CVEs from 2025
Total
8,845
critical
critical 1,327
high
high 1,995
medium
medium 1,981
low
low 202
% Critical
15.0%
% with KEV
2.1%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 108
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-9395 | medium | 6.3 | 6.3 | 9mo ago | A vulnerability was identified in wangsongyan wblog 0.0.1. This affects the function RestorePost of the file backup.go. Such manipulation of the argument fileName leads to server-side request forgery… | |||
| CVE-2025-9151 | medium | 6.3 | 6.3 | 10mo ago | A security flaw has been discovered in LiuYuYang01 ThriveX-Blog up to 3.1.7. Affected by this vulnerability is the function updateJsonValueByName of the file /web_config/json/name/web. Performing man… | |||
| CVE-2025-9148 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects an unknown function of the file ai/chat2db/server/web/api/controller/data/source/DataSourceController.java of the component … | |||
| CVE-2025-9099 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability was identified in Acrel Environmental Monitoring Cloud Platform up to 20250804. This affects an unknown part of the file /NewsManage/UploadNewsImg. The manipulation of the argument Fi… | |||
| CVE-2025-8938 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability was found in TOTOLINK N350R 1.2.3-B20130826. This issue affects the function formSysTel of the file /boafrm/formSysTel of the component Telnet Service. The manipulation of the argumen… | |||
| CVE-2025-8791 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability was found in LitmusChaos Litmus up to 3.19.0. It has been rated as critical. This issue affects some unknown processing of the file /auth/list_projects. The manipulation of the argume… | |||
| CVE-2025-8697 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability was found in agentUniverse up to 0.0.18 and classified as critical. This issue affects the function StdioServerParameters of the component MCPSessionManager/MCPTool/MCPToolkit. The ma… | |||
| CVE-2025-8667 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability, which was classified as critical, was found in SkyworkAI DeepResearchAgent up to 08eb7f8eb9505d0094d75bb97ff7dacc3fa3bbf2. Affected is the function from_code/from_dict/from_mcp of th… | |||
| CVE-2025-8665 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability, which was classified as critical, has been found in agno-agi agno up to 1.7.5. This issue affects the function MCPTools/MultiMCPTools in the library libs/agno/agno/tools/mcp.py of th… | |||
| CVE-2025-8529 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability classified as critical was found in cloudfavorites favorites-web up to 1.3.0. Affected by this vulnerability is the function getCollectLogoUrl of the file app/src/main/java/com/favori… | |||
| CVE-2025-8517 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability was detected in givanz Vvveb 1.0.6.1. Impacted is an unknown function. The manipulation results in session fixiation. The attack can be launched remotely. The exploit is now public an… | |||
| CVE-2025-8266 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability has been found in yanyutao0402 ChanCMS up to 3.1.2 and classified as critical. Affected by this vulnerability is the function getArticle of the file app/modules/cms/controller/collect… | |||
| CVE-2025-8174 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability was found in code-projects Voting System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/candidates_add.php. The manipulation o… | |||
| CVE-2025-8171 | medium | 6.3 | 6.3 | 10mo ago | A vulnerability, which was classified as critical, has been found in code-projects Document Management System 1.0. This issue affects some unknown processing of the file /insert.php. The manipulation… | |||
| CVE-2025-8133 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability classified as critical has been found in yanyutao0402 ChanCMS up to 3.1.2. This affects the function getArticle of the file app/modules/api/service/gather.js. The manipulation of the … | |||
| CVE-2025-8128 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability, which was classified as critical, has been found in zhousg letao up to 7d8df0386a65228476290949e0413de48f7fbe98. This issue affects some unknown processing of the file routes\bf\prod… | |||
| CVE-2025-7798 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability classified as critical has been found in Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System up to 8.2. This affects an unknown part of the file /admin/sy… | |||
| CVE-2025-7487 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability, which was classified as critical, was found in JoeyBling SpringBoot_MyBatisPlus up to a6a825513bd688f717dbae3a196bc9c9622fea26. This affects the function SysFileController of the fil… | |||
| CVE-2025-7452 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability was found in kone-net go-chat up to f9e58d0afa9bbdb31faf25e7739da330692c4c63. It has been declared as critical. This vulnerability affects the function GetFile of the file go-chat/api… | |||
| CVE-2025-7156 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability has been found in hitsz-ids airda 0.0.3 and classified as critical. This vulnerability affects the function execute of the file /v1/chat/completions. The manipulation of the argument … | |||
| CVE-2025-6883 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /update_index.php. The manipulation of the argument updat… | |||
| CVE-2025-6839 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability, which was classified as critical, has been found in Conjure Position Department Service Quality Evaluation System up to 1.0.11. Affected by this issue is the function eval of the fil… | |||
| CVE-2025-6774 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has been rated as critical. Affected by this issue is the function AddTemp of the file api/template.go. The manipulation of the argumen… | |||
| CVE-2025-6768 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability classified as critical has been found in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. Affected is the function findAllHosByCondition of the file HospitalService… | |||
| CVE-2025-6767 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability was found in sfturing hosp_order up to 627f426331da8086ce8fff2017d65b1ddef384f8. It has been rated as critical. This issue affects the function findDoctorByCondition of the file Docto… | |||
| CVE-2025-6753 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability was found in huija bicycleSharingServer 1.0 and classified as critical. This issue affects the function selectAdminByNameLike of the file AdminController.java. The manipulation leads … | |||
| CVE-2025-6749 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability classified as critical was found in huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a. Affected by this vulnerability is the function searchAdminMessageShow of… | |||
| CVE-2025-6738 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability, which was classified as critical, has been found in huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a. Affected by this issue is the function userDao.selectUs… | |||
| CVE-2025-6731 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Ha… | |||
| CVE-2025-6518 | medium | 6.3 | 6.3 | 1y ago | pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function | |||
| CVE-2025-6485 | medium | 6.3 | 6.3 | 1y ago | A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been classified as critical. This affects the function formWlSiteSurvey of the file /boafrm/formWlSiteSurvey. The manipulatio… | |||
| CVE-2025-6281 | medium | 6.3 | 6.3 | 1y ago | A vulnerability has been found in OpenBMB XAgent up to 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /conv/community. The manipulation leads… | |||
| CVE-2025-6142 | medium | 6.3 | 6.3 | 1y ago | A vulnerability was found in Intera InHire up to 20250530. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument 29chcotoo9 le… | |||
| CVE-2025-6108 | medium | 6.3 | 6.3 | 1y ago | A vulnerability was found in hansonwang99 Spring-Boot-In-Action up to 807fd37643aa774b94fd004cc3adbd29ca17e9aa. It has been declared as critical. Affected by this vulnerability is the function waterm… | |||
| CVE-2025-6100 | medium | 6.3 | 6.3 | 1y ago | A vulnerability was found in realguoshuai open-video-cms 1.0. It has been rated as critical. This issue affects some unknown processing of the file /v1/video/list. The manipulation of the argument so… | |||
| CVE-2025-5873 | medium | 6.3 | 6.3 | 1y ago | A vulnerability was detected in eCharge Hardy Barth Salia PLCC up to 2.3.81. Affected by this issue is some unknown functionality of the file /firmware.php of the component Web UI. Performing a manip… | |||
| CVE-2025-5836 | medium | 6.3 | 6.3 | 1y ago | A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file /goform/SetIPTVCfg of the component POST Request Handler. Th… | |||
| CVE-2025-5783 | medium | 6.3 | 6.3 | 1y ago | A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. This affects an unknown part of the file /editmyexp.php. The manipulation of the argu… | |||
| CVE-2025-5782 | medium | 6.3 | 6.3 | 1y ago | A vulnerability, which was classified as critical, has been found in PHPGurukul Employee Record Management System 1.3. Affected by this issue is some unknown functionality of the file /resetpassword.… | |||
| CVE-2025-30981 | medium | 6.3 | 6.3 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in tggfref WP-Recall allows Privilege Escalation. This issue affects WP-Recall: from n/a through 16.26.14. | |||
| CVE-2025-5145 | medium | 6.3 | 6.3 | 1y ago | A vulnerability, which was classified as critical, was found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2, NBR200V2 and POWER13 up to 20250508. This affects an unknown part of the … | |||
| CVE-2025-26940 | medium | 6.3 | 6.3 | 1y ago | Path Traversal vulnerability in NotFound Pie Register Premium. This issue affects Pie Register Premium: from n/a through 3.8.3.2. | |||
| CVE-2025-22698 | medium | 6.3 | 6.3 | 1y ago | Missing Authorization vulnerability in Ability, Inc Accessibility Suite online-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility S… | |||
| CVE-2025-14693 | medium | 6.2 | 6.2 | 6mo ago | A vulnerability has been found in Ugreen DH2100+ up to 5.3.0. This affects an unknown function of the component USB Handler. Such manipulation leads to symlink following. The attack can be executed d… | |||
| CVE-2025-12464 | medium | 6.2 | 6.2 | 7mo ago | A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems… | |||
| CVE-2025-9769 | medium | 6.2 | 6.2 | 9mo ago | A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub_478D28 of the file /mng_platform.asp. The manipulation of the argument addr with the input `echo 12345… | |||
| CVE-2025-0395 | medium | 6.2 | 6.2 | 1y ago | RHSA-2025:3828: glibc security update (Moderate) | |||
| CVE-2025-3359 | medium | 6.2 | 6.2 | 1y ago | A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal may jeopardize the environment. | |||
| CVE-2025-36148 | medium | 6.1 | 6.1 | 9d ago | IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.15 IBM Financial Transaction Manager SWIFT is vulnerable to cross-site scripting. This vulnerability allo… | |||
| CVE-2025-65954 | medium | 6.1 | 6.1 | 20d ago | SimpleSAMLphp casserver: Open Redirect in logout | |||
| CVE-2025-15345 | medium | 6.1 | 6.1 | 22d ago | The MapGeo – Interactive Geo Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'map' parameter in the display-map shortcode in all versions up to, and including, 1.6.2… | |||
| CVE-2025-65417 | medium | 6.1 | 6.1 | 24d ago | docuFORM Managed Print Service Client 11.11c is vulnerable to a reflected cross site scripting attack via the login page of the application. | |||
| CVE-2025-61310 | medium | 6.1 | 6.1 | 24d ago | A reflected cross-site scripted (XSS) vulnerability in the acc-menu_billings.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in… | |||
| CVE-2025-61309 | medium | 6.1 | 6.1 | 24d ago | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_departments.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript… | |||
| CVE-2025-61308 | medium | 6.1 | 6.1 | 24d ago | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_maintenance.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript… | |||
| CVE-2025-61307 | medium | 6.1 | 6.1 | 24d ago | A reflected cross-site scripted (XSS) vulnerability in the acc-menu_papers.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in t… | |||
| CVE-2025-61306 | medium | 6.1 | 6.1 | 24d ago | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_coveragealerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascr… | |||
| CVE-2025-61305 | medium | 6.1 | 6.1 | 24d ago | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_firmware.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in… | |||
| CVE-2025-67202 | medium | 6.1 | 6.1 | 29d ago | Sidekiq-cron is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL | |||
| CVE-2025-59854 | medium | 6.1 | 6.1 | 1mo ago | HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the outdated X-XSS-Protection header, which could allow an attacker to exploit b… | |||
| CVE-2025-31970 | medium | 6.1 | 6.1 | 1mo ago | HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability where the Content-Security-Policy does not define strict directives for object-src and base-uri, which could al… | |||
| CVE-2025-61669 | medium | 6.1 | 6.1 | 1mo ago | Jupyter Server is the backend for Jupyter web applications. In jupyter_server versions through 2.17.0, the next query parameter in the login flow is insufficiently validated in `LoginFormHandler._red… | |||
| CVE-2025-69606 | medium | 6.1 | 6.1 | 1mo ago | Cross-Site Scripting (XSS) vulnerability was discovered in the GSVoIP web panel version 2.0.90. The `msg` parameter in the `/painel/gateways.php/error` endpoint does not properly sanitize user-suppli… | |||
| CVE-2025-56537 | medium | 6.1 | 6.1 | 1mo ago | A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual… | |||
| CVE-2025-56536 | medium | 6.1 | 6.1 | 1mo ago | A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the user information parameter. | |||
| CVE-2025-56535 | medium | 6.1 | 6.1 | 1mo ago | A cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the zone attribute parameter. | |||
| CVE-2025-56534 | medium | 6.1 | 6.1 | 1mo ago | A cross-site scripting (XSS) vulnerability in the custom authenticator driver of opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | |||
| CVE-2025-10503 | medium | 6.1 | 6.1 | 1mo ago | The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the injection of malicious Java… | |||
| CVE-2025-41011 | medium | 6.1 | 6.1 | 1mo ago | HTML injection vulnerability in PHP Point of Sale v19.4. This vulnerability allows an attacker to render HTML in the victim's browser due to a lack of proper validation of user input by sending a req… | |||
| CVE-2025-65134 | medium | 6.1 | 6.1 | 2mo ago | In manikandan580 School-management-system 1.0, a reflected cross-site scripting (XSS) vulnerability exists in /studentms/admin/contact-us.php via the email POST parameter. | |||
| CVE-2025-62320 | medium | 6.1 | 6.1 | 3mo ago | HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showing it on a webpage. Because of this, an attacker may insert unwanted HTML c… | |||
| CVE-2025-70025 | medium | 6.1 | 6.1 | 3mo ago | An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in benkeen generatedata 4.0.14. | |||
| CVE-2025-36173 | medium | 6.1 | 6.1 | 3mo ago | Affected Product(s)Version(s)InfoSphere Data Architect9.2.1 | |||
| CVE-2025-15223 | medium | 6.1 | 6.1 | 5mo ago | A vulnerability was found in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d958. Impacted is an unknown function of the file /login.php. Performing manipulation of the argument… | |||
| CVE-2025-15258 | medium | 6.1 | 6.1 | 5mo ago | A weakness has been identified in Edimax BR-6208AC 1.02/1.03. Affected by this issue is the function formALGSetup of the file /goform/formALGSetup of the component Web-based Configuration Interface. … | |||
| CVE-2025-15220 | medium | 6.1 | 6.1 | 5mo ago | A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This affects the function init of the file src/main/java/com/sohu/cache/web/controller/LoginController.java. The manipulation results in… | |||
| CVE-2025-15170 | medium | 6.1 | 6.1 | 5mo ago | A security vulnerability has been detected in Advaya Softech GEMS ERP Portal up to 2.1. This affects an unknown part of the file /home.jsp?isError=true of the component Error Message Handler. The man… | |||
| CVE-2025-15145 | medium | 6.1 | 6.1 | 5mo ago | A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. This affects the function doTotalList of the file src/main/java/com/sohu/cache/web/controller/TotalManageController.java. … | |||
| CVE-2025-15144 | medium | 6.1 | 6.1 | 5mo ago | A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. The impacted element is the function dr_show_error/dr_exit_msg of the file /dayrui/Fcms/Init.php of the component JSONP Callback Handle… | |||
| CVE-2025-15094 | medium | 6.1 | 6.1 | 5mo ago | A weakness has been identified in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The impacted element is the function userLogin of the file src/main/java/com/flycms/web/front/UserCo… | |||
| CVE-2025-15093 | medium | 6.1 | 6.1 | 5mo ago | A security flaw has been discovered in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The affected element is an unknown function of the file src/main/java/com/flycms/web/system/Ind… | |||
| CVE-2025-14962 | medium | 6.1 | 6.1 | 6mo ago | A flaw has been found in code-projects Simple Stock System 1.0. The impacted element is an unknown function of the file /market/chatuser.php. This manipulation causes cross site scripting. The attack… | |||
| CVE-2025-14691 | medium | 6.1 | 6.1 | 6mo ago | A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be … | |||
| CVE-2025-14692 | medium | 6.1 | 6.1 | 6mo ago | A flaw has been found in Mayan EDMS up to 4.10.1. The impacted element is an unknown function of the file /authentication/. This manipulation causes open redirect. It is possible to initiate the atta… | |||
| CVE-2025-14580 | medium | 6.1 | 6.1 | 6mo ago | A security vulnerability has been detected in Qualitor up to 8.24.73. The impacted element is an unknown function of the file /Qualitor/html/bc/bcdocumento9/biblioteca/request/viewDocumento.php. Such… | |||
| CVE-2025-14284 | medium | 6.1 | 6.1 | 6mo ago | @tiptap/extension-link vulnerable to Cross-site Scripting (XSS) | |||
| CVE-2025-14200 | medium | 6.1 | 6.1 | 6mo ago | A vulnerability has been found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f. Affected is an unknown function of the file /usersub.php of… | |||
| CVE-2025-14007 | medium | 6.1 | 6.1 | 6mo ago | A vulnerability was detected in dayrui XunRuiCMS up to 4.7.1. This affects an unknown part of the file /admin79f2ec220c7e.php?c=api&m=demo&name=mobile of the component Domain Name Binding Page. The m… | |||
| CVE-2025-14006 | medium | 6.1 | 6.1 | 6mo ago | A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this issue is some unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page… | |||
| CVE-2025-14005 | medium | 6.1 | 6.1 | 6mo ago | A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. Affected by this vulnerability is an unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=0 of … | |||
| CVE-2025-13484 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/customer-list.php. The manipulation of the … | |||
| CVE-2025-13412 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability was determined in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_running.php. Executing a manipulatio… | |||
| CVE-2025-13244 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability was determined in code-projects Student Information System 2.0. The affected element is an unknown function of the file /register.php. This manipulation causes cross site scripting. I… | |||
| CVE-2025-11960 | medium | 6.1 | 6.1 | 7mo ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Aryom Software High Technology Systems Inc. KVKNET allows Reflected XSS. This issue affec… | |||
| CVE-2025-12335 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplier_update.php. This manipulation of the arg… | |||
| CVE-2025-12334 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/product_add.php. The manipulation of the argument prod_name/prod_desc/prod_cost r… | |||
| CVE-2025-12333 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplier_add.php. The manipulation of the argument supp_name/supp_address l… | |||
| CVE-2025-12302 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability was detected in code-projects Simple Food Ordering System 1.0. The affected element is an unknown function of the file /editproduct.php. Performing manipulation of the argument pname/… | |||
| CVE-2025-12300 | medium | 6.1 | 6.1 | 7mo ago | A weakness has been identified in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname cause… | |||
| CVE-2025-12299 | medium | 6.1 | 6.1 | 7mo ago | A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/categ… |