CVE-2025-1806 Eastnets PaymentSafe URL Default.aspx improper authorization

A vulnerability, which was classified as problematic, has been found in Eastnets PaymentSafe 2.5.26.0. Affected by this issue is some unknown functionality of the file /Default.aspx of the component URL Handler. The manipulation leads to improper authorization. The attack may be launched remotely...

CVE-2025-1632

A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the publi...

UBUNTU-CVE-2025-1632

A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the publi...

CVE-2025-1378

CVE-2025-1378 affects radare2 (library /libr/main/rasm2.c in the rasm2 component). The vulnerability is a local memory corruption in an unknown function, with exploitation requiring local access; the exploit has been disclosed publicly. A fix is available in radare2 6.0.0 (patch c6c772d2eab692ce7...

CVE-2025-1186

Dayrui XunRuiCMS (versions up to 4.6.4) contains a deserialization vulnerability in the /Control/Api/Api.php file triggered by manipulating the thumb parameter. This remote, publicly disclosed issue has been rated critical in multiple sources. The exact root cause is not detailed beyond the thumb...

CVE-2025-0559 Campcodes School Management Software Create Id Card Page create-id-card cross site scripting

A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to cross site...

CVE-2025-0398

A vulnerability has been found in longpi1 warehouse 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /resources/..;/inport/updateInport of the component Backend. The manipulation of the argument remark leads to cross site scripting. The...

CVE-2025-0221 IOBit Protected Folder IOCTL pffilter.sys 0x22200c null pointer dereference

A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. This vulnerability affects the function 0x22200c in the library pffilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached...

CVE-2025-0212

A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /viewstudents.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-0172

A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/deleteroom.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit ha...

PT-2024-17892 · Unknown · Code-Projects Chat System

Name of the Vulnerable Software and Affected Versions: code-projects Chat System version 1.0 Description: A critical issue has been found in the code-projects Chat System, affecting the /admin/update user.php file. The manipulation of the id argument leads to SQL injection. This issue can be...

PT-2024-17694 · Fabulatech · Fabulatech Usb Over Network

Name of the Vulnerable Software and Affected Versions: FabulaTech USB over Network version 6.0.6.1 Description: A problematic vulnerability was found in the function 0x220408 of the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference, requiring ...

CVE-2024-8863

A vulnerability, which was classified as problematic, was found in aimhubio aim up to 3.24. Affected is the function dangerouslySetInnerHTML of the file textbox.tsx of the component Text Explorer. The manipulation of the argument query leads to cross site scripting. It is possible to launch the...

PT-2024-38115 · NetGear · Netgear Wn604

Name of the Vulnerable Software and Affected Versions: Netgear WN604 up to 20240719 Description: A problematic vulnerability has been found, affecting an unknown function of the file siteSurvey.php. The manipulation leads to direct request and can be launched remotely. The exploit has been...

CVE-2024-6006

A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Summer Schedule Handler. The manipulation of the argument Schedule Name leads to cross site scripting. The attack may be launch...

PT-2024-33006 · Ruijie · Ruijie Rg-Uac

Name of the Vulnerable Software and Affected Versions: Ruijie RG-UAC versions prior to 20240507 Description: A critical vulnerability exists in Ruijie RG-UAC. The issue affects an unknown functionality within the file /view/bugSolve/viewData/detail.php. Manipulation of the filename argument leads...

CVE-2024-4249

A vulnerability was found in Tenda i21 1.0.0.144656. It has been classified as critical. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-3202

A vulnerability, which was classified as problematic, has been found in codelyfe Stupid Simple CMS 1.2.4. This issue affects some unknown processing of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated...

PT-2024-24359 · Codelyfe · Codelyfe Stupid Simple Cms

Name of the Vulnerable Software and Affected Versions: codelyfe Stupid Simple CMS version 1.2.4 Description: A vulnerability has been found in the Login Page component of the software, affecting the restriction of excessive authentication attempts. The attack can be initiated remotely, with a...

CVE-2024-2149

A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file settings.php. The manipulation of the argument currency leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...