PT-2026-43114

A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks...

EUVD-2025-175309

A flaw has been found in Fabian Ros/SourceCodester Simple E-Banking System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been published and may be used...

EUVD-2025-25186

Malicious code in bioql PyPI...

CVE-2025-10374

A security flaw has been discovered in Shenzhen Sixun Business Management System 7/11. This affects an unknown part of the file /Adm/OperatorStop. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the...

CVE-2025-9506

CVE-2025-9506 affects Campcodes Online Loan Management System v1.0. The vulnerability is an SQL injection in the file /ajax.php?action=delete_plan caused by improper handling/manipulation of the ID parameter. It is exploitable remotely, with exploitation publicly disclosed. Connected sources corr...

CVE-2025-9143

A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailinglists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public a...

CVE-2025-9143 Scada-LTS mailing_lists.shtm cross site scripting

A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailinglists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public a...

PT-2025-33628 · Acrel · Environmental Monitoring Cloud Platform

Name of the Vulnerable Software and Affected Versions: Acrel Environmental Monitoring Cloud Platform versions prior to 20250805 Description: A vulnerability exists in Acrel Environmental Monitoring Cloud Platform up to version 20250804. The issue affects an unknown part of the...

PT-2025-33484 · Projectworlds · Travel Management System

Name of the Vulnerable Software and Affected Versions: projectworlds Travel Management System version 1.0 Description: A vulnerability exists in projectworlds Travel Management System 1.0. The issue affects an unknown part of the file /updatepackage.php. Manipulation of the argument s1 leads to S...

CVE-2025-8922 code-projects Job Diary admin-inbox.php sql injection

A vulnerability was found in code-projects Job Diary 1.0. This affects an unknown part of the file /admin-inbox.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-8743 Scada-LTS Virtual Data Source Property data_source_edit.shtm cross site scripting

A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects an unknown part of the file /datasourceedit.shtm of the component Virtual Data Source Property Handler. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate...

CVE-2025-1834

A vulnerability, which was classified as critical, was found in zj1983 zz up to 2024-8. This affects an unknown part of the file /resolve. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ...

CVE-2020-36645 square squalor sql injection

A vulnerability, which was classified as critical, was found in square squalor. This affects an unknown part. The manipulation leads to sql injection. Upgrading to version v0.0.0 is able to address this issue. The patch is named f6f0a47cc344711042eb0970cb423e6950ba3f93. It is recommended to upgra...

CVE-2020-36525

A vulnerability classified as problematic has been found in Linking. This affects an unknown part of the component New Windows Macro. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...