CVE-2025-13581

A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /scheduleedit1.php. Such manipulation of the argument scheduleid leads to sql injection. The attack may be launched remotely. The exploit is public...

CVE-2025-13577

A flaw has been found in PHPGurukul Hostel Management System 2.1. The impacted element is an unknown function of the file /register-complaint.php. Executing a manipulation of the argument cdetails can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-65494

NULL pointer dereference in getsanorcnfromcert in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted X.509 certificate that causes skGENERALNAMEvalue to return NULL...

CVE-2025-13586

A flaw has been found in SourceCodester Online Student Clearance System 1.0. Impacted is an unknown function of the file /Admin/changepassword.php. This manipulation of the argument txtconfirmpassword causes sql injection. It is possible to initiate the attack remotely. The exploit has been...

EUVD-2025-198605

A vulnerability was identified in itsourcecode Student Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /scheduleedit1.php. Such manipulation of the argument scheduleid leads to sql injection. The attack may be launched remotely. The exploit is public...

CVE-2025-13586

SourceCodester Online Student Clearance System 1.0 contains a SQL injection in /Admin/changepassword.php through the txtconfirm_password parameter. The vulnerability arises from improper handling of the input in that function, enabling remote exploitation; multiple sources note that an exploit ha...

EUVD-2025-198622

A vulnerability was detected in code-projects COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

EUVD-2025-198599

A vulnerability was found in code-projects Library System 1.0. This impacts an unknown function of the file /return.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-13575

CVE-2025-13575 affects code-projects Blog Site 1.0. The vulnerability is in the function category_exists in /resources/functions/blog.php (Category Handler). The issue arises from manipulation of the argument name/field, enabling SQL injection. The attack can be performed remotely and the exploit...

PT-2025-47882

Name of the Vulnerable Software and Affected Versions code-projects COVID Tracking System version 1.0 Description A flaw exists in the processing of the /login.php file within the software. Manipulation of the code argument can lead to SQL injection. This issue is remotely exploitable and an...

PT-2025-47888

A flaw has been found in SourceCodester Online Student Clearance System 1.0. Impacted is an unknown function of the file /Admin/changepassword.php. This manipulation of the argument txtconfirm password causes sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-13569 itsourcecode COVID Tracking System page sql injection

A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/?page=city. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-13567

A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This affects an unknown function of the file /admin/?page=establishment. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...

CVE-2025-13548

A vulnerability has been found in D-Link DIR-822K and DWR-M920 1.0020250513164613/1.1.50. This vulnerability affects unknown code of the file /boafrm/formFirewallAdv. Such manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been...

PT-2025-47863

A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=state. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been made publ...

EUVD-2025-198503

IBM Concert Software 1.0.0 through 2.0.0 could allow a remote attacker to hijack the clicking action of the victim...

CVE-2025-36149

IBM Concert Software 1.0.0 through 2.0.0 could allow a remote attacker to hijack the clicking action of the victim...

CVE-2025-13468

A weakness has been identified in SourceCodester Alumni Management System 1.0. This issue affects the function deleteforum/deletecareer/deletecomment/deletegallery/deleteevent of the file admin/adminclass.php of the component Delete Handler. Executing manipulation of the argument ID can lead to...

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

...

PT-2025-47799

IBM Concert Software 1.0.0 through 2.0.0 could allow a remote attacker to hijack the clicking action of the victim...