CVEs from 2025
Total
8,931
critical
critical 1,353
high
high 2,034
medium
medium 2,020
low
low 202
% Critical
15.1%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 108
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13300 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql… | |||
| CVE-2025-13299 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. This impacts an unknown function of the file /user/controller.php. Executing a manipulation can lead to sql … | |||
| CVE-2025-13298 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. This affects an unknown function of the file /enrollment/controller.php. Performing a manipulation re… | |||
| CVE-2025-13297 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. The impacted element is an unknown function of the file /course/controller.php. Such ma… | |||
| CVE-2025-13291 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirm_order.php. Performing a manipulation of the argument ID results i… | |||
| CVE-2025-13285 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in itsourcecode Online Voting System 1.0. The affected element is an unknown function of the file /login.php. Such manipulation of the argument Username leads to sql in… | |||
| CVE-2025-13280 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in CodeAstro Simple Inventory System 1.0. The impacted element is an unknown function of the file /index.php of the component Login. Executing a manipulation of the arg… | |||
| CVE-2025-13277 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in code-projects Nero Social Networking Site 1.0. This issue affects some unknown processing of the file /friendsphoto.php. This manipulation of the argument ID causes sql injec… | |||
| CVE-2025-13272 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Affected is an unknown function of the file /manage_course.php. Such manipulation of the argument ID leads to sq… | |||
| CVE-2025-13271 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in Campcodes School Fees Payment Management System 1.0. This impacts an unknown function of the file /ajax.php?action=login. This manipulation of the argument Username … | |||
| CVE-2025-13267 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in SourceCodester Dental Clinic Appointment Reservation System 1.0. Impacted is an unknown function of the file /success.php. Performing manipulation of the argument user… | |||
| CVE-2025-13262 | critical | 9.8 | 9.8 | 7mo ago | lsFusion Platform has a Path Traversal vulnerability | |||
| CVE-2025-13257 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user/index.php?view=edit. The manipulation o… | |||
| CVE-2025-13248 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is an unknown function of the file /php/api_patient_schedule.php. This manipul… | |||
| CVE-2025-13247 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid… | |||
| CVE-2025-13242 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in code-projects Student Information System 2.0. This issue affects some unknown processing of the file /register.php. The manipulation leads to sql injection. The atta… | |||
| CVE-2025-13241 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in code-projects Student Information System 2.0. This vulnerability affects unknown code of the file /index.php. Executing manipulation of the argument Username can lead to sql … | |||
| CVE-2025-13240 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in code-projects Student Information System 2.0. This affects an unknown part of the file /searchquery.php. Performing manipulation of the argument s results in sql injec… | |||
| CVE-2025-13237 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. The manipulation of the argument U_USERNAME results… | |||
| CVE-2025-13236 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=edit. The manipulation of the argument ID l… | |||
| CVE-2025-13235 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipulation of the argument user_email can le… | |||
| CVE-2025-13234 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in itsourcecode Inventory Management System 1.0. The impacted element is an unknown function of the file /index.php?q=product. Performing manipulation of the argument PROID … | |||
| CVE-2025-13233 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=single-item. Such manipulation of the argument ID … | |||
| CVE-2025-13210 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=add. Such manipulation of the a… | |||
| CVE-2025-13203 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in code-projects Simple Cafe Ordering System 1.0. This vulnerability affects unknown code of the file /addmem.php. Executing manipulation of the argument studentnum can… | |||
| CVE-2025-13201 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /login.php. Such manipulation of the argument Usernam… | |||
| CVE-2025-13170 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/edit_account.php. Performing a manipulation of … | |||
| CVE-2025-13169 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /add_query_reserve.php. Such manipulation o… | |||
| CVE-2025-13168 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in ury-erp ury up to 0.2.0. This affects the function overrided_past_order_list of the file ury/ury/api/pos_extend.py. This manipulation of the argument search_term cau… | |||
| CVE-2025-13123 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/get_firstdate.php. Executing manipulation of the argument uid … | |||
| CVE-2025-13122 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/api_patient_checkin.php. … | |||
| CVE-2025-13076 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/usersetting.php. Executing manipulation of the argument usname can lea… | |||
| CVE-2025-13075 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/usersettingdel.php. Performing manipulation of the argument eid results in … | |||
| CVE-2025-13060 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in SourceCodester Survey Application System 1.0. This affects an unknown function of the file /view_survey.php. Such manipulation of the argument ID leads t… | |||
| CVE-2025-13059 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in SourceCodester Alumni Management System 1.0. The impacted element is an unknown function of the file /manage_career.php. This manipulation of the argument ID causes … | |||
| CVE-2025-13057 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_student. The manipulation of the argument ID l… | |||
| CVE-2025-60724 | critical | 9.8 | 9.8 | 7mo ago | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-12939 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of the file /addCandidate.php. The manipulation of th… | |||
| CVE-2025-12938 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /process_login.php. The manipulation of the argumen… | |||
| CVE-2025-12933 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument rol… | |||
| CVE-2025-12932 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=inbox. This manipulation of the argument msgid ca… | |||
| CVE-2025-12931 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument… | |||
| CVE-2025-12930 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in SourceCodester Food Ordering System 1.0. Affected is an unknown function of the file /view-ticket.php. The manipulation of the argument ID leads to sql injection. It… | |||
| CVE-2025-12929 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function save_user/update_user of the file /LoginRegistration.php. Executing manipulation of the argument fulln… | |||
| CVE-2025-12928 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in code-projects Online Job Search Engine 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument username/phone results in … | |||
| CVE-2025-12916 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3.0. Impacted is an unknown function of the file /fort/portal_login of the component Frontend. This mani… | |||
| CVE-2025-12913 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in code-projects Responsive Hotel Site 1.0. This affects an unknown part of the file /admin/roomdel.php. Executing manipulation of the argument ID can lead to sql injection. It … | |||
| CVE-2025-12873 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in Campcodes School File Management 1.0. This affects an unknown part of the file /admin/update_user.php. Performing manipulation of the argument user_id results i… | |||
| CVE-2025-12862 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by this issue is some unknown functionality of the file /dashboard/userprofile.php. Such manipulation of th… | |||
| CVE-2025-12857 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/roombook.php. Such manipulation of the argument r… | |||
| CVE-2025-12856 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/reservation.php. This manipulation of the argument email causes sql injec… | |||
| CVE-2025-12855 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in code-projects Responsive Hotel Site 1.0. This issue affects some unknown processing of the file /admin/newsletterdel.php. The manipulation of the argument eid r… | |||
| CVE-2025-12853 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affects the function delete_house of the file /admin_class.php. Executing manipulation of the argument I… | |||
| CVE-2025-12617 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in itsourcecode Billing System 1.0. This affects an unknown function of the file /admin/app/login_crud.php. Executing a manipulation of the argument Password can lead to sql inj… | |||
| CVE-2025-12614 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function delete_payment of the file /admin_class.php. This manipulation of the argument ID ca… | |||
| CVE-2025-12612 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=delete_course. The manipulation of … | |||
| CVE-2025-12608 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in itsourcecode Online Loan Management System 1.0. The affected element is an unknown function of the file /manage_user.php. Performing manipulation of the argumen… | |||
| CVE-2025-12607 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in itsourcecode Online Loan Management System 1.0. Impacted is an unknown function of the file /manage_payment.php. Such manipulation of the argument ID leads to sql in… | |||
| CVE-2025-12606 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in itsourcecode Online Loan Management System 1.0. This issue affects some unknown processing of the file /manage_borrower.php. This manipulation of the argument ID cau… | |||
| CVE-2025-12605 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in itsourcecode Online Loan Management System 1.0. This vulnerability affects unknown code of the file /manage_loan.php. The manipulation of the argument ID results in sql i… | |||
| CVE-2025-12604 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in itsourcecode Online Loan Management System 1.0. This affects an unknown part of the file /load_fields.php. The manipulation of the argument loan_id leads to sql inje… | |||
| CVE-2025-12598 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function save_tenant of the file /admin_class.php. Executing manipulation of the argumen… | |||
| CVE-2025-12597 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function save_category of the file /admin_class.php. Performing manipulat… | |||
| CVE-2025-6520 | critical | 9.8 | 9.8 | 7mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Abis Technology BAPSIS allows Blind SQL Injection. This issue affects BAPSIS: before 20251027160… | |||
| CVE-2025-12378 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument p… | |||
| CVE-2025-12339 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in Campcodes Retro Basketball Shoes Online Store 1.0. This issue affects some unknown processing of the file /admin/admin_football.php. The manipulation of … | |||
| CVE-2025-12338 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. This vulnerability affects unknown code of the file /admin/admin_product.ph. Executing a manipulation of the argum… | |||
| CVE-2025-12337 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in Campcodes Retro Basketball Shoes Online Store 1.0. This affects an unknown part of the file /admin/admin_feature.php. Performing a manipulation of the argument … | |||
| CVE-2025-12336 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_index.php. Such manipulation of the … | |||
| CVE-2025-12325 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/forgot-password.php. The manipulation of the argument email leads to… | |||
| CVE-2025-12316 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in code-projects Courier Management System 1.0. This impacts an unknown function of the file /courier/edit-courier.php. The manipulation of the argument OfficeName lead… | |||
| CVE-2025-12315 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to … | |||
| CVE-2025-12314 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in code-projects Food Ordering System 1.0. The impacted element is an unknown function of the file /admin/deleteitem.php. Performing a manipulation of the argument itemID re… | |||
| CVE-2025-12313 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /msp_info.htm. Such manipulation of the argument cmd leads to comm… | |||
| CVE-2025-12309 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in code-projects Nero Social Networking Site 1.0. This affects an unknown part of the file /friendprofile.php. Executing manipulation of the argument ID can lead to sql… | |||
| CVE-2025-12308 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in code-projects Nero Social Networking Site 1.0. Affected by this issue is some unknown functionality of the file /deletemessage.php. Performing manipulation of t… | |||
| CVE-2025-12307 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in code-projects Nero Social Networking Site 1.0. Affected by this vulnerability is an unknown functionality of the file /addfriend.php. Such manipulation of the argume… | |||
| CVE-2025-12306 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in code-projects Nero Social Networking Site 1.0. Affected is an unknown function of the file /acceptoffres.php. This manipulation of the argument ID causes sql injecti… | |||
| CVE-2025-12305 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in quequnlong shiyi-blog up to 1.2.1. This impacts an unknown function of the file src/main/java/com/mojian/controller/SysJobController.java of the component Job Handler. Th… | |||
| CVE-2025-12301 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /editproduct.php. Such manipulation of the argument photo lead… | |||
| CVE-2025-12296 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub_4174B0 of the component Firmware Update Handler. The manipulation leads to os command … | |||
| CVE-2025-12294 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in SourceCodester Point of Sales 1.0. Impacted is an unknown function of the file /delete_category.php. Performing manipulation of the argument ID results in sql i… | |||
| CVE-2025-12293 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in SourceCodester Point of Sales 1.0. This issue affects some unknown processing of the file /category.php. Such manipulation of the argument Category leads to sql inje… | |||
| CVE-2025-12292 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in SourceCodester Point of Sales 1.0. This vulnerability affects unknown code of the file /index.php. This manipulation of the argument Username causes sql injection. I… | |||
| CVE-2025-12268 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. Impacted is an unknown function of the file /api/v1/courses/ of the component Course Thumbnail Handler. Th… | |||
| CVE-2025-12257 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in SourceCodester Online Student Result System 1.0. This issue affects some unknown processing of the file /view_result.php. The manipulation of the argumen… | |||
| CVE-2025-12253 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/get_expiredtime.php. This manipulation… | |||
| CVE-2025-12237 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /index.php. Such manipulation of the argument keywords leads to sql… | |||
| CVE-2025-12226 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Impacted is the function save_house of the file /admin_class.php. Performing manipulation of the argument house_no… | |||
| CVE-2025-12215 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /login_submit.php. Executing a manipulation of the argument keywords can lead to sql inj… | |||
| CVE-2025-12208 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in SourceCodester Best House Rental Management System 1.0. This impacts the function login2 of the file /admin_class.php. Performing manipulation of the argument Username re… | |||
| CVE-2025-11253 | critical | 9.8 | 9.8 | 7mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aksis Technology Inc. Netty ERP allows SQL Injection. This issue affects Netty ERP: before V.1.1… | |||
| CVE-2025-11023 | critical | 9.8 | 9.8 | 8mo ago | Inclusion of Functionality from Untrusted Control Sphere, Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ArkSigner Software a… | |||
| CVE-2025-59007 | critical | 9.8 | 9.8 | 8mo ago | Deserialization of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For Elementor tf-woo-product-grid allows Object Injection.This issue affects TF Woo Product Grid Addon For Elem… | |||
| CVE-2025-49380 | critical | 9.8 | 9.8 | 8mo ago | Deserialization of Untrusted Data vulnerability in wpinstinct WooCommerce Vehicle Parts Finder woo-vehicle-parts-finder allows Object Injection.This issue affects WooCommerce Vehicle Parts Finder: fr… | |||
| CVE-2025-11943 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in 70mai X200 up to 20251010. Affected by this vulnerability is an unknown functionality of the component HTTP Web Server. The manipulation leads to use of default cred… | |||
| CVE-2025-11942 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the a… | |||
| CVE-2025-11736 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in itsourcecode Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /index.php. This manipulation of the argument Username causes sql… | |||
| CVE-2025-10610 | critical | 9.8 | 9.8 | 8mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting Information Processing Industry and Foreign Trade Inc. Winsure allows Blind SQL In… | |||
| CVE-2025-6919 | critical | 9.8 | 9.8 | 8mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cats Information Technology Software Development Technologies Aykome License Tracking System allo… |