CVE-2025-4463

A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. Affected is an unknown function of the file /ajax.php?action=savepackage. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit h...

libsoup: Heap buffer overflow in sniff_unknown()

A flaw was found in libsoup. A vulnerability in the sniffunknown function may lead to heap buffer over-read...

CVE-2025-4067

A vulnerability classified as critical has been found in ScriptAndTools Online-Travling-System 1.0. Affected is an unknown function of the file /admin/viewpackage.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed ...

CVE-2025-3589

A vulnerability, which was classified as critical, was found in SourceCodester Music Class Enrollment System 1.0. Affected is an unknown function of the file /manageclass.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-3173

A vulnerability, which was classified as critical, was found in Project Worlds Online Lawyer Management System 1.0. Affected is an unknown function of the file /savebooking.php. The manipulation of the argument lawyerid/description leads to sql injection. It is possible to launch the attack...

DEBIAN-CVE-2025-32052

A flaw was found in libsoup. A vulnerability in the sniffunknown function may lead to heap buffer over-read...

UBUNTU-CVE-2025-32052

A flaw was found in libsoup. A vulnerability in the sniffunknown function may lead to heap buffer over-read...

PT-2025-13559 · Netis · Netis Wf-2404

Name of the Vulnerable Software and Affected Versions: Netis WF-2404 version 1.1.124EN Description: A critical issue has been discovered, affecting an unknown function of the file /etc/passwd. The manipulation with the input Realtek leads to the use of a default password. It is possible to launch...

CVE-2025-2209

A vulnerability, which was classified as problematic, was found in aitangbao springboot-manager 3.0. Affected is an unknown function of the file /sysDict/add. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-1590

A vulnerability was found in SourceCodester E-Learning System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/lesson/index.php of the component List of Lessons Page. The manipulation leads to unrestricted upload. It is possible to launch the...

CVE-2025-1557

A vulnerability, which was classified as problematic, was found in OFCMS 1.1.3. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-1553

CVE-2025-1553 affects pankajindevops scale; root cause is a cross-site scripting issue in the /scale/project goal parameter. Exploitation is possible remotely and has been disclosed publicly. No version details or updates are provided; multiple sources indicate there is no available fix yet.

CVE-2025-0485

A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been classified as problematic. Affected is an unknown function of the file /fladmin/sysconfigdoedit.php. The manipulation of the argument info leads to cross site scripting. It is possible to launch the attack remotely. The exploi...

CVE-2024-13203

A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did...

PT-2025-3819 · Unknown · Code-Projects Online Book Shop

Name of the Vulnerable Software and Affected Versions: code-projects Online Book Shop version 1.0 Description: A critical issue has been found in the code-projects Online Book Shop. It affects an unknown function of the file /search result.php. The manipulation of the argument s leads to SQL...

Yunfan Learning Examination System 安全漏洞

Yunfan Learning Examination System is an examination application from China Yunfan Yunfan Company. A security vulnerability exists in Yunfan Learning Examination System version 1.9.2, which originates from an unknown function in the file...

Yunfan Learning Examination System 访问控制错误漏洞

Yunfan Learning Examination System is an examination application from China Yunfan Yunfan Company. An access control error vulnerability exists in Yunfan Learning Examination System version 1.9.2, which originates from an unknown function in file...

PT-2025-35305 · Unknown +1 · Mixmark-Io Turndown +1

Name of the Vulnerable Software and Affected Versions: mixmark-io turndown versions through 7.2.1 Description: A security flaw exists in mixmark-io turndown, potentially leading to inefficient regular expression complexity through manipulation of an unknown function within the...

CVE-2024-12942

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/adminlogin.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack...

CVE-2024-12931

A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been classified as critical. Affected is an unknown function of the file /addCatController.php. The manipulation of the argument size leads to sql injection. It is possible to launch the attack remotely. The exploit has bee...