EUVD-2025-25865

Malicious code in bioql PyPI...

EUVD-2025-25872

Malicious code in bioql PyPI...

EUVD-2023-33882

Malicious code in bioql PyPI...

EUVD-2025-28877

Malicious code in bioql PyPI...

EUVD-2025-25106

Malicious code in bioql PyPI...

EUVD-2025-24060

Malicious code in bioql PyPI...

EUVD-2025-31478

Malicious code in bioql PyPI...

EUVD-2025-24798

Malicious code in bioql PyPI...

PT-2025-41184

Name of the Vulnerable Software and Affected Versions D-Link DI-7001 MINI version 24.04.18B1 Description A security issue exists in D-Link DI-7001 MINI. Manipulation of the str argument within an unknown function of the /dbsrv.asp file can lead to a buffer overflow. This issue may be exploited...

CVE-2025-11073

A vulnerability was detected in Keyfactor RG-EW5100BE EW3.0B11P280EW5100BE-PRO12183019. The affected element is an unknown function of the file /cgi-bin/luci/api/cmd of the component HTTP POST Request Handler. The manipulation of the argument url results in command injection. The attack can be...

PT-2025-39790

Name of the Vulnerable Software and Affected Versions itsourcecode Hostel Management System version 1.0 Description A security flaw exists in itsourcecode Hostel Management System 1.0. The issue is related to a cross-site scripting condition within the POST Request Handler component, specifically...

CampCodes Farm Management System 安全漏洞

CampCodes Farm Management System is a farm management system from CampCodes Philippines, Inc. A security vulnerability exists in CampCodes Farm Management System version 1.0, which stems from the improper operation of an unknown function that could lead to the disclosure of file and directory...

CVE-2025-10992 roncoo roncoo-pay lookupList improper authorization

A vulnerability was determined in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40. Affected is an unknown function of the file /user/info/lookupList. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been publicly...

PT-2025-39472

Name of the Vulnerable Software and Affected Versions roncoo-pay versions prior to 9428382af21cd5568319eae7429b7e1d0332ff40 Description An issue exists in roncoo-pay where manipulation of an unknown function within the /user/info/lookupList file can lead to improper authorization. This issue can ...

CVE-2025-10946

CVE-2025-10946 affects nuz007 smsboom; the vulnerability is in an unknown function within dy.php where manipulating the hm argument triggers cross-site scripting. Remote exploitation is possible. The Product uses rolling releases, so no specific affected/updated version details are provided in th...

CVE-2025-10841

A security vulnerability has been detected in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/weweee.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly...

CVE-2025-10851

A security flaw has been discovered in Campcodes Gym Management System 1.0. Impacted is an unknown function of the file /ajax.php?action=login. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit has been released ...

PT-2025-39368

Name of the Vulnerable Software and Affected Versions nuz007 smsboom versions prior to 01b2f35bbbc23f3e0f60f38ca0e3d1b286f8d674 Description A flaw exists in nuz007 smsboom. Manipulation of the hm argument in an unknown function within the dy.php file can lead to cross site scripting. Remote...

CVE-2025-10811 code-projects Hostel Management System index.php sql injection

A flaw has been found in code-projects Hostel Management System 1.0. This affects an unknown function of the file /justines/admin/modcomments/index.php?view=view. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...

CVE-2025-10789

A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteslide.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly availab...