CVE-2025-61940 Mirion Medical EC2 Software NMIS BioDose Use of Client-Side Authentication

NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User access in the client application is restricted by a password authentication check in the client software but the underlying database connection always has access. The latest...

CVE-2025-61940

NMIS/BioDose (versions before V22.02) uses a common SQL Server user account for database access, while the client app performs password authentication but the underlying DB connection maintains access. The latest release adds Windows authentication to the database, which would restrict the connec...

CVE-2025-64298 Mirion Medical EC2 Software NMIS BioDose Incorrect Permission Assignment for Critical Resource

NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are exposed in the Windows share accessed by clients in networked installs. By default, this directory has insecure directory paths that allow access to the SQL Server database and...

CVE-2025-64298

CVE-2025-64298 affects NMIS/BioDose V22.02 and earlier where embedded Microsoft SQL Server Express is used. The vulnerability arises from insecure Windows share directory paths by default, enabling local users on networked client workstations to access the SQL Server database and configuration fi...

CVE-2025-65877

Lvzhou CMS before commit c4ea0eb9cab5f6739b2c87e77d9ef304017ed615 2025-09-22 is vulnerable to SQL injection via the 'title' parameter in com.wanli.lvzhoucms.service.ContentServicefindPage. The parameter is concatenated directly into a dynamic SQL query without sanitization or prepared statements,...

CVE-2025-60736

code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the upass parameter...

CVE-2025-66399 SNMP Command Injection leads to RCE in Cacti

Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters including newlines that are...

CVE-2025-65358

Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via the 'docid' parameter at /admin/appointment.php...

CVE-2024-45370

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability...

EUVD-2025-200247

SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a GET request using the 'idmant' parameter in '/PC/frmEPIS.aspx'...

CVE-2025-41013

SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a GET request using the 'idmant' parameter in '/PC/frmEPIS.aspx'...

CVE-2025-41013

SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a GET request using the 'idmant' parameter in '/PC/frmEPIS.aspx'...

CVE-2025-11784

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

CVE-2025-11784

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

CVE-2025-41013 SQL injection vulnerability in TCMAN GIM

SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a GET request using the 'idmant' parameter in '/PC/frmEPIS.aspx'...

CVE-2025-41013 SQL injection vulnerability in TCMAN GIM

SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a GET request using the 'idmant' parameter in '/PC/frmEPIS.aspx'...

CVE-2025-41013

CVE-2025-41013 affects TCMAN GIM v11 (version 20250304). The flaw is a SQL injection via GET on /PC/frmEPIS.aspx with the idmant parameter, enabling retrieval, creation, update, and deletion of databases. Root cause is unparameterized SQL handling in that endpoint. IMPACT is described as high/cri...

CVE-2025-11784 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

CVE-2025-11784

CVE-2025-11784 affects Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In ShowMeterDatabase(), unlimited input from the meter parameter is copied into a fixed-size buffer using sprintf(), with GetParameter(meter) supplying the data. This constitutes a stack-based buffer overflow as no input size validatio...

CVE-2025-13090

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'search' parameter in all versions up to, and including, 1.4.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...