969 matches found
EUVD-2025-33562
A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...
CVE-2025-11556
A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...
CVE-2025-11556
CVE-2025-11556 affects Code-Projects Simple Leave Manager 1.0. The vulnerability is a SQL injection in the /user.php file caused by improper handling/manipulation of the argument table, enabling remote exploitation. The exploit has been published and may be used. Impact is described as high for c...
CVE-2025-11472
A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /editroom.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...
CVE-2025-11524
A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...
EUVD-2025-33268
A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...
PT-2025-41462
Name of the Vulnerable Software and Affected Versions Simple Leave Manager version 1.0 Description A SQL injection issue exists in the Simple Leave Manager 1.0 application. The flaw is located in the /user.php file and stems from improper handling of user-supplied input within the argument table,...
CVE-2025-11410
A flaw has been found in Campcodes Advanced Online Voting Management System 1.0. This affects an unknown function of the file /admin/votersadd.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be executed remotely. The exploit has been published and m...
EUVD-2025-33299
A flaw has been found in varunsardana004 Blood-Bank-And-Donation-Management-System up to dc9e0393d826fbc85fad9755b5bc12cba1919df2. The impacted element is an unknown function of the file /donateblood.php. Executing manipulation of the argument fullname can lead to sql injection. The attack may be...
CVE-2025-11437
CVE-2025-11437 affects JhumanJ OpnForm ≤1.9.3, specifically the Form Editor’s /api/open/forms component. The issue enables cross-site scripting via that file, with remote initiation possible. Exploitation has been published and may be used in the wild. The vendor states the vulnerable feature is ...
PT-2025-41231
Name of the Vulnerable Software and Affected Versions JhumanJ OpnForm versions up to 1.9.3 Description A flaw exists in JhumanJ OpnForm up to version 1.9.3, specifically within the Form Editor component. This issue involves manipulation of the /api/open/forms/ file, leading to cross site scriptin...
PT-2025-41210
Name of the Vulnerable Software and Affected Versions code-projects Voting System version 1.0 Description A flaw exists in code-projects Voting System 1.0, specifically within an unknown function of the /admin/candidates edit.php file. Manipulation of the Firstname, Lastname, and Platform argumen...
PT-2025-41319
Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A flaw exists in code-projects E-Commerce Website 1.0, specifically within the file /pages/supplier add.php. Manipulation of the supp email argument can lead to SQL injection. This attac...
PT-2025-41288
Name of the Vulnerable Software and Affected Versions varunsardana004 Blood-Bank-And-Donation-Management-System versions prior to dc9e0393d826fbc85fad9755b5bc12cba1919df2 Description A flaw exists in the Blood-Bank-And-Donation-Management-System that allows for sql injection. The issue is located...
CVE-2025-11410 Campcodes Advanced Online Voting Management System voters_add.php sql injection
A flaw has been found in Campcodes Advanced Online Voting Management System 1.0. This affects an unknown function of the file /admin/votersadd.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be executed remotely. The exploit has been published and m...
CVE-2025-11354
A flaw has been found in code-projects Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/addslideexec.php. Executing manipulation of the argument image can lead to unrestricted upload. The attack may be performed from remote. The exploit has been published an...
CVE-2025-11322
A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...
EUVD-2025-32550
A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub4C0990 of the file /webchat/login.cgi of the component jhttpd. Executing manipulation of the argument openid can lead to buffer overflow. It is possible to launch the attack remotely. The exploi...
CVE-2025-11295
A flaw has been found in Belkin F9K1015 1.00.10. This affects an unknown part of the file /goform/formPPPoESetup. This manipulation of the argument pppUserName causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was...
CVE-2025-11338
A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub4C0990 of the file /webchat/login.cgi of the component jhttpd. Executing manipulation of the argument openid can lead to buffer overflow. It is possible to launch the attack remotely. The exploi...