CVEs from 2025
Total
8,826
critical
critical 1,315
high
high 1,968
medium
medium 1,973
low
low 201
% Critical
14.9%
% with KEV
2.1%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 108
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13567 | high | 8.8 | 8.8 | 6mo ago | A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This affects an unknown function of the file /admin/?page=establishment. The manipulation of the argument ID results in sql inj… | |||
| CVE-2025-13347 | high | 8.8 | 8.8 | 7mo ago | A flaw has been found in SourceCodester Train Station Ticketing System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=save_user. Executing manipulation of the argument User… | |||
| CVE-2025-13346 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was detected in SourceCodester Train Station Ticketing System 1.0. This affects an unknown part of the file /ajax.php?action=save_station. Performing manipulation of the argument id/s… | |||
| CVE-2025-13345 | high | 8.8 | 8.8 | 7mo ago | A security vulnerability has been detected in SourceCodester Train Station Ticketing System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_ticket. Such ma… | |||
| CVE-2025-13325 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was determined in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /enrollment_edit1.php. Executing manipulation of the argument en… | |||
| CVE-2025-13306 | high | 8.8 | 8.8 | 7mo ago | A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of t… | |||
| CVE-2025-13290 | high | 8.8 | 8.8 | 7mo ago | A vulnerability has been found in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /saveorder.php. Such manipulation of the argument ID … | |||
| CVE-2025-13289 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was detected in 1000projects Design & Development of Student Database Management System 1.0. Affected is an unknown function of the file /TeacherLogin/Academics/SubjectDetails.php. Th… | |||
| CVE-2025-13287 | high | 8.8 | 8.8 | 7mo ago | A weakness has been identified in itsourcecode Online Voting System 1.0. This affects an unknown function of the file /index.php?page=categories. Executing manipulation of the argument id/category ca… | |||
| CVE-2025-13286 | high | 8.8 | 8.8 | 7mo ago | A security flaw has been discovered in itsourcecode Online Voting System 1.0. The impacted element is an unknown function of the file /ajax.php?action=save_user. Performing manipulation of the argume… | |||
| CVE-2025-13279 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was found in code-projects Nero Social Networking Site 1.0. The affected element is an unknown function of the file /profilefriends.php. Performing manipulation of the argument ID res… | |||
| CVE-2025-13278 | high | 8.8 | 8.8 | 7mo ago | A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowed_book_search.php. Such manipulation of the argument datefr… | |||
| CVE-2025-13274 | high | 8.8 | 8.8 | 7mo ago | A weakness has been identified in Campcodes School Fees Payment Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=delete_fees. Executing a manip… | |||
| CVE-2025-13273 | high | 8.8 | 8.8 | 7mo ago | A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_payment. Per… | |||
| CVE-2025-13270 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was found in Campcodes School Fees Payment Management System 1.0. This affects an unknown function of the file /ajax.php?action=save_course. The manipulation of the argument ID result… | |||
| CVE-2025-13269 | high | 8.8 | 8.8 | 7mo ago | A vulnerability has been found in Campcodes School Fees Payment Management System 1.0. The impacted element is an unknown function of the file /ajax.php?action=save_payment. The manipulation of the a… | |||
| CVE-2025-13264 | high | 8.8 | 8.8 | 7mo ago | A security flaw has been discovered in SourceCodester Online Magazine Management System 1.0. This affects an unknown part of the file /view_magazine.php. The manipulation of the argument ID results i… | |||
| CVE-2025-13263 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was identified in SourceCodester Online Magazine Management System 1.0. Affected by this issue is some unknown functionality of the file /categories.php. The manipulation of the argum… | |||
| CVE-2025-13260 | high | 8.8 | 8.8 | 7mo ago | A vulnerability has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /manufacturer/edit_product.php. Such manipulation of the argument cmbProductUn… | |||
| CVE-2025-13259 | high | 8.8 | 8.8 | 7mo ago | A flaw has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /manufacturer/edit_unit.php. This manipulation of the argument ID causes sql injection.… | |||
| CVE-2025-13256 | high | 8.8 | 8.8 | 7mo ago | A weakness has been identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrow.php. Executing a manipulation of the argument roll_number c… | |||
| CVE-2025-13255 | high | 8.8 | 8.8 | 7mo ago | A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /book_search.php. Performing a manipulation of the … | |||
| CVE-2025-13254 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /add_member.php. Such manipulation of the argument roll_num… | |||
| CVE-2025-13253 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was determined in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /add_librarian.php. This manipulation of the argument Username causes … | |||
| CVE-2025-13251 | high | 8.8 | 8.8 | 7mo ago | A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The attack may be launched remotely. The exploit has been… | |||
| CVE-2025-13250 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was detected in WeiYe-Jing datax-web up to 2.1.2. This impacts the function remove/update/pause/start/triggerJob of the component Job Handler. Performing manipulation results in impro… | |||
| CVE-2025-13243 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was found in code-projects Student Information System 2.0. Impacted is an unknown function of the file /editprofile.php. The manipulation results in sql injection. The attack may be p… | |||
| CVE-2025-13238 | high | 8.8 | 8.8 | 7mo ago | A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this vulnerability is an unknown functionality of the file /agent/profile/edit of the component Edit Profile Page. This… | |||
| CVE-2025-13177 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was detected in Bdtask/CodeCanyon SalesERP up to 20250728. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. T… | |||
| CVE-2025-13172 | high | 8.8 | 8.8 | 7mo ago | A security flaw has been discovered in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/view-member-report.php. Performing a manipulation of the argument ID res… | |||
| CVE-2025-13171 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was identified in ZZCMS 2023. This impacts an unknown function of the file /admin/wangkan_list.php. Such manipulation of the argument keyword leads to sql injection. The attack can be… | |||
| CVE-2025-13061 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was detected in itsourcecode Online Voting System 1.0. This impacts an unknown function of the file /index.php?page=manage_voting. Performing manipulation results in unrestricted uplo… | |||
| CVE-2025-12926 | high | 8.8 | 8.8 | 7mo ago | A weakness has been identified in SourceCodester Farm Management System 1.0. The affected element is an unknown function of the file /review.php. This manipulation of the argument pid causes sql inje… | |||
| CVE-2025-12922 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an unknown part of the file /ImportCRFData?action=confirm of the component CRF Data Import. Performing manip… | |||
| CVE-2025-12921 | high | 8.8 | 8.8 | 7mo ago | A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF … | |||
| CVE-2025-49386 | high | 8.8 | 8.8 | 7mo ago | Deserialization of Untrusted Data vulnerability in Scott Reilly Preserve Code Formatting preserve-code-formatting allows Object Injection.This issue affects Preserve Code Formatting: from n/a through… | |||
| CVE-2025-12609 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was found in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/update-progress.php. Performing a manipulation of the argumen… | |||
| CVE-2025-12347 | high | 8.8 | 8.8 | 7mo ago | A flaw has been found in MaxSite CMS up to 109. This issue affects some unknown processing of the file application/maxsite/admin/plugins/editor_files/save-file-ajax.php. Executing manipulation of the… | |||
| CVE-2025-12346 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was detected in MaxSite CMS up to 109. This vulnerability affects unknown code of the file application/maxsite/admin/plugins/auto_post/uploads-require-maxsite.php of the component HTT… | |||
| CVE-2025-12288 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was detected in Bdtask Pharmacy Management System up to 9.4. Affected is an unknown function of the file /user/edit_user/ of the component User Profile Handler. Performing manipulatio… | |||
| CVE-2025-12263 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /edit_judge.php. The manipulation of the argument judge_id leads to sql in… | |||
| CVE-2025-12262 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was determined in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /edit_criteria.php. Executing manipulation of the argument crit_id can le… | |||
| CVE-2025-12261 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was found in CodeAstro Gym Management System 1.0. This affects an unknown function of the file /admin/actions/remove-announcement.php. Performing a manipulation of the argument ID res… | |||
| CVE-2025-12256 | high | 8.8 | 8.8 | 7mo ago | A weakness has been identified in code-projects Online Event Judging System 1.0. This vulnerability affects unknown code of the file /edit_contestant.php. Executing manipulation of the argument conte… | |||
| CVE-2025-12255 | high | 8.8 | 8.8 | 7mo ago | A security flaw has been discovered in code-projects Online Event Judging System 1.0. This affects an unknown part of the file /add_contestant.php. Performing manipulation of the argument fullname re… | |||
| CVE-2025-12254 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected by this issue is some unknown functionality of the file /add_judge.php. Such manipulation of the argument ful… | |||
| CVE-2025-12252 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was found in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /ajax/action.php. The manipulation of the argument content results in sql injec… | |||
| CVE-2025-12243 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was found in code-projects Client Details System 1.0. Affected by this issue is some unknown functionality of the file clientdetails/welcome.php of the component GET Parameter Handler… | |||
| CVE-2025-12242 | high | 8.8 | 8.8 | 7mo ago | A vulnerability has been found in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/actions/check-attendance.php. Such manipulation of… | |||
| CVE-2025-12238 | high | 8.8 | 8.8 | 7mo ago | A security flaw has been discovered in code-projects Automated Voting System 1.0. The affected element is an unknown function of the file /admin/user.php. Performing manipulation of the argument User… | |||
| CVE-2025-12223 | high | 8.8 | 8.8 | 7mo ago | A vulnerability was detected in Bdtask Flight Booking Software up to 3.1. This affects an unknown part of the file /b2c/package-information of the component Package Information Module. The manipulati… | |||
| CVE-2025-12222 | high | 8.8 | 8.8 | 7mo ago | A security vulnerability has been detected in Bdtask Flight Booking Software up to 3.1. Affected by this issue is some unknown functionality of the file /admin/transaction/deposit of the component De… | |||
| CVE-2025-11912 | high | 8.8 | 8.8 | 8mo ago | A flaw has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected is the function Query of the file /DeviceState.do?Action=Query. This manipulation of the argument orderField caus… | |||
| CVE-2025-11911 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. This impacts the function Query of the file /DeviceFault.do?Action=Query. The manipulation of the argument sortFiel… | |||
| CVE-2025-11910 | high | 8.8 | 8.8 | 8mo ago | A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. This affects the function Query of the file /MemoryState.do?Action=Query. The manipulation of the arg… | |||
| CVE-2025-11909 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The impacted element is the function queryLast of the file /RepairRecord.do?Action=QueryLast. Executing manipulat… | |||
| CVE-2025-11908 | high | 8.8 | 8.8 | 8mo ago | A security flaw has been discovered in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The affected element is the function uploadFile of the file /FileDir.do?Action=Upload. Performing manipulati… | |||
| CVE-2025-11905 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was found in yanyutao0402 ChanCMS up to 3.3.2. This vulnerability affects the function getArticle of the file app\modules\cms\controller\gather.js. The manipulation results in code in… | |||
| CVE-2025-11667 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was found in code-projects Automated Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add_candidate_modal.php.. The manipulation of the… | |||
| CVE-2025-11613 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was found in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file /addcategory.php. The manipulation of the argument cname results in sql injecti… | |||
| CVE-2025-11612 | high | 8.8 | 8.8 | 8mo ago | A vulnerability has been found in code-projects Simple Food Ordering System 1.0. This impacts an unknown function of the file /addproduct.php. The manipulation of the argument Category leads to sql i… | |||
| CVE-2025-11611 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in SourceCodester Simple Inventory System 1.0. Impacted is an unknown function of the file /user.php. This manipulation of the argument uemail causes sql injection. The… | |||
| CVE-2025-11610 | high | 8.8 | 8.8 | 8mo ago | A security flaw has been discovered in SourceCodester Simple Inventory System 1.0. This issue affects some unknown processing of the file /brand.php. The manipulation of the argument editBrandName re… | |||
| CVE-2025-11607 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element is the function upload_music of the file app/controllers/v1/music.py of the component API Endpoint. Exe… | |||
| CVE-2025-11605 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was identified in code-projects Client Details System 1.0. Impacted is an unknown function of the file /admin/update-profile.php. Such manipulation of the argument uid leads to sql in… | |||
| CVE-2025-11603 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was found in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /editproduct.php. The manipulation of the argument Category results in … | |||
| CVE-2025-11600 | high | 8.8 | 8.8 | 8mo ago | A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file editcategory.php. Such manipulation of the argument cname lead… | |||
| CVE-2025-11593 | high | 8.8 | 8.8 | 8mo ago | A flaw has been found in CodeAstro Gym Management System 1.0. This vulnerability affects unknown code of the file /admin/actions/delete-equipment.php. This manipulation of the argument ID causes sql … | |||
| CVE-2025-11592 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was detected in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/edit-equipmentform.php. The manipulation of the argument ID results in sql injecti… | |||
| CVE-2025-11591 | high | 8.8 | 8.8 | 8mo ago | A security vulnerability has been detected in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/actions/delete-member.php. The manipulation … | |||
| CVE-2025-11590 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/equipment-entry.php. Executing a manipulation of t… | |||
| CVE-2025-11589 | high | 8.8 | 8.8 | 8mo ago | A security flaw has been discovered in CodeAstro Gym Management System 1.0. Affected is an unknown function of the file /admin/user-payment.php. Performing a manipulation of the argument plan results… | |||
| CVE-2025-11588 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was identified in CodeAstro Gym Management System 1.0. This impacts an unknown function of the file /customer/index.php. Such manipulation of the argument fullname leads to sql inject… | |||
| CVE-2025-11554 | high | 8.8 | 8.8 | 8mo ago | A security vulnerability has been detected in Portabilis i-Educar up to 2.9.10. Affected by this issue is some unknown functionality of the file app/Http/Controllers/AccessLevelController.php of the … | |||
| CVE-2025-11552 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was identified in code-projects Online Complaint Site 1.0. This impacts an unknown function of the file /admin/category.php. Such manipulation of the argument Category leads to sql in… | |||
| CVE-2025-11530 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injecti… | |||
| CVE-2025-11523 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It… | |||
| CVE-2025-11516 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in code-projects Online Complaint Site 1.0. Impacted is an unknown function of the file /cms/users/complaint-details.php. Executing manipulation of the argument cid can… | |||
| CVE-2025-11515 | high | 8.8 | 8.8 | 8mo ago | A security flaw has been discovered in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/users/register-complaint.php. Performing manipulation of th… | |||
| CVE-2025-11514 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was identified in code-projects Online Complaint Site 1.0. This vulnerability affects unknown code of the file /cms/users/index.php. Such manipulation of the argument Username leads t… | |||
| CVE-2025-11478 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in SourceCodester Farm Management System 1.0. This issue affects some unknown processing of the file /myCart.php. This manipulation of the argument pid causes sql injec… | |||
| CVE-2025-11436 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was detected in JhumanJ OpnForm up to 1.9.3. Affected by this issue is some unknown functionality of the file /answer. The manipulation results in unrestricted upload. The attack can … | |||
| CVE-2025-11426 | high | 8.8 | 8.8 | 8mo ago | A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_book.php. The manipulation of… | |||
| CVE-2025-11417 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in Campcodes Advanced Online Voting Management System 1.0. This vulnerability affects unknown code of the file /admin/voters_add.php. Executing manipulation of the argu… | |||
| CVE-2025-11410 | high | 8.8 | 8.8 | 8mo ago | A flaw has been found in Campcodes Advanced Online Voting Management System 1.0. This affects an unknown function of the file /admin/voters_add.php. Executing manipulation of the argument firstname c… | |||
| CVE-2025-11409 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was detected in Campcodes Advanced Online Voting Management System 1.0. The impacted element is an unknown function of the file /index.php. Performing manipulation of the argument vot… | |||
| CVE-2025-11398 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The impacted element is an unknown function of the file /profile.php of the component Profile Page. Executing m… | |||
| CVE-2025-11359 | high | 8.8 | 8.8 | 8mo ago | A security vulnerability has been detected in code-projects Simple Banking System 1.0. The affected element is an unknown function of the file /transfermoney.php. The manipulation of the argument ID … | |||
| CVE-2025-11358 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in code-projects Simple Banking System 1.0. Impacted is an unknown function of the file /removeuser.php. Executing manipulation of the argument ID can lead to sql injec… | |||
| CVE-2025-11357 | high | 8.8 | 8.8 | 8mo ago | A security flaw has been discovered in code-projects Simple Banking System 1.0. This issue affects some unknown processing of the file /createuser.php. Performing manipulation of the argument Name re… | |||
| CVE-2025-11353 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was detected in code-projects Online Hotel Reservation System 1.0. This impacts an unknown function of the file /admin/addgalleryexec.php. Performing manipulation of the argument imag… | |||
| CVE-2025-11352 | high | 8.8 | 8.8 | 8mo ago | A security vulnerability has been detected in code-projects Online Hotel Reservation System 1.0. This affects an unknown function of the file /admin/addexec.php. Such manipulation of the argument ima… | |||
| CVE-2025-11351 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in code-projects Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/editpicexec.php. This manipulation of the argument … | |||
| CVE-2025-11330 | high | 8.8 | 8.8 | 8mo ago | A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. The affected element is an unknown function of the file /admin/sales-reports-detail.php. Such manipulation of the ar… | |||
| CVE-2025-11303 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was detected in Belkin F9K1015 1.00.10. Affected is an unknown function of the file /goform/mp. Performing a manipulation of the argument command results in command injection. The att… | |||
| CVE-2025-11298 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was determined in Belkin F9K1015 1.00.10. Impacted is an unknown function of the file /goform/formSetWanStatic. Executing a manipulation of the argument m_wan_ipaddr can lead to comma… | |||
| CVE-2025-11292 | high | 8.8 | 8.8 | 8mo ago | A weakness has been identified in Belkin F9K1015 1.00.10. Affected is an unknown function of the file /goform/formBSSetSitesurvey. Executing a manipulation of the argument wan_ipaddr can lead to comm… | |||
| CVE-2025-11288 | high | 8.8 | 8.8 | 8mo ago | A security flaw has been discovered in CRMEB up to 5.6. This issue affects some unknown processing of the file /adminapi/product/product of the component GET Parameter Handler. Performing a manipulat… | |||
| CVE-2025-11285 | high | 8.8 | 8.8 | 8mo ago | MCPHub's ServerController is vulnerable to Command Injection | |||
| CVE-2025-11138 | high | 8.8 | 8.8 | 8mo ago | A vulnerability was found in mirweiye wenkucms up to 3.4. This impacts the function createPathOne of the file app/common/common.php. The manipulation results in os command injection. The attack may b… |