CVE-2025-23871

Cross-Site Request Forgery CSRF vulnerability in Bas Matthee LSD Google Maps Embedder lsd-google-maps-embedder allows Cross Site Request Forgery.This issue affects LSD Google Maps Embedder: from n/a through = 1.1...

EUVD-2024-42900

Malicious code in bioql PyPI...

EUVD-2024-45637

Malicious code in bioql PyPI...

CVE-2025-10402 PHPGurukul Beauty Parlour Management System readenq.php sql injection

A flaw has been found in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/readenq.php. Executing manipulation of the argument delid can lead to sql injection. The attack can be executed remotely. The exploit has been published and may...

PT-2025-29984 · Phpgurukul · Phpgurukul Art Gallery Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Art Gallery Management System version 1.1 Description: A problematic issue has been identified in PHPGurukul Art Gallery Management System. The vulnerability is related to an unknown functionality within the...

CVE-2025-49446

CVE-2025-49446 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Admin Notes (minhlaobao). Affected range: Admin Notes 1.1 and earlier (n/a through 1.1). According to the initial description, the CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N wit...

CVE-2025-32273

Cross-Site Request Forgery CSRF vulnerability in freetobook Freetobook Responsive Widget freetobook-responsive-widget allows Cross Site Request Forgery.This issue affects Freetobook Responsive Widget: from n/a through = 1.1...

CVE-2025-23702

Cross-Site Request Forgery CSRF vulnerability in Schalk Burger Anonymize Links anonymize-links allows Stored XSS.This issue affects Anonymize Links: from n/a through = 1.1...

CVE-2024-51621

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in reza19 Download-Mirror-Counter wp-download-mirror-counter allows SQL Injection.This issue affects Download-Mirror-Counter: from n/a through = 1.1...

CVE-2025-23476

Cross-Site Request Forgery CSRF vulnerability in isnowfy my-related-posts my-related-posts allows Stored XSS.This issue affects my-related-posts: from n/a through = 1.1...

PT-2023-27989 · Unknown · Dairy Farm Shop Management System Using Php/Mysql

Name of the Vulnerable Software and Affected Versions: Dairy Farm Shop Management System Using PHP and MySQL version 1.1 Description: The Dairy Farm Shop Management System Using PHP and MySQL contains multiple SQL injection vulnerabilities in the Login function. These vulnerabilities are exploite...

GHSA-8Q8V-28RM-QW4W Borg Improper Access Control vulnerability

Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3...

Creative Software UK Community Portal 1.1 - 'EventView.php?event_id' SQL Injection

source: https://www.securityfocus.com/bid/17890/info Creative Community Portal is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an...

Cisco SN 5420 Storage Router vulnerable to DoS via HTTP request containing long headers

Overview It is possible to cause a denial of service of the Cisco SN 5420 Storage Router by sending a HTTP request with a large header. Description A vulnerability has been discovered in the Cisco SN 5420 Storage Router software versions 1.15 and earlier. By sending an HTTP request with a huge...