PT-2025-47203

Name of the Vulnerable Software and Affected Versions itsourcecode Web-Based Internet Laboratory Management System version 1.0 Description A flaw exists in itsourcecode Web-Based Internet Laboratory Management System 1.0. The issue impacts an unknown function within the /user/controller.php file...

PT-2025-47104

Name of the Vulnerable Software and Affected Versions itsourcecode Inventory Management System version 1.0 Description A security issue has been identified in itsourcecode Inventory Management System version 1.0. The issue involves a SQL injection vulnerability present in an unknown function with...

PT-2025-47103

A weakness has been identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrow.php. Executing manipulation of the argument roll number can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made...

EUVD-2025-197731

A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

EUVD-2025-197725

A vulnerability was found in code-projects Student Information System 2.0. Impacted is an unknown function of the file /editprofile.php. The manipulation results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

CVE-2025-13244

A vulnerability was determined in code-projects Student Information System 2.0. The affected element is an unknown function of the file /register.php. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be...

PT-2025-47079

Name of the Vulnerable Software and Affected Versions code-projects Student Information System version 2.0 Description A cross site scripting issue exists in code-projects Student Information System 2.0. The issue is located in the /register.php file within an unknown function. This manipulation...

CVE-2025-13221

CVE-2025-13221 affects Intelbras UnniTI 24.07.11. The vulnerability is in an unknown function in the file /xml/sistema/usuarios.xml where manipulating the argument Usuario/Senha can cause unprotected storage of credentials. The issue can be exploited remotely, and public exploits exist. Connected...

CVE-2025-13208 FantasticLBP Hotels Server hotelList.php sql injection

A security flaw has been discovered in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. The impacted element is an unknown function of the file controller/api/hotelList.php. The manipulation of the argument subjectId/cityName results in sql injection. The attack can be...

CVE-2025-13180

CVE-2025-13180 affects Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System (versions up to 20250320). The vulnerability arises from improper handling of the first_name/last_name parameters in the /edit_profile function, enabling basic cross-site scripting. It can be expl...

EUVD-2025-180537

A vulnerability has been found in Radarr 5.28.0.10274. The affected element is an unknown function of the file C:\ProgramData\Radarr\bin\Radarr.Console.exe of the component Service. Such manipulation leads to incorrect default permissions. The attack can only be performed from a local environment...

CVE-2025-13130 Radarr Service Radarr.Console.exe default permission

A vulnerability has been found in Radarr 5.28.0.10274. The affected element is an unknown function of the file C:\ProgramData\Radarr\bin\Radarr.Console.exe of the component Service. Such manipulation leads to incorrect default permissions. The attack can only be performed from a local environment...

CVE-2025-13130

Radarr CVE-2025-13130 affects Radarr 5.28.0.10274. The vulnerability targets an unknown function in C:\ProgramData\Radarr\bin\Radarr.Console.exe (Service component), enabling manipulation that leads to incorrect default permissions. Exploitation is local-only (no network vector) and the issue is ...

CVE-2025-13063

A flaw has been found in DinukaNavaratna Dee Store 1.0. Affected is an unknown function. Executing manipulation can lead to missing authorization. The attack may be performed from remote. The exploit has been published and may be used. Multiple endpoints are affected...

CVE-2025-13063

A flaw has been found in DinukaNavaratna Dee Store 1.0. Affected is an unknown function. Executing manipulation can lead to missing authorization. The attack may be performed from remote. The exploit has been published and may be used. Multiple endpoints are affected...

CVE-2025-13063 DinukaNavaratna Dee Store authorization

A flaw has been found in DinukaNavaratna Dee Store 1.0. Affected is an unknown function. Executing manipulation can lead to missing authorization. The attack may be performed from remote. The exploit has been published and may be used. Multiple endpoints are affected...

CVE-2025-13063

CVE-2025-13063 affects DinukaNavaratna Dee Store 1.0. The flaw is an unauthorized access issue in an unknown function that can be triggered remotely; exploitation has been published and affects multiple endpoints. Reported CVSS metrics indicate network-based access with low attack complexity and ...

CVE-2025-13060 SourceCodester Survey Application System view_survey.php sql injection

A security vulnerability has been detected in SourceCodester Survey Application System 1.0. This affects an unknown function of the file /viewsurvey.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and m...

CVE-2025-13059 SourceCodester Alumni Management System manage_career.php sql injection

A weakness has been identified in SourceCodester Alumni Management System 1.0. The impacted element is an unknown function of the file /managecareer.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available t...

CVE-2025-12930

A vulnerability has been found in SourceCodester Food Ordering System 1.0. Affected is an unknown function of the file /view-ticket.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may...