CVE-2024-7665

A vulnerability classified as critical was found in SourceCodester Car Driving School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file managepackage.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. T...

CVE-2023-1556

A vulnerability was found in SourceCodester Judging Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file summaryresults.php. The manipulation of the argument maineventid leads to sql injection. The attack can be launched...

CVE-2023-1044

A vulnerability was found in MuYuCMS 2.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /editor/index.php. The manipulation of the argument filepath leads to relative path traversal. The attack can be launched remotely. The exploit has...

CVE-2025-4931

A vulnerability classified as critical was found in projectworlds Online Lawyer Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /userregistation.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. T...

CVE-2025-4887

A vulnerability, which was classified as problematic, has been found in SourceCodester Online Student Clearance System 1.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclos...

CVE-2025-4488

A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletepackage. The manipulation of the argument ID leads to sql injection. The attack can be launched...

CVE-2025-4464

A vulnerability has been found in itsourcecode Gym Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=saveplan. The manipulation of the argument plan leads to sql injection. The attack can be launched remotely...

CVE-2025-4253

A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HASH Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed t...

CVE-2025-4034

A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /inserdocprocess.php. The manipulation of the argument DocID leads to sql injection. The attack can be launched remotely. The...

CVE-2025-3692

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=saveproduct. The manipulation leads to cross site scripting. The attack can be launched...

CVE-2025-3680

A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this vulnerability is an unknown functionality of the component LANG Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to...

CVE-2025-3556

A vulnerability classified as problematic was found in ScriptAndTools eCommerce-website-in-PHP 3.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be...

CVE-2025-3175

A vulnerability was found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /saveusereditprofile.php. The manipulation of the argument firstName leads to sql injection. The attack may be launched...

CVE-2025-2707

CVE-2025-2707 affects zhijiantianya ruoyi-vue-pro 2.4.1. The root cause is a path traversal vulnerability in the Front-End Store Interface file endpoint /app-api/infra/file/upload, allowing manipulation of the path argument. The issue is exploitable remotely, with public exploit disclosures. Affe...

PT-2025-11551

Name of the Vulnerable Software and Affected Versions 猫宁i Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e Description A vulnerability was found in 猫宁i Morning, affecting an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The...

CVE-2025-1955

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Scheduling/scheduling/pages/profile.php. The manipulation of the argument username leads to cross site...

CVE-2025-1581

A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /book-nurse.php?bookid=1. The manipulation of the argument contactname leads to sql injection. The attack can be launche...

PT-2025-2206 · Obsproject · Obs Studio

Name of the Vulnerable Software and Affected Versions: obsproject OBS Studio versions up to 30.0.2 Description: A vulnerability has been found in obsproject OBS Studio, affecting an unknown functionality. The manipulation leads to an untrusted search path. The attack needs to be approached locall...

CVE-2025-0398

A vulnerability has been found in longpi1 warehouse 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /resources/..;/inport/updateInport of the component Backend. The manipulation of the argument remark leads to cross site scripting. The...

PT-2025-3832 · Unknown · Code-Projects Online Bike Rental System

Name of the Vulnerable Software and Affected Versions: code-projects Online Bike Rental System version 1.0 Description: A critical issue has been found in the Change Image Handler component, allowing for unrestricted upload. This can be exploited remotely. The issue affects some unknown...