CVE-2025-7157

CVE-2025-7157 affects Code-Projects Online Note Sharing 1.0. A vulnerability in /login.php arises from improper handling of the username and password parameters, enabling SQL injection. The flaw is exploitable remotely and has had exploits disclosed publicly. Multiple sources confirm the issue an...

CVE-2025-7157 code-projects Online Note Sharing login.php sql injection

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7157 code-projects Online Note Sharing login.php sql injection

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

PT-2025-28325 · Unknown · Code-Projects Online Note Sharing

Name of the Vulnerable Software and Affected Versions: code-projects Online Note Sharing version 1.0 Description: A critical issue was found in the code, affecting an unknown function of the file /login.php. The manipulation of the username and password arguments leads to SQL injection. This issu...

Code-Projects Online Note Sharing 注入漏洞

Code-Projects Online Note Sharing is an online note sharing software from Code-Projects open source. Code-Projects Online Note Sharing version 1.0 suffers from an injection vulnerability, which stems from an incorrect manipulation of the parameters username/password in the file /login.php resulti...

CVE-2025-7124

A vulnerability classified as critical has been found in code-projects Online Note Sharing 1.0. Affected is an unknown function of the file /dashboard/userprofile.php of the component Profile Image Handler. The manipulation of the argument image leads to unrestricted upload. It is possible to...

CVE-2025-7124

A vulnerability classified as critical has been found in code-projects Online Note Sharing 1.0. Affected is an unknown function of the file /dashboard/userprofile.php of the component Profile Image Handler. The manipulation of the argument image leads to unrestricted upload. It is possible to...

CVE-2025-7124

CVE-2025-7124 affects code-projects Online Note Sharing 1.0, specifically the Profile Image Handler’s /dashboard/userprofile.php. The vulnerability arises from improper handling of the image parameter, enabling unrestricted file uploads. Reported as exploitable remotely, with exploit activity dis...

UBUNTU-CVE-2025-49809

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries...

SUSE CVE-2025-38084

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, splitvma triggers hugetlb page table unsharing through vmops-maysplit. This happens before the VMA lock and rmap locks are taken - which is too early, it...

AZL-64377 CVE-2025-38084 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, splitvma triggers hugetlb page table unsharing through vmops-maysplit. This happens before the VMA lock and rmap locks are taken - which is too early, it...

CVE-2025-6425

An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability was fixed in Firefox 140, Firefox ESR 115.25, Firefox ESR...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the hashmapsetwithhash function in the gumbo-parser/src/hashmap.c file. An attacker can cause a crash or disrupt service by providing crafted input. Note: According to the maintainer of the package the cod...

AZL-64278 CVE-2025-6269 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5Creconstructcacheentry of the file H5Cimage.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

com.farao-community.farao:csa-runner-api (>=1.2.1 <=2.6.1), com.farao-community.farao:csa-runner-app (>=0.0.1 <=2.6.1) +345 more potentially affected by CVE-2025-47293 via com.powsybl:powsybl-commons (>=1.0.0 <=6.7.1)

com.powsybl:powsybl-commons MAVEN version =1.0.0, =1.2.1, =0.0.1, =4.1.4, =1.0.0, =3.9.3, =1.0.0, =3.7.1, =2.0.0, =3.0.0, =2.4.1, =3.9.0, =4.5.0, =3.3.3, =3.6.0, =5.0.0 and more Source cves: CVE-2025-47293 Source advisory: OSV:GHSA-QPJ9-QCWX-8JV2...

Malicious code in test_for_ntu_note_2 (npm)

The package communicates with a domain associated with malicious activity...

RHSA-2025:9185

creationtimestamp| type| source ---|---|--- 2025-06-17 14:39:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18594...

CVE-2025-48911

Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-48911

Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-48911

Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability...