Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

633 matches found

NVD
NVDā€¢added 2025/09/08 1:15 a.m.ā€¢4 views

CVE-2025-10075

A security flaw has been discovered in SourceCodester Online Polling System 1.0. The impacted element is an unknown function of the file /manage-profile.php. The manipulation of the argument firstname results in cross site scripting. The attack can be launched remotely. The exploit has been...

5.4CVSS0.00225EPSS
Exploits1References5
NVD
NVDā€¢added 2025/09/08 1:15 a.m.ā€¢3 views

CVE-2025-10076

A weakness has been identified in SourceCodester Online Polling System 1.0. This affects an unknown function of the file /manage-profile.php. This manipulation of the argument email causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and...

9.8CVSS0.00379EPSS
Exploits1References5
Cvelist
Cvelistā€¢added 2025/09/01 11:32 p.m.ā€¢8 views

CVE-2025-9802 RemoteClinic profile.php sql injection

A vulnerability was detected in RemoteClinic 2.0. This vulnerability affects unknown code of the file /staff/profile.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely...

5.8CVSS0.0024EPSS
Exploits0References4
CVE
CVEā€¢added 2025/08/14 9:32 p.m.ā€¢18 views

CVE-2025-8985

CVE-2025-8985 affects SourceCodester COVID 19 Testing Management System 1.0. The vulnerability is in /profile.php where manipulating the mobilenumber parameter enables SQL injection, allowing remote access. Exploitation status is documented as a PROOF-OF-CONCEPT in CVSS/4.0 data; no official patc...

9.8CVSS7.6AI score0.00387EPSS
Exploits1References5Affected Software1
CVE
CVEā€¢added 2025/07/21 10:2 p.m.ā€¢15 views

CVE-2025-7942

The CVE-2025-7942 affects PHPGurukul Taxi Stand Management System 1.0, where the vulnerability lies in the admin-profile.php file via manipulation of the adminname parameter, enabling cross-site scripting. This is exploitable remotely and the exploit has been disclosed publicly. Affected componen...

5.4CVSS3.7AI score0.00234EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistā€¢added 2025/07/21 10:2 p.m.ā€¢7 views

CVE-2025-7942 PHPGurukul Taxi Stand Management System admin-profile.php cross site scripting

A vulnerability has been found in PHPGurukul Taxi Stand Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack can be...

5.1CVSS0.00234EPSS
Exploits1References5
Cvelist
Cvelistā€¢added 2025/07/21 11:2 a.m.ā€¢9 views

CVE-2025-7924 PHPGurukul Online Banquet Booking System admin-profile.php cross site scripting

A vulnerability classified as problematic was found in PHPGurukul Online Banquet Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack can be launche...

5.1CVSS0.00306EPSS
Exploits1References6
NVD
NVDā€¢added 2025/07/14 1:15 p.m.ā€¢5 views

CVE-2025-7605

A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has been...

9.8CVSS0.00396EPSS
Exploits1References5
Vulnrichment
Vulnrichmentā€¢added 2025/07/14 12:44 p.m.ā€¢4 views

CVE-2025-7605 code-projects AVL Rooms profile.php sql injection

A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has been...

7.5CVSS7.5AI score0.00396EPSS
Exploits1References5
CVE
CVEā€¢added 2025/07/14 12:44 p.m.ā€¢18 views

CVE-2025-7605

CVE-2025-7605 affects AVL Rooms 1.0 by Code-Projects. The vulnerability is an SQL injection in /profile.php via the first_name parameter, exploitable remotely. Exploit has been publicly disclosed. Affects unknown functionality; exploitability and impact are described as high in CVSS notes across ...

9.8CVSS7.5AI score0.00396EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistā€¢added 2025/07/14 12:44 p.m.ā€¢10 views

CVE-2025-7605 code-projects AVL Rooms profile.php sql injection

A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /profile.php. The manipulation of the argument firstname leads to sql injection. The attack may be launched remotely. The exploit has been...

7.5CVSS0.00396EPSS
Exploits1References5
Vulnrichment
Vulnrichmentā€¢added 2025/07/12 4:32 p.m.ā€¢2 views

CVE-2025-7481 PHPGurukul Vehicle Parking Management System profile.php sql injection

A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been classified as critical. This affects an unknown part of the file /users/profile.php. The manipulation of the argument firstname leads to sql injection. It is possible to initiate the attack remotely. The...

6.5CVSS6.8AI score0.00318EPSS
Exploits1References5
CVE
CVEā€¢added 2025/07/12 4:32 p.m.ā€¢20 views

CVE-2025-7481

PHPGurukul Vehicle Parking Management System v1.13 has a SQL injection in /users/profile.php via the firstname parameter. The issue is exploitable remotely, with exploits publicly disclosed, potentially impacting confidentiality, integrity and availability. Connected reports also suggest a remedy...

8.8CVSS6.8AI score0.00318EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentā€¢added 2025/07/10 8:2 p.m.ā€¢3 views

CVE-2025-7413 code-projects Library System profile.php unrestricted upload

A vulnerability classified as critical has been found in code-projects Library System 1.0. This affects an unknown part of the file /user/teacher/profile.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS7.2AI score0.00311EPSS
Exploits1References5
Cvelist
Cvelistā€¢added 2025/07/10 8:2 p.m.ā€¢45 views

CVE-2025-7413 code-projects Library System profile.php unrestricted upload

A vulnerability classified as critical has been found in code-projects Library System 1.0. This affects an unknown part of the file /user/teacher/profile.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS0.00311EPSS
Exploits1References5
CVE
CVEā€¢added 2025/07/10 7:32 p.m.ā€¢26 views

CVE-2025-7412

CVE-2025-7412 concerns code-projects Library System 1.0. The vulnerability lies in /user/student/profile.php where manipulation of the image parameter enables unrestricted file upload. Allied reports (Red Hat, NVD, CNVD, PT-Security, CNVD, etc.) consistently describe the issue as a critical, remo...

8.8CVSS6.5AI score0.00311EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentā€¢added 2025/07/07 5:32 p.m.ā€¢6 views

CVE-2025-7138 SourceCodester Best Salon Management System admin-profile.php sql injection

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/admin-profile.php. The manipulation of the argument adminname leads to sql injection. The attack can be initiated remotely. Th...

6.5CVSS6.8AI score0.00361EPSS
Exploits1References5
CNVD
CNVDā€¢added 2025/07/07 12:0 a.m.ā€¢1 views

Library System Code Issue Vulnerability

Library System is a library system. Library System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter image in the file /profile.php. An attacker can exploit this vulnerability to upload malicious files...

9.8CVSS7.3AI score0.00325EPSS
Exploits1References1
RedhatCVE
RedhatCVEā€¢added 2025/07/02 4:14 p.m.ā€¢4 views

CVE-2025-6913

A vulnerability classified as critical has been found in PHPGurukul Student Record System 3.2. Affected is an unknown function of the file /admin-profile.php. The manipulation of the argument aemailid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

8.8CVSS7.8AI score0.00318EPSS
Exploits1References1
RedhatCVE
RedhatCVEā€¢added 2025/07/01 1:27 a.m.ā€¢13 views

CVE-2025-6836

A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of the argument phone leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

9.8CVSS7.8AI score0.00399EPSS
Exploits1References1
Rows per page
Query Builder