MAL-2025-4549 Malicious code in @stepstone-genesis/components (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c5874a7aeef3ac8f8faaa8e232c3010de7fd69fe6e411681099034bbb0c712d5 Any computer that has this package installed or running should be considered...

MAL-2025-4548 Malicious code in @partners-types/generics (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 286b6e3a0670f9322ce7783e57233cd6fd2d58fca486ab1abf62f2037fd0c63c Any computer that has this package installed or running should be considered...

MAL-2025-4543 Malicious code in @ing-web-es/application (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7692fb7f2c8d0720f92ab88567ebb27c12e7cbcd9e735c8aa3676782f17268de Any computer that has this package installed or running should be considered...

MAL-2025-4544 Malicious code in @mc-donate/donateweb (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9325722a4b74dc591b6e7655a9bd06db9dff5b54b68de22c24fd2b38d03743ae Any computer that has this package installed or running should be considered...

CVE-2025-0342

A vulnerability, which was classified as problematic, was found in CampCodes Computer Laboratory Management System 1.0. This affects an unknown part of the file /class/edit/edit. The manipulation of the argument slname leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2025-0458

A vulnerability classified as problematic was found in Virtual Computer Vysual RH Solution 2024.12.1. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Panel. The manipulation of the argument page leads to cross site scripting. The attack can...

CVE-2024-47172

Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account may retrieve certain information about any project, task, job or membership resource on the CVAT instance. The information exposed in this way is the same as...

CVE-2024-34480

SourceCodester Computer Laboratory Management System 1.0 allows admin/category/viewcategory.php id SQL Injection...

CVE-2024-34479

SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection...

CVE-2024-31546

Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/viewdamage.php...

CVE-2024-31545

Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manageuser=6...

CVE-2024-31547

Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/viewitem.php...

CVE-2024-3139

A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function saveusers of the file /classes/Users.php?f=save. The manipulation of the argument id leads to improper authorization. The attack ma...

CVE-2024-7787

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ITG Computer Technology vSRM Supplier Relationship Management System allows Reflected XSS, Cross-Site Scripting XSS. This issue affects vSRM Supplier Relationship Management System: before...

CVE-2024-24100

Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via PublisherID...

CVE-2024-2067

A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-computer.php. The manipulation of the argument computer leads to sql injection. The attack can be initiated remotely. T...

CVE-2024-24096

Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via BookSBIN...

CVE-2024-31586

A Cross Site Scripting XSS vulnerability exists in Computer Laboratory Management System version 1.0. This vulnerability allows a remote attacker to execute arbitrary code via the Borrower Name, Department, and Remarks parameters...

CVE-2024-3314

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php. The manipulation leads to sql injection. The attack may be initiated remotely. The identifier VDB-259385 was...

CVE-2024-3316

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/category/viewcategory.php. The manipulation of the argument id leads to sql injection. The attack...