PT-2025-28225

Name of the Vulnerable Software and Affected Versions: gnuboard5 version 5.5.16 Description: The issue is related to an open redirect vulnerability that allows a remote attacker to obtain sensitive information. This is due to insufficient URL parameter verification in the "bbs/logout.php" endpoin...

PT-2025-25583 · Unknown · Projectworlds Life Insurance Management System

Name of the Vulnerable Software and Affected Versions: Projectworlds Life Insurance Management System version 1.0 Description: A critical issue has been identified, affecting the /insertNominee.php file. The client id and nominee id arguments are vulnerable to SQL injection. This issue can be...

PT-2025-24642 · Unknown · Dm Corporative Cms

Name of the Vulnerable Software and Affected Versions: DM Corporative CMS affected versions not specified Description: An Insecure Direct Object Reference IDOR vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area by setting the optio...

PT-2025-23924 · Unknown · Media Gallery

Name of the Vulnerable Software and Affected Versions: RSMediaGallery component versions 1.7.4 through 2.1.6 Description: A SQL injection issue was discovered due to the use of unescaped user-supplied parameters in SQL queries within the dashboard component. This allows an authenticated attacker ...

PT-2025-23447 · Unknown · Juzawebcms

Name of the Vulnerable Software and Affected Versions: juzaweb CMS versions up to 3.4.2 Description: A critical issue affects the Media Page component, specifically the file /admin-cp/media, leading to improper access controls. The attack can be initiated remotely. The vendor was contacted about...

PT-2025-23311 · Unknown · Com.Pri.Applock

Name of the Vulnerable Software and Affected Versions: com.pri.applock version 13 version code: 33 com.pri.applock affected versions not specified Description: The application "com.pri.applock" allows users to encrypt applications using a PIN code or biometric data. However, the...

PT-2025-23086 · Avast · Avast Business Antivirus For Linux

Name of the Vulnerable Software and Affected Versions: Avast Business Antivirus for Linux version 4.5 Description: The issue is related to a lack of file validation in the do update vps function, allowing a local user to potentially spoof or tamper with update files through unverified file writes...

PT-2025-22939 · Unknown · Phpgurukul Employee Record Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Employee Record Management System version 1.3 Description: A critical issue has been found in the PHPGurukul Employee Record Management System. This issue affects the file /loginerms.php and is related to SQL injection. The...

PT-2025-21931 · Unknown · Phpgurukul Online Marriage Registration System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Marriage Registration System version 1.0 Description: A critical issue affects an unknown part of the file /admin/between-dates-application-report.php. The manipulation of the fromdate and todate arguments leads to SQL...

PT-2025-21623 · Unknown · Phpgurukul Beauty Parlour Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Beauty Parlour Management System version 1.1 Description: A critical issue affects the processing of the /forgot-password.php file. The manipulation of the email argument leads to SQL injection. This issue can be exploited remotely...

PT-2025-18734 · Ibm · Ibm Concert

Name of the Vulnerable Software and Affected Versions: IBM Concert Software versions 1.0.0 through 1.0.5 Description: The issue allows a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...

PT-2025-18709 · Tenda · Tenda Rx2 Pro

Name of the Vulnerable Software and Affected Versions: Tenda RX2 Pro version 16.03.30.14 Description: An issue was discovered that allows an attacker, who is authenticated to the guest Wi-Fi network, to access resources on the router and/or resources and devices on other networks hosted by the...

PT-2025-18110 · Unknown · Projectworlds Online Examination System

Name of the Vulnerable Software and Affected Versions: projectworlds Online Examination System version 1.0 Description: A critical issue was found in the projectworlds Online Examination System, affecting an unknown functionality of the file /inser doc process.php. The manipulation of the Doc ID...

PT-2025-17999 · Unknown · Phpgurukul Covid19 Testing Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul COVID19 Testing Management System version 1.0 Description: A critical vulnerability has been found in the PHPGurukul COVID19 Testing Management System. The issue affects some unknown functionality of the file...

PT-2025-17481 · Zyxel · Zyxel Amg1302-T10B

Name of the Vulnerable Software and Affected Versions: Zyxel AMG1302-T10B version 2.00AAJC.16C0 Description: A path traversal vulnerability in the web management interface could allow an authenticated attacker with administrator privileges to access restricted directories by sending a crafted HTT...

PT-2025-15426 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.2.0 through 7.2.1 Description: The issue allows an attacker to disclose information by modifying the LDAP server IP to point to a malicious server, due to passwords being stored in a recoverable format...

PT-2025-12339 · D Link · D-Link Dir-605L +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-618 versions 2.02/3.02 D-Link DIR-605L versions 2.02/3.02 Description: A problematic issue has been found, affecting some unknown processing of the file /goform/formAdvNetwork, leading to improper access controls. The attack can on...

PT-2025-5724 · Kemp · Loadmaster

Name of the Vulnerable Software and Affected Versions: LoadMaster versions 7.2.48.12 and earlier LoadMaster versions 7.2.49.0 through 7.2.54.12 LoadMaster versions 7.2.55.0 through 7.2.60.1 ECS versions prior to 7.2.60.1 Description: The issue is related to improper input validation, allowing OS...

PT-2024-13657 · Unknown · Tramyardg Autoexpress

Name of the Vulnerable Software and Affected Versions: tramyardg Autoexpress version 1.3.0 Description: A SQL injection issue allows remote unauthenticated attackers to execute arbitrary SQL commands via the parameter id within the getPhotosByCarId function call in details.php. Recommendations: F...

PT-2024-21152 · Unknown · Prestasalesmanager +1

Name of the Vulnerable Software and Affected Versions: PrestaShop module "Account Manager | Sales Representative & Dealers | CRM" prestasalesmanager versions up to 9.0 Description: A guest can download personal information without restriction by performing a path traversal attack in the affected...