CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

TOTOLINK X5000R is a wireless router supporting Wi-Fi 6 technology with full coverage mesh system and dual-band transmission for home and business network environments. The TOTOLINK X5000R suffers from a command injection vulnerability that stems from the parameter pid in the file...

9.8CVSS6.8AI score0.03738EPSS

Exploits1References1

CNVD•added 2025/09/05 12:0 a.m.•5 views

Travel Management System SQL Injection Vulnerability

Travel Management System is a travel management system. Travel Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter pid in the file /detail.php. An attacker can exploit this vulnerability to...

9.8CVSS7.9AI score0.00409EPSS

Exploits1References1

OSV•added 2025/09/04 10:42 a.m.•5 views

CVE-2025-9934

A vulnerability was found in TOTOLINK X5000R 9.1.0cu.2415B20250515. This affects the function sub410C34 of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument pid results in command injection. Remote exploitation of the attack is possible. The exploit has been made public and...

9.8CVSS5.6AI score0.03738EPSS

Exploits1References6

NVD•added 2025/09/04 10:42 a.m.•19 views

CVE-2025-9934

9.8CVSS0.03738EPSS

Exploits1References6

CNNVD•added 2025/09/04 12:0 a.m.•2 views

TOTOLINK X5000R 命令注入漏洞

9.8CVSS7.5AI score0.03738EPSS

Exploits1References6

Vulnrichment•added 2025/09/03 10:32 p.m.•2 views

CVE-2025-9934 TOTOLINK X5000R cstecgi.cgi sub_410C34 command injection

6.5CVSS6.4AI score0.03738EPSS

Exploits1References6

OSV•added 2025/09/03 8:15 p.m.•3 views

CVE-2025-9925

A vulnerability was found in projectworlds Travel Management System 1.0. This issue affects some unknown processing of the file /detail.php. The manipulation of the argument pid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

9.8CVSS5.8AI score0.00409EPSS

Exploits1References4

NVD•added 2025/09/03 8:15 p.m.•5 views

CVE-2025-9925

9.8CVSS0.00409EPSS

Exploits1References4

CVE•added 2025/09/03 7:32 p.m.•13 views

CVE-2025-9925

CVE-2025-9925 : In projectworlds Travel Management System 1.0, the pid parameter in /detail.php is vulnerable to SQL injection due to improper validation. This enables remote attackers to execute arbitrary SQL, with public exploit availability. Remediation guidance from PT Security suggests restr...

9.8CVSS7.4AI score0.00409EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2025/09/03 7:32 p.m.•5 views

CVE-2025-9925 projectworlds Travel Management System detail.php sql injection

7.5CVSS7AI score0.00409EPSS

Exploits1References4

CNNVD•added 2025/09/03 12:0 a.m.•2 views

Projectworlds Travel management System SQL注入漏洞

9.8CVSS8.1AI score0.00409EPSS

Exploits1References4

Positive Technologies•added 2025/09/03 12:0 a.m.•3 views

PT-2025-35829

Name of the Vulnerable Software and Affected Versions: projectworlds Travel Management System version 1.0 Description: A SQL injection issue exists due to the manipulation of the pid argument in the processing of the /detail.php file. This can be exploited remotely. The exploit has been made...

7.5CVSS7.3AI score0.00409EPSS

Exploits1References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by