CVE-2025-10810

A vulnerability was detected in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/edituser.php. Performing manipulation of the argument firstname results in sql injection. The attack is possible to be carried out remotely. The exploit ...

CVE-2025-10793 code-projects E-Commerce Website admin_account_delete.php sql injection

A vulnerability was detected in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/adminaccountdelete.php. Performing manipulation of the argument userid results in sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-10787

A vulnerability was found in MuYuCMS up to 2.7. Impacted is an unknown function of the file /index/index.html of the component Add Fiend Link Handler. Performing manipulation of the argument Link URL results in server-side request forgery. The attack may be initiated remotely. The exploit has bee...

CVE-2025-10776 LionCoders SalePro POS Login cleartext transmission

A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. This issue affects some unknown processing of the component Login. Performing manipulation results in cleartext transmission of sensitive information. The attack can be initiated remotely. The attack is considered to have high...

PT-2025-38672

Name of the Vulnerable Software and Affected Versions Ruijie 6000-E10 versions through 2.4.3.6-20171117 Description A weakness exists in Ruijie 6000-E10. The issue affects an unknown part of the file /view/vpn/autovpn/sub commit.php. Manipulation of the key argument can lead to operating system...

PT-2025-38718

Name of the Vulnerable Software and Affected Versions itsourcecode Online Discussion Forum version 1.0 Description A flaw exists in itsourcecode Online Discussion Forum that could allow for remote code execution. The issue is related to a SQL injection impacting an unknown function within the...

CVE-2025-10770

A vulnerability was found in jeecgboot JimuReport up to 2.1.2. This impacts an unknown function of the file /drag/onlDragDataSource/testConnection of the component MySQL JDBC Handler. Performing manipulation results in deserialization. Remote exploitation of the attack is possible. The exploit ha...

PT-2025-38667

Name of the Vulnerable Software and Affected Versions CosmodiumCS OnlyRAT versions prior to 3.3 Description A vulnerability exists in CosmodiumCS OnlyRAT. The connect/remote upload/remote download function within the main.py file of the Configuration File Handler component is affected. Manipulati...

CVE-2025-10625

A vulnerability was detected in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /user/dashboard.php?page=updateprofile. The manipulation of the argument phone results in sql injection. The attack may be launched remotely. The...

PT-2025-38588

Name of the Vulnerable Software and Affected Versions SKTLab Mukbee App version 1.01.196 Description A vulnerability exists in SKTLab Mukbee App that results in improper export of android application components. The issue affects an unknown function within the AndroidManifest.xml file of the...

CVE-2025-10687

A vulnerability was found in SourceCodester Responsive E-Learning System 1.0. This affects an unknown part of the file /admin/addteacher.php. The manipulation of the argument Username results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and coul...

CVE-2025-10687 SourceCodester Responsive E-Learning System add_teacher.php sql injection

A vulnerability was found in SourceCodester Responsive E-Learning System 1.0. This affects an unknown part of the file /admin/addteacher.php. The manipulation of the argument Username results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and coul...

CVE-2025-10672

CVE-2025-10672 affects whuan132 AIBattery up to 1.0.9, with a local authentication bypass in AIBatteryHelper/XPC/BatteryXPCService.swift of the com.collweb.AIBatteryHelper component. The vulnerability allows a local attacker to bypass authentication and potentially compromise confidentiality, int...

CVE-2025-10628 D-Link DIR-852 Web Management hedwig.cgi command injection

A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of the file /htdocs/cgibin/hedwig.cgi of the component Web Management Interface. Performing manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has...

PT-2025-38468

Name of the Vulnerable Software and Affected Versions fuyang lipengjun platform version 1.0 Description A weakness exists in the BrandController function of the /brand/queryAll file, potentially leading to improper authorization. This issue can be exploited remotely. The exploit has been made...

PT-2025-38405

Name of the Vulnerable Software and Affected Versions AIBattery versions up to 1.0.9 Description A vulnerability exists in AIBattery that results in missing authentication. The issue is located in an unknown function within the AIBatteryHelper/XPC/BatteryXPCService.swift file of the...

CVE-2025-10602

A vulnerability was found in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/deletes1.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-10602

The CVE-2025-10602 vulnerability affects SourceCodester Online Exam Form Submission 1.0. The issue arises in the /admin/delete_s1.php handler, where manipulating the ID parameter enables SQL injection. Exploitation can be conducted remotely, and public exploit details exist. Impact is described a...

CVE-2025-10447 Campcodes Online Job Finder System applicationform.php unrestricted upload

A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now publ...

CVE-2025-10423

A vulnerability was found in newbee-mall 1.0. Impacted is the function mallKaptcha of the file /common/mall/kaptcha. The manipulation results in guessable captcha. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is considered...