CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/09/18 1:39 a.m.•10 views

CVE-2025-56697

A Stored Cross-Site Scripting XSS vulnerability was discovered in the /users/adminpanel/admin/home.php?page=feedbacks file of Kashipara Computer Base Test v1.0. Attackers can inject malicious scripts via the smyFeedbacks POST parameter in /users/home.php...

6.1CVSS5.4AI score0.00259EPSS

CNVD•added 2025/09/18 12:0 a.m.•1 views

Computer Laboratory System File Upload Vulnerability

Computer Laboratory System is a computer laboratory system. A file upload vulnerability exists in Computer Laboratory System that stems from the file upload feature not restricting file types, no details of the vulnerability are available at this time...

7.3CVSS7AI score0.00312EPSS

OSV•added 2025/09/16 3:15 p.m.•2 views

CVE-2025-56295

7.3CVSS5.8AI score0.00312EPSS

NVD•added 2025/09/16 3:15 p.m.•3 views

CVE-2025-56295

7.3CVSS0.00312EPSS

Malwarebytes•added 2025/09/16 10:20 a.m.•5 views

“A dare, a challenge, a bit of fun:” Children are hacking their own schools’ systems, says study

As if ransomware wasn’t enough of a security problem for the sector, educational institutions also need to worry about their own students, a recent study shows. Last week, the UK Information Commissioner’s Office ICO published a report about the "insider threat of students". Here are a few key...

7AI score

Exploits0

OSV•added 2025/09/16 5:31 a.m.•1 views

MAL-2025-47322 Malicious code in kinyongi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d732e3667e35428369a2536b0d3d1ba6f5afbedd13b166bd769316c2ac8c750c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/09/16 5:28 a.m.•3 views

Malicious code in transform-remove-console (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 34def0802df34551bb9471a5204d7188e0b1d20db136c605b706bd98166df2d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score

Exploits0References2

OSSF Malicious Packages•added 2025/09/16 5:24 a.m.•2 views

Malicious code in xo-tray-height (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e77b86db993d991491d3db2d143bb8031f63d03acf7e372dcf716c51987f0d87 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/09/16 5:24 a.m.•2 views

Exploits0References3

MAL-2025-47364 Malicious code in xo-tray-height (npm)

OSSF Malicious Packages•added 2025/09/16 5:17 a.m.•3 views

Exploits0References3

Malicious code in @fastifyv4/fastifyv4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7083057255001380bdd51cad61f09f708b1f711acee9a0f9c83f8ad4a6388201 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/09/16 5:12 a.m.•3 views

MAL-2025-47299 Malicious code in conditionsjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0435e7d1dfd8568f73471eb3a1fe65cbe2e5891606cc0f64ace4156091c56cb7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/09/16 5:11 a.m.•3 views

Malicious code in oci-plugin-compliance (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 762cb43037a71931178ccf3452552b84331b30ada3f192f5d979eed5b372da3f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/09/16 5:11 a.m.•2 views

Exploits0References2

Malicious code in working_tests (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 49c21a63c0a80ed6817e5b19617e29f869d463d77843ef462ec7f9f177abe0aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/09/16 1:8 a.m.•2 views

Exploits0References3

Malicious code in @rxnt/phr-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 947f7c203c3177bd72a083fb5900eea77703e68cea6fccaf8fc27d871dfa65ef Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Vulnrichment•added 2025/09/16 12:0 a.m.•3 views

CVE-2025-56295

6.5AI score0.00312EPSS

Vulnrichment•added 2025/09/16 12:0 a.m.•2 views

CVE-2025-56697

5.1AI score0.00259EPSS

CNNVD•added 2025/09/16 12:0 a.m.•1 views

Kashipara Computer Base Test project in PHP 安全漏洞

Kashipara Computer Base Test project in PHP is a web application from Kashipara Inc. A security vulnerability exists in Kashipara Computer Base Test project in PHP v1.0, which stems from insufficient cleanup of the parameter smyFeedbacks in the file /users/adminpanel/admin/home.php, which could...

6.1CVSS6AI score0.00259EPSS