PT-2025-53684

Name of the Vulnerable Software and Affected Versions itsourcecode Online Cake Ordering System version 1.0 Description A SQL injection issue exists in itsourcecode Online Cake Ordering System 1.0. The manipulation of the ID argument in the /detailtransac.php file can lead to SQL injection. This...

CVE-2025-67255

In NagiosXI 2026R1.0.1 build 1762361101, Dashboard parameters lack proper filtering, allowing any authenticated user to exploit a SQL Injection vulnerability...

CampCodes Supplier Management System SQL注入漏洞

CampCodes Supplier Management System is a supplier management system from CampCodes, Inc. A SQL injection vulnerability exists in CampCodes Supplier Management System version 1.0, which stems from an incorrect manipulation of the parameter txtAreaCode in the file /admin/addarea.php, which could...

Orangescrum SQL Injection Vulnerability

Orangescrum is a project and task management software tool that also provides productivity tools for work organization and team collaboration. Orangescrum suffers from a SQL injection vulnerability that stems from insufficient validation of parameter inputs such as oldprojectid, projectid, uuid,...

Jsish 安全漏洞

Jsish is a small JavaScript parser written in C with a built-in database by the pcmacdon individual developer. A security vulnerability exists in Jsish version 2.0 that stems from type confusion and could lead to a crash or code execution...

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Shenzhou Vision Han Technology Co., Ltd (CNVD-C-2025-1206330)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI version 2026R1.0.1, which stems from improper filtering of...

UTT aggressive 512W buffer overflow vulnerability (CNVD-2026-0079178)

The UTT Progressive 512W is an enterprise-grade wireless router from Atech UTT designed for small and medium-sized businesses SOHO and similarly sized network environments for access scenarios of 30 to 50 users. The UTT Progressive 512W suffers from a buffer overflow vulnerability that originates...

PT-2025-53818

Name of the Vulnerable Software and Affected Versions FontForge affected versions not specified Description A flaw exists in FontForge related to the parsing of SFD files. Insufficient validation of user-supplied data can lead to a write past the end of an allocated array, potentially allowing a...

EUVD-2025-205526

A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing manipulation can lead to files or directories accessible. It is possible to launch the attack remotely. Attacks of this nature are...

CVE-2025-15153

A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing a manipulation can lead to files or directories accessible. It is possible to launch the attack remotely. Attacks of this nature are...

CVE-2025-15153

A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing a manipulation can lead to files or directories accessible. It is possible to launch the attack remotely. Attacks of this nature are...

CVE-2025-15153

A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing a manipulation can lead to files or directories accessible. It is possible to launch the attack remotely. Attacks of this nature are...

CVE-2025-15153 PbootCMS SQLite Database pbootcms.db file access

A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing a manipulation can lead to files or directories accessible. It is possible to launch the attack remotely. Attacks of this nature are...

CVE-2025-15153

CVE-2025-15153 affects PbootCMS up to version 3.2.12, involving the SQLite Database component (file: /data/pbootcms.db). A misoperation in an unknown function within that file can permit remote manipulation that leads to access to files or directories. Exploitation is described as remotely execut...

VIPSQLi

🔥 VIP SQLi Scanner - Professional Triage Tool REAL SQLi PEH...

EUVD-2025-205499

A security vulnerability has been detected in FantasticLBP HotelsServer up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/api/Room.php. Such manipulation of the argument hotelId leads to sql injection. The attack may be...

CVE-2025-15127 FantasticLBP Hotels_Server Room.php sql injection

A security vulnerability has been detected in FantasticLBP HotelsServer up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/api/Room.php. Such manipulation of the argument hotelId leads to sql injection. The attack may be...

[SECURITY] Fedora 43 Update: duc-1.4.6-1.fc43

Duc is a collection of tools for indexing, inspecting and visualizing disk usage. Duc maintains a database of accumulated sizes of directories of the file system, and allows you to query this database with some tools, or create fancy graphs showing you where your bytes are...

PT-2025-53642

Name of the Vulnerable Software and Affected Versions FantasticLBP Hotels Server affected versions not specified Description A security issue exists in FantasticLBP Hotels Server related to the /controller/api/Room.php file. Manipulation of the hotelId argument can lead to SQL injection. This...