects unknown code of the file app/modules/ut-frame/admin/login.php of the component Login. Such manipulation of the argument code leads to incorrect comparison. The attack can be executed remotely. The attack requires a hig...

PT-2025-34579 · Unknown · Huangdou Utcms Version 9

Name of the Vulnerable Software and Affected Versions: HuangDou UTCMS version 9 Description: A flaw exists in the Login component's code within the app/modules/ut-frame/admin/login.php file. Manipulation of the code related to an argument results in an incorrect comparison. This issue can be...

CVE-2025-8925

CVE-2025-8925 affects itsourcecode Sports Management System 1.0. The vulnerability is an SQL injection in /Admin/match.php caused by unsafely handling the code parameter, enabling remote exploitation and unauthorized data access. Exploit details have been publicly disclosed. No official fix/versi...

CVE-2025-8236 code-projects Online Ordering System edit_product.php sql injection

A vulnerability was found in code-projects Online Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/editproduct.php. The manipulation of the argument Name leads to sql injection. The attack can be initiated remotely. The exploit has...

CVE-2025-7211

A vulnerability was found in code-projects LifeStyle Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cartadd.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to t...

CVE-2025-6847

A vulnerability classified as critical was found in code-projects Simple Forum 1.0. This vulnerability affects unknown code of the file /forumedit.php. The manipulation of the argument iii leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public a...

CVE-2025-6834 code-projects Inventory Management System editPayment.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /phpaction/editPayment.php. The manipulation of the argument orderId leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-6611 code-projects Inventory Management System createBrand.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /phpaction/createBrand.php. The manipulation of the argument brandStatus leads to sql injection. The attack can be initiated remotely...

CVE-2025-5299

A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userordercustomerupdate.php. The manipulation of the argument uploadedfilecancelled leads to unrestricted upload. The attack ca...

CVE-2025-0203

A vulnerability was found in code-projects Student Management System 1.0. It has been declared as critical. This vulnerability affects the function showSubject1 of the file /config/DbFunction.php. The manipulation of the argument sid leads to sql injection. The attack can be initiated remotely. T...

CVE-2022-3288

A branch/tag name confusion in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to manipulate pages where the content of the default branch would be expected...

CVE-2022-48217

The tfremappernode component 1.1.1 for Robot Operating System ROS allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled oldtftopicname and/or newtftopicname...

CVE-2022-1716

Keep My Notes v1.80.147 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation...

CVE-2025-4472 code-projects Departmental Store Management System bill stack-based overflow

A vulnerability was found in code-projects Departmental Store Management System 1.0. It has been classified as critical. Affected is the function bill. The manipulation of the argument Item Code leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The explo...

CVE-2025-3252

A vulnerability has been found in xujiangfei admintwo 1.0 and classified as problematic. This vulnerability affects unknown code of the file /resource/add. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

CVE-2024-57778

An issue in Orbe ONetView Roeador Onet-1200 Orbe 1680210096 allows a remote attacker to escalate privileges via the servers response from status code 500 to status code 200...