CVEs from 2025
Total
8,971
critical
critical 1,368
high
high 2,067
medium
medium 2,068
low
low 204
% Critical
15.2%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 110
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13276 | high | 7.3 | 7.3 | 7mo ago | A vulnerability was detected in g33kyrash Online-Banking-System up to 12dbfa690e5af649fb72d2e5d3674e88d6743455. This vulnerability affects unknown code of the file /index.php. The manipulation of the… | |||
| CVE-2025-13252 | high | 7.3 | 7.3 | 7mo ago | A vulnerability was found in shsuishang ShopSuite ModulithShop up to 45a99398cec3b7ad7ff9383694f0b53339f2d35a. Affected by this issue is some unknown functionality of the component RSA/OAuth2/Databas… | |||
| CVE-2025-55449 | high | 7.3 | 7.3 | 7mo ago | AstrBot is vulnerable to RCE with hard-coded JWT signing keys | |||
| CVE-2025-13121 | high | 7.3 | 7.3 | 7mo ago | A security vulnerability has been detected in cameasy Liketea 1.0.0. Impacted is the function list of the file laravel/app/Http/Controllers/Front/StoreController.php of the component API Endpoint. Su… | |||
| CVE-2025-13063 | high | 7.3 | 7.3 | 7mo ago | A flaw has been found in DinukaNavaratna Dee Store 1.0. Affected is an unknown function. Executing manipulation can lead to missing authorization. The attack may be performed from remote. The exploit… | |||
| CVE-2025-11962 | high | 7.3 | 7.3 | 7mo ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in DivvyDrive Information Technologies Inc. Digital Corporate Warehouse allows Stored XSS. T… | |||
| CVE-2025-10161 | high | 7.3 | 7.3 | 7mo ago | Improper Restriction of Excessive Authentication Attempts, Client-Side Enforcement of Server-Side Security, Reliance on Untrusted Inputs in a Security Decision vulnerability in Turkguven Software Tec… | |||
| CVE-2025-12342 | high | 7.3 | 7.3 | 7mo ago | A flaw has been found in Serdar Bayram Ghost Hot Spot up to 20251014. The affected element is an unknown function of the file /Auth.php of the component Login. This manipulation causes sql injection.… | |||
| CVE-2025-12277 | high | 7.3 | 7.3 | 7mo ago | A flaw has been found in Abdullah-Hasan-Sajjad Online-School up to f09dda77b4c29aa083ff57f4b1eb991b98b68883. This affects an unknown part of the file /studentLogin.php. This manipulation of the argum… | |||
| CVE-2025-12248 | high | 7.3 | 7.3 | 7mo ago | A security vulnerability has been detected in CLTPHP 3.0. The affected element is an unknown function of the file /home/search.html. Such manipulation of the argument keyword leads to sql injection. … | |||
| CVE-2025-11654 | high | 7.3 | 7.3 | 8mo ago | A vulnerability was identified in yousaf530 Inferno Online Clothing Store up to 827dd42bfbe380e8de76fdc67958c24cf1246208. The affected element is an unknown function of the file /log.php. Such manipu… | |||
| CVE-2025-11488 | high | 7.3 | 7.3 | 8mo ago | A weakness has been identified in D-Link DIR-852 up to 20251002. This affects an unknown part of the file /HNAP1/. Executing manipulation can lead to command injection. The attack may be launched rem… | |||
| CVE-2025-11284 | high | 7.3 | 7.3 | 8mo ago | A vulnerability has been found in Zytec Dalian Zhuoyun Technology Central Authentication Service 3. Affected by this vulnerability is an unknown functionality of the file /index.php/auth/Ops/git of t… | |||
| CVE-2025-11135 | high | 7.3 | 7.3 | 8mo ago | A vulnerability was detected in pmTicket Project-Management-Software up to 2ef379da2075f4761a2c9029cf91d073474e7486. The affected element is the function loadLanguage of the file classes/class.databa… | |||
| CVE-2025-11045 | high | 7.3 | 7.3 | 8mo ago | A vulnerability was identified in WAYOS LQ_04, LQ_05, LQ_06, LQ_07 and LQ_09 22.03.17. This affects an unknown function of the file /usb_paswd.asp. The manipulation of the argument Name leads to comm… | |||
| CVE-2025-11030 | high | 7.3 | 7.3 | 8mo ago | A vulnerability was detected in Tutorials-Website Employee Management System up to 611887d8f8375271ce8abc704507d46340837a60. Impacted is an unknown function of the file /admin/all-applied-leave.php o… | |||
| CVE-2025-10973 | high | 7.3 | 7.3 | 8mo ago | A flaw has been found in JackieDYH Resume-management-system up to fb6b857d852dd796e748ce30c606fe5e61c18273. Affected by this issue is some unknown functionality of the file /admin/show.php. This mani… | |||
| CVE-2025-10967 | high | 7.3 | 7.3 | 8mo ago | A vulnerability was detected in MuFen-mker PHP-Usermm up to 37f2d24e51b04346dfc565b93fc2fc6b37bdaea9. This affects an unknown part of the file /chkuser.php. Performing manipulation of the argument Us… | |||
| CVE-2025-10951 | high | 7.3 | 7.3 | 8mo ago | ml-logger has path traversal in the file argument | |||
| CVE-2025-10712 | high | 7.3 | 7.3 | 9mo ago | A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This issue affects some unknown processing of the file /index.php/Login/login. Performing manipulation of the argument Us… | |||
| CVE-2025-10374 | high | 7.3 | 7.3 | 9mo ago | A security flaw has been discovered in Shenzhen Sixun Business Management System 7/11. This affects an unknown part of the file /Adm/OperatorStop. Performing manipulation results in improper authoriz… | |||
| CVE-2025-10371 | high | 7.3 | 7.3 | 9mo ago | A security flaw has been discovered in eCharge Hardy Barth Salia PLCC up to 2.3.81. This issue affects some unknown processing of the file /api.php. The manipulation of the argument setrfidlist resul… | |||
| CVE-2025-10164 | high | 7.3 | 7.3 | 9mo ago | SGLang Remote Code Execution Vulnerability via Unsafe Deserialization in update_weights_from_tensor | |||
| CVE-2025-5005 | high | 7.3 | 7.3 | 9mo ago | A vulnerability was detected in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4. This affects an unknown function of the file crm/WeiXinApp/dingtalk/index_event.php. The manipulat… | |||
| CVE-2025-10116 | high | 7.3 | 7.3 | 9mo ago | A vulnerability was identified in SiempreCMS up to 1.3.6. This vulnerability affects unknown code of the file /docs/admin/file_upload.php. Such manipulation leads to unrestricted upload. The attack m… | |||
| CVE-2025-10115 | high | 7.3 | 7.3 | 9mo ago | A vulnerability was determined in SiempreCMS up to 1.3.6. This affects an unknown part of the file user_search_ajax.php. This manipulation of the argument name/userName causes sql injection. The atta… | |||
| CVE-2025-9238 | high | 7.3 | 7.3 | 10mo ago | A vulnerability was determined in Swatadru Exam-Seating-Arrangement up to 97335ccebf95468d92525f4255a2241d2b0b002f. Affected is an unknown function of the file /student.php of the component Student L… | |||
| CVE-2025-9150 | high | 7.3 | 7.3 | 10mo ago | A vulnerability was identified in Surbowl dormitory-management-php up to 9f1d9d1f528cabffc66fda3652c56ff327fda317. Affected is an unknown function of the file /admin/violation_add.php?id=2. Such mani… | |||
| CVE-2025-8744 | high | 7.3 | 7.3 | 10mo ago | A vulnerability classified as critical was found in CesiumLab Web up to 4.0. This vulnerability affects unknown code of the file /lodmodels/. The manipulation of the argument ID leads to sql injectio… | |||
| CVE-2025-8435 | high | 7.3 | 7.3 | 10mo ago | A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin-control.php. The… | |||
| CVE-2025-8434 | high | 7.3 | 7.3 | 10mo ago | A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as critical. Affected is an unknown function of the file /admin.php. The manipulation of the argument ID … | |||
| CVE-2025-7931 | high | 7.3 | 7.3 | 11mo ago | A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /members/admin_pic.php. The mani… | |||
| CVE-2025-7886 | high | 7.3 | 7.3 | 11mo ago | A vulnerability, which was classified as critical, was found in pmTicket Project-Management-Software up to 2ef379da2075f4761a2c9029cf91d073474e7486. This affects the function getUserLanguage of the f… | |||
| CVE-2025-7801 | high | 7.3 | 7.3 | 11mo ago | A vulnerability has been found in BossSoft CRM 6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /crm/module/HNDCBas_customPrmSearchDtl.jsp. The m… | |||
| CVE-2025-7576 | high | 7.3 | 7.3 | 11mo ago | A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16 and classified as critical. Affected by this issue is some unknown functionality of the file /priv/production/pro… | |||
| CVE-2025-7216 | high | 7.3 | 7.3 | 11mo ago | A vulnerability, which was classified as critical, was found in lty628 Aidigu up to 1.8.2. This affects the function checkUserCookie of the file /application/common.php of the component PHP Object Ha… | |||
| CVE-2025-5878 | high | 7.3 | 7.3 | 11mo ago | A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads to an improper … | |||
| CVE-2025-6846 | high | 7.3 | 7.3 | 11mo ago | A vulnerability classified as critical has been found in code-projects Simple Forum 1.0. This affects an unknown part of the file /forum_viewfile.php. The manipulation of the argument Name leads to s… | |||
| CVE-2025-6761 | high | 7.3 | 7.3 | 11mo ago | A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition 6.x/7.x/8.x/9.0. It has been rated as critical. Affected by this issue is the function plugin.buildMobilePopHtml of the file \… | |||
| CVE-2025-5985 | high | 7.3 | 7.3 | 1y ago | A vulnerability was found in code-projects School Fees Payment System 1.0 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper authenti… | |||
| CVE-2025-5952 | high | 7.3 | 7.3 | 1y ago | A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation of the argument file_… | |||
| CVE-2025-5870 | high | 7.3 | 7.3 | 1y ago | A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/setup.cgi of the componen… | |||
| CVE-2025-5758 | high | 7.3 | 7.3 | 1y ago | A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. This affects an unknown part of the file /doctor.php. The manipulation of the argumen… | |||
| CVE-2025-5755 | high | 7.3 | 7.3 | 1y ago | A vulnerability was found in SourceCodester Open Source Clinic Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /email_config.php. The manipulati… | |||
| CVE-2025-5716 | high | 7.3 | 7.3 | 1y ago | A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argum… | |||
| CVE-2025-5712 | high | 7.3 | 7.3 | 1y ago | A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /appointme… | |||
| CVE-2025-5711 | high | 7.3 | 7.3 | 1y ago | A vulnerability, which was classified as critical, was found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /Admin/InsertCity.php. The manipu… | |||
| CVE-2025-5710 | high | 7.3 | 7.3 | 1y ago | A vulnerability, which was classified as critical, has been found in code-projects Real Estate Property Management System 1.0. This issue affects some unknown processing of the file /Admin/InsertStat… | |||
| CVE-2025-5709 | high | 7.3 | 7.3 | 1y ago | A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. This vulnerability affects unknown code of the file /Admin/InsertCategory.php. The manipu… | |||
| CVE-2025-5708 | high | 7.3 | 7.3 | 1y ago | A vulnerability classified as critical has been found in code-projects Real Estate Property Management System 1.0. This affects an unknown part of the file /Admin/NewsReport.php. The manipulation of … | |||
| CVE-2025-5705 | high | 7.3 | 7.3 | 1y ago | A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Admin/Property.php. The manipul… | |||
| CVE-2025-5704 | high | 7.3 | 7.3 | 1y ago | A vulnerability was found in code-projects Real Estate Property Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /Admin/User.php. The manipulat… | |||
| CVE-2025-3197 | high | 7.3 | 7.3 | 1y ago | expand-object Vulnerable to Prototype Pollution via the expand() Function | |||
| CVE-2025-41279 | high | 7.2 | 7.2 | 8d ago | Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 RX Host in version… | |||
| CVE-2025-41267 | high | 7.2 | 7.2 | 8d ago | Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version… | |||
| CVE-2025-41266 | high | 7.2 | 7.2 | 8d ago | Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version… | |||
| CVE-2025-41265 | high | 7.2 | 7.2 | 8d ago | Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version… | |||
| CVE-2025-11262 | high | 7.2 | 7.2 | 8d ago | The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 0.9.0 due to insufficient input sanitization an… | |||
| CVE-2025-11159 | high | 7.2 | 7.2 | 25d ago | Hitachi Vantara Pentaho Data Integration & Analytics of all versions contain a JDBC driver for H2 databases which is vulnerable to external script execution when a new connection is created by a data… | |||
| CVE-2025-53681 | high | 7.2 | 7.2 | 25d ago | An improper neutralization of special elements used in an SQL Command ("SQL Injection&") vulnerability [CWE-89] vulnerability in Fortinet FortiMail 7.6.0 through 7.6.3, FortiMail 7.4.0 through 7.4.5,… | |||
| CVE-2025-9973 | high | 7.2 | 7.2 | 26d ago | Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations.… | |||
| CVE-2025-67486 | high | 7.2 | 7.2 | 29d ago | Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Versions 22.0.2 and earlier contains an authenticated remote code execution vulnerabilit… | |||
| CVE-2025-31974 | high | 7.2 | 7.2 | 1mo ago | HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modifications to critical system comp… | |||
| CVE-2025-36074 | high | 7.2 | 7.2 | 2mo ago | IBM Security Verify Directory (Container) 10.0.0 through 10.0.0.3 IBM Security Verify Directory could be vulnerable to malicious file upload by not validating file type. A privileged user could uploa… | |||
| CVE-2025-46607 | high | 7.2 | 7.2 | 2mo ago | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with r… | |||
| CVE-2025-46606 | high | 7.2 | 7.2 | 2mo ago | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper restriction of excessive authentication attempts vulnerability.… | |||
| CVE-2025-46605 | high | 7.2 | 7.2 | 2mo ago | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain a session fixation vulnerability. A high privileged attacker with remote ac… | |||
| CVE-2025-64998 | high | 7.2 | 7.2 | 2mo ago | Exposure of session signing secret in Checkmk <2.4.0p23, <2.3.0p45 and 2.2.0 allows an administrator of a remote site with config sync enabled to hijack sessions on the central site by forging sessio… | |||
| CVE-2025-68648 | high | 7.2 | 7.2 | 3mo ago | A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all vers… | |||
| CVE-2025-15589 | high | 7.2 | 7.2 | 3mo ago | A vulnerability was determined in MuYuCMS 2.7. Affected is the function delete_dir_file of the file application/admin/controller/Template.php of the component Template Management Page. This manipulat… | |||
| CVE-2025-64157 | high | 7.2 | 7.2 | 4mo ago | A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0 all versions allows an authe… | |||
| CVE-2025-15495 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was found in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/editsite.php. The manipulation of the argument image results in unrestricted upload. Th… | |||
| CVE-2025-15443 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of the file /adminapi/product/product_export. Such manipulation of the argument cate_id leads to sql in… | |||
| CVE-2025-15442 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/product_list. This manipulation of the argument cate_id causes sql injection.… | |||
| CVE-2025-15438 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::__destruct of the file core/admin/medias.php of the component Media Management Module. Executing a manip… | |||
| CVE-2025-15394 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument conf… | |||
| CVE-2025-15360 | high | 7.2 | 7.2 | 5mo ago | A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts the function Upload of the file src/main/java/ltd/newbee/mall/controller/common/UploadController.java of the component Product I… | |||
| CVE-2025-15262 | high | 7.2 | 7.2 | 5mo ago | A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the… | |||
| CVE-2025-15197 | high | 7.2 | 7.2 | 5mo ago | A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing ma… | |||
| CVE-2025-15169 | high | 7.2 | 7.2 | 5mo ago | A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unknown functionality of the file /admin/editsite.php. Executing a manipulation of the argument ID can … | |||
| CVE-2025-15148 | high | 7.2 | 7.2 | 5mo ago | A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetemp_action in the library /lib/admin/template_admin.php of the component Backend Template Management Page. Executing a mani… | |||
| CVE-2025-15143 | high | 7.2 | 7.2 | 5mo ago | A security flaw has been discovered in EyouCMS up to 1.7.6. The affected element is an unknown function of the file /application/admin/logic/FilemanagerLogic.php of the component Backend Template Man… | |||
| CVE-2025-15138 | high | 7.2 | 7.2 | 5mo ago | A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unknown functionality of the file tinyfilemanager.php. This manipulation of the argument fullpath causes… | |||
| CVE-2025-15110 | high | 7.2 | 7.2 | 5mo ago | A vulnerability has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. Affected is the function Upload of the file Admin/Home/Controller/ProductImageController.class.php of the … | |||
| CVE-2025-15003 | high | 7.2 | 7.2 | 6mo ago | A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file admin_video.php. Performing a manipulation of the argument e_id results in sql injection. The a… | |||
| CVE-2025-14966 | high | 7.2 | 7.2 | 6mo ago | A vulnerability was determined in FastAdmin up to 1.7.0.20250506. Affected is the function selectpage of the file application/common/controller/Backend.php of the component Backend Controller. Execut… | |||
| CVE-2025-14939 | high | 7.2 | 7.2 | 6mo ago | A vulnerability was found in code-projects Online Appointment Booking System 1.0. Impacted is an unknown function of the file /admin/deletemanager.php. The manipulation of the argument managername re… | |||
| CVE-2025-14900 | high | 7.2 | 7.2 | 6mo ago | A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /admin/userdelete.php of the component Administrator Endpoint. S… | |||
| CVE-2025-14899 | high | 7.2 | 7.2 | 6mo ago | A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /admin/stateadd.php of the component Administrator Endpoint. This manipulat… | |||
| CVE-2025-14898 | high | 7.2 | 7.2 | 6mo ago | A security flaw has been discovered in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /admin/userbuilderdelete.php of the component Administrator Endpoint. … | |||
| CVE-2025-14897 | high | 7.2 | 7.2 | 6mo ago | A vulnerability was identified in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /admin/useragentdelete.php of the component Administrator Endpoi… | |||
| CVE-2025-14837 | high | 7.2 | 7.2 | 6mo ago | A vulnerability has been found in ZZCMS 2025. Affected by this issue is the function stripfxg of the file /admin/siteconfig.php of the component Backend Website Settings Module. Such manipulation of … | |||
| CVE-2025-14731 | high | 7.2 | 7.2 | 6mo ago | A weakness has been identified in CTCMS Content Management System up to 2.1.2. This affects an unknown function in the library /ctcms/apps/libraries/CT_Parser.php of the component Frontend/Template M… | |||
| CVE-2025-14730 | high | 7.2 | 7.2 | 6mo ago | A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/Ct_Config.php of the component Backend Syste… | |||
| CVE-2025-14729 | high | 7.2 | 7.2 | 6mo ago | A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/Ct_App.php of the component Backend App Configuration … | |||
| CVE-2025-14648 | high | 7.2 | 7.2 | 6mo ago | A security vulnerability has been detected in DedeBIZ up to 6.5.9. Affected by this vulnerability is an unknown functionality of the file /src/admin/catalog_add.php. Such manipulation leads to comman… | |||
| CVE-2025-14642 | high | 7.2 | 7.2 | 6mo ago | A vulnerability has been found in code-projects Computer Laboratory System 1.0. Impacted is an unknown function of the file technical_staff_pic.php. Such manipulation of the argument image leads to u… | |||
| CVE-2025-14641 | high | 7.2 | 7.2 | 6mo ago | A flaw has been found in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing of the file admin/admin_pic.php. This manipulation of the argument image causes unres… | |||
| CVE-2025-14582 | high | 7.2 | 7.2 | 6mo ago | A vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an unknown function of the file /admin/index.php?page=user-profile. Performing a manipulation of the argum… | |||
| CVE-2025-14530 | high | 7.2 | 7.2 | 6mo ago | A vulnerability has been found in SourceCodester Real Estate Property Listing App 1.0. The impacted element is an unknown function of the file /admin/property.php. Such manipulation of the argument i… |