CVE-2025-14649

CVE-2025-14649 affects itsourcecode Online Cake Ordering System 1.0. The vulnerability is in /cakeshop/supplier.php where manipulating the supplier parameter triggers an SQL injection. Exploitation can be performed remotely and the exploit is publicly available. No remediation/fix details are pro...

itsourcecode Online Cake Ordering System SQL注入漏洞

itsourcecode Online Cake Ordering System is a itsourcecode open source online cake ordering system. A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Cake Ordering System, which originates from the incorrect manipulation of the parameter Product in the file...

PT-2025-51156

Name of the Vulnerable Software and Affected Versions itsourcecode Online Cake Ordering System version 1.0 Description A flaw exists in itsourcecode Online Cake Ordering System version 1.0 that allows for SQL injection. The issue stems from improper handling of the ID argument within the...

PT-2025-51154

Name of the Vulnerable Software and Affected Versions itsourcecode Online Cake Ordering System version 1.0 Description A flaw exists in itsourcecode Online Cake Ordering System 1.0. The issue affects an unknown part of the /cakeshop/product.php file. Manipulation of the Product argument can lead ...

Security update for rhino

This update for rhino fixes the following issues: Update to version 1.7.15.1. Security issues fixed: CVE-2025-66453: high CPU consumption when processing specific numbers via the toFixed function bsc1254481. Other changes and issues fixed: Version 1.7.15: Basic support for "rest parameters"...

SUSE-SU-2025:4390-1 Security update for rhino

This update for rhino fixes the following issues: Update to version 1.7.15.1. Security issues fixed: - CVE-2025-66453: high CPU consumption when processing specific numbers via the toFixed function bsc1254481. Other changes and issues fixed: - Version 1.7.15: Basic support for 'rest parameters'...

Online Ordering System user_contact.php File SQL Injection Vulnerability

Online Ordering System is an online ordering system. The Online Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Name in the file /usercontact.php. The vulnerability can be exploited by a...

Online Ordering System /admin File SQL Injection Vulnerability

Online Ordering System is an online ordering system. The Online Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in the file /admin/. An attacker can exploit this vulnerability t...

EUVD-2025-202315

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

CVE-2025-9612

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

CVE-2025-9612

CVE-2025-9612 concerns the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification. The issue is that insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection, enabling local or physi...

CVE-2025-14251

A security vulnerability has been detected in code-projects Online Ordering System 1.0. This affects an unknown function of the file /admin/ of the component Admin Login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-14250

A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /usercontact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to...

CVE-2025-14249

A security flaw has been discovered in code-projects Online Ordering System 1.0. The affected element is an unknown function of the file /userschool.php. The manipulation of the argument productid results in sql injection. The attack may be performed from remote. The exploit has been released to...

PT-2025-49730

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race condition exists around dp-dccps mss cache in the Data Communication Channel Protocol DCCP implementation. The dccp sendmsg function and do dccp getsockopt read dp-dccps mss...

PT-2025-50217

Name of the Vulnerable Software and Affected Versions PCI Express PCIe Integrity and Data Encryption IDE specification affected versions not specified Description The PCI Express PCIe Integrity and Data Encryption IDE specification contains insufficient guidance regarding Transaction Layer Packet...

EUVD-2025-201724

A security vulnerability has been detected in code-projects Online Ordering System 1.0. This affects an unknown function of the file /admin/ of the component Admin Login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit h...

EUVD-2025-201729

A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /usercontact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to...

CVE-2025-14251

A security vulnerability has been detected in code-projects Online Ordering System 1.0. This affects an unknown function of the file /admin/ of the component Admin Login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-14250

A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /usercontact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to...