[SECURITY] Fedora 43 Update: duc-1.4.6-1.fc43

Duc is a collection of tools for indexing, inspecting and visualizing disk usage. Duc maintains a database of accumulated sizes of directories of the file system, and allows you to query this database with some tools, or create fancy graphs showing you where your bytes are...

PT-2025-53642

Name of the Vulnerable Software and Affected Versions FantasticLBP Hotels Server affected versions not specified Description A security issue exists in FantasticLBP Hotels Server related to the /controller/api/Room.php file. Manipulation of the hotelId argument can lead to SQL injection. This...

PbootCMS 安全漏洞

PbootCMS is a PbootCMS open source enterprise website content management system CMS developed using PHP language. A security vulnerability exists in PbootCMS 3.2.12 and earlier versions, which originates from an unknown function misoperation in the SQLite database component in file...

Exploit for Insufficient Type Distinction in Rarlab Winrar

CVE Exploit Finder Author: Your Name/Handle Focus: Automated V...

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Shenzhou Vision Han Technology Co., Ltd (CNVD-C-2025-1203509)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

SQLE 安全漏洞

SQLE is an ActionTech open source database. A security vulnerability exists in SQLE version 4.2511.0 and earlier, which stems from incorrect manipulation of the parameter JWTSecretKey in the file sqle/utils/jwt.go, which could result in the use of a hard-coded key...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: util-linux (UTSA-2025-992154)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992154 advisory. A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam function,...

CVE-2025-66947

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

CVE-2025-66947

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

CVE-2025-15075

A security flaw has been discovered in itsourcecode Student Management System 1.0. This issue affects some unknown processing of the file /studentp.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the...

CVE-2025-66947

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

Student Management System 安全漏洞

Student Management System is a student management system developed by krishanmurariji. A security vulnerability exists in Student Management System v.1.0, which originates from a SQL injection of the editid parameter in the /studentms/admin/edit-class-detail.php file, which could lead to a full...

CVE-2025-66947

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

EUVD-2025-205435

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

CVE-2025-66947

CVE-2025-66947 affects krishanmuraiji SMS v1.0. The flaw is a time-based SQL injection in /studentms/admin/edit-class-detail.php via the editid GET parameter, where unvalidated input can trigger SQL SLEEP() delays to infer database contents. Exploitation could lead to full database disclosure or ...

SQL-DB

No d...

CVE-2025-68519

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affects Brands for WooCommerce: from n/a through = 3.8.6.3...

EUVD-2025-205369

A security vulnerability has been detected in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /form137.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly...

CVE-2025-15078

A vulnerability was detected in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /listreport.php. The manipulation of the argument sy results in sql injection. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2025-15075

A security flaw has been discovered in itsourcecode Student Management System 1.0. This issue affects some unknown processing of the file /studentp.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the...