CVEs from 2025
Total
8,810
critical
critical 1,314
high
high 1,959
medium
medium 1,968
low
low 200
% Critical
14.9%
% with KEV
2.1%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 108
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13169 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /add_query_reserve.php. Such manipulation o… | |||
| CVE-2025-13168 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in ury-erp ury up to 0.2.0. This affects the function overrided_past_order_list of the file ury/ury/api/pos_extend.py. This manipulation of the argument search_term cau… | |||
| CVE-2025-13123 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/get_firstdate.php. Executing manipulation of the argument uid … | |||
| CVE-2025-13122 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/api_patient_checkin.php. … | |||
| CVE-2025-13076 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/usersetting.php. Executing manipulation of the argument usname can lea… | |||
| CVE-2025-13075 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/usersettingdel.php. Performing manipulation of the argument eid results in … | |||
| CVE-2025-13060 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in SourceCodester Survey Application System 1.0. This affects an unknown function of the file /view_survey.php. Such manipulation of the argument ID leads t… | |||
| CVE-2025-13059 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in SourceCodester Alumni Management System 1.0. The impacted element is an unknown function of the file /manage_career.php. This manipulation of the argument ID causes … | |||
| CVE-2025-13057 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_student. The manipulation of the argument ID l… | |||
| CVE-2025-60724 | critical | 9.8 | 9.8 | 7mo ago | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. | |||
| CVE-2025-12939 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of the file /addCandidate.php. The manipulation of th… | |||
| CVE-2025-12938 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /process_login.php. The manipulation of the argumen… | |||
| CVE-2025-12933 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument rol… | |||
| CVE-2025-12932 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=inbox. This manipulation of the argument msgid ca… | |||
| CVE-2025-12931 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument… | |||
| CVE-2025-12930 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in SourceCodester Food Ordering System 1.0. Affected is an unknown function of the file /view-ticket.php. The manipulation of the argument ID leads to sql injection. It… | |||
| CVE-2025-12929 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function save_user/update_user of the file /LoginRegistration.php. Executing manipulation of the argument fulln… | |||
| CVE-2025-12928 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in code-projects Online Job Search Engine 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument username/phone results in … | |||
| CVE-2025-12916 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3.0. Impacted is an unknown function of the file /fort/portal_login of the component Frontend. This mani… | |||
| CVE-2025-12913 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in code-projects Responsive Hotel Site 1.0. This affects an unknown part of the file /admin/roomdel.php. Executing manipulation of the argument ID can lead to sql injection. It … | |||
| CVE-2025-12873 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in Campcodes School File Management 1.0. This affects an unknown part of the file /admin/update_user.php. Performing manipulation of the argument user_id results i… | |||
| CVE-2025-12862 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by this issue is some unknown functionality of the file /dashboard/userprofile.php. Such manipulation of th… | |||
| CVE-2025-12857 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/roombook.php. Such manipulation of the argument r… | |||
| CVE-2025-12856 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/reservation.php. This manipulation of the argument email causes sql injec… | |||
| CVE-2025-12855 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in code-projects Responsive Hotel Site 1.0. This issue affects some unknown processing of the file /admin/newsletterdel.php. The manipulation of the argument eid r… | |||
| CVE-2025-12853 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affects the function delete_house of the file /admin_class.php. Executing manipulation of the argument I… | |||
| CVE-2025-12617 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in itsourcecode Billing System 1.0. This affects an unknown function of the file /admin/app/login_crud.php. Executing a manipulation of the argument Password can lead to sql inj… | |||
| CVE-2025-12614 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function delete_payment of the file /admin_class.php. This manipulation of the argument ID ca… | |||
| CVE-2025-12612 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=delete_course. The manipulation of … | |||
| CVE-2025-12608 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in itsourcecode Online Loan Management System 1.0. The affected element is an unknown function of the file /manage_user.php. Performing manipulation of the argumen… | |||
| CVE-2025-12607 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in itsourcecode Online Loan Management System 1.0. Impacted is an unknown function of the file /manage_payment.php. Such manipulation of the argument ID leads to sql in… | |||
| CVE-2025-12606 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in itsourcecode Online Loan Management System 1.0. This issue affects some unknown processing of the file /manage_borrower.php. This manipulation of the argument ID cau… | |||
| CVE-2025-12605 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in itsourcecode Online Loan Management System 1.0. This vulnerability affects unknown code of the file /manage_loan.php. The manipulation of the argument ID results in sql i… | |||
| CVE-2025-12604 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in itsourcecode Online Loan Management System 1.0. This affects an unknown part of the file /load_fields.php. The manipulation of the argument loan_id leads to sql inje… | |||
| CVE-2025-12598 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function save_tenant of the file /admin_class.php. Executing manipulation of the argumen… | |||
| CVE-2025-12597 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function save_category of the file /admin_class.php. Performing manipulat… | |||
| CVE-2025-12378 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument p… | |||
| CVE-2025-12339 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in Campcodes Retro Basketball Shoes Online Store 1.0. This issue affects some unknown processing of the file /admin/admin_football.php. The manipulation of … | |||
| CVE-2025-12338 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. This vulnerability affects unknown code of the file /admin/admin_product.ph. Executing a manipulation of the argum… | |||
| CVE-2025-12337 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in Campcodes Retro Basketball Shoes Online Store 1.0. This affects an unknown part of the file /admin/admin_feature.php. Performing a manipulation of the argument … | |||
| CVE-2025-12336 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_index.php. Such manipulation of the … | |||
| CVE-2025-12325 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/forgot-password.php. The manipulation of the argument email leads to… | |||
| CVE-2025-12316 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in code-projects Courier Management System 1.0. This impacts an unknown function of the file /courier/edit-courier.php. The manipulation of the argument OfficeName lead… | |||
| CVE-2025-12315 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to … | |||
| CVE-2025-12314 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in code-projects Food Ordering System 1.0. The impacted element is an unknown function of the file /admin/deleteitem.php. Performing a manipulation of the argument itemID re… | |||
| CVE-2025-12313 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /msp_info.htm. Such manipulation of the argument cmd leads to comm… | |||
| CVE-2025-12309 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in code-projects Nero Social Networking Site 1.0. This affects an unknown part of the file /friendprofile.php. Executing manipulation of the argument ID can lead to sql… | |||
| CVE-2025-12308 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in code-projects Nero Social Networking Site 1.0. Affected by this issue is some unknown functionality of the file /deletemessage.php. Performing manipulation of t… | |||
| CVE-2025-12307 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in code-projects Nero Social Networking Site 1.0. Affected by this vulnerability is an unknown functionality of the file /addfriend.php. Such manipulation of the argume… | |||
| CVE-2025-12306 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in code-projects Nero Social Networking Site 1.0. Affected is an unknown function of the file /acceptoffres.php. This manipulation of the argument ID causes sql injecti… | |||
| CVE-2025-12305 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in quequnlong shiyi-blog up to 1.2.1. This impacts an unknown function of the file src/main/java/com/mojian/controller/SysJobController.java of the component Job Handler. Th… | |||
| CVE-2025-12301 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /editproduct.php. Such manipulation of the argument photo lead… | |||
| CVE-2025-12296 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub_4174B0 of the component Firmware Update Handler. The manipulation leads to os command … | |||
| CVE-2025-12294 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in SourceCodester Point of Sales 1.0. Impacted is an unknown function of the file /delete_category.php. Performing manipulation of the argument ID results in sql i… | |||
| CVE-2025-12293 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in SourceCodester Point of Sales 1.0. This issue affects some unknown processing of the file /category.php. Such manipulation of the argument Category leads to sql inje… | |||
| CVE-2025-12292 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in SourceCodester Point of Sales 1.0. This vulnerability affects unknown code of the file /index.php. This manipulation of the argument Username causes sql injection. I… | |||
| CVE-2025-12268 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. Impacted is an unknown function of the file /api/v1/courses/ of the component Course Thumbnail Handler. Th… | |||
| CVE-2025-12257 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in SourceCodester Online Student Result System 1.0. This issue affects some unknown processing of the file /view_result.php. The manipulation of the argumen… | |||
| CVE-2025-12253 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/get_expiredtime.php. This manipulation… | |||
| CVE-2025-12237 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /index.php. Such manipulation of the argument keywords leads to sql… | |||
| CVE-2025-12226 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Impacted is the function save_house of the file /admin_class.php. Performing manipulation of the argument house_no… | |||
| CVE-2025-12215 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /login_submit.php. Executing a manipulation of the argument keywords can lead to sql inj… | |||
| CVE-2025-12208 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in SourceCodester Best House Rental Management System 1.0. This impacts the function login2 of the file /admin_class.php. Performing manipulation of the argument Username re… | |||
| CVE-2025-59007 | critical | 9.8 | 9.8 | 8mo ago | Deserialization of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For Elementor tf-woo-product-grid allows Object Injection.This issue affects TF Woo Product Grid Addon For Elem… | |||
| CVE-2025-49380 | critical | 9.8 | 9.8 | 8mo ago | Deserialization of Untrusted Data vulnerability in wpinstinct WooCommerce Vehicle Parts Finder woo-vehicle-parts-finder allows Object Injection.This issue affects WooCommerce Vehicle Parts Finder: fr… | |||
| CVE-2025-11943 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in 70mai X200 up to 20251010. Affected by this vulnerability is an unknown functionality of the component HTTP Web Server. The manipulation leads to use of default cred… | |||
| CVE-2025-11942 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the a… | |||
| CVE-2025-11736 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in itsourcecode Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /index.php. This manipulation of the argument Username causes sql… | |||
| CVE-2025-11664 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in Campcodes Online Beauty Parlor Management System 1.0. The impacted element is an unknown function of the file /admin/search-appointment.php. Such manipul… | |||
| CVE-2025-11662 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. Impacted is an unknown function of the file /booking.php. The manipulation of the argument serv_id results in s… | |||
| CVE-2025-11661 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown part. Performing manipulation results in missing auth… | |||
| CVE-2025-11660 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this issue is some unknown functionality of the file /assets… | |||
| CVE-2025-11659 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this vulnerability is an unknown functionality of the file /assets/up… | |||
| CVE-2025-11658 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected is an unknown function of the file /assets/changeSllyabus.php. Th… | |||
| CVE-2025-11657 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This impacts an unknown function of the file /assets/createN… | |||
| CVE-2025-11656 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown function of the file /assets/editNotes.php. Exec… | |||
| CVE-2025-11630 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in RainyGao DocSys up to 2.02.36. Affected is the function updateRealDoc of the file /Doc/uploadDoc.do of the component File Upload. Performing manipulation of the argument … | |||
| CVE-2025-11629 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in RainyGao DocSys up to 2.02.36. This impacts the function getUserList of the file /Manage/getUserList.do. Such manipulation leads to sql injection. It is possible to … | |||
| CVE-2025-11615 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add_invoice.php. Performing manipulation of the argument Servic… | |||
| CVE-2025-11614 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /panel/edit-appointment.php. Such manipulation of t… | |||
| CVE-2025-11608 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation … | |||
| CVE-2025-11604 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status cause… | |||
| CVE-2025-11601 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in SourceCodester Online Student Result System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. Performing manipulation of the argu… | |||
| CVE-2025-11599 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in Campcodes Online Apartment Visitor Management System 1.0. This impacts an unknown function of the file /forgot-password.php. This manipulation of the argument email … | |||
| CVE-2025-11597 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/product_add_qty.php. The manipulation of the argument prod_id le… | |||
| CVE-2025-11596 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/delete_order_details.php. Executing manipulation of the argument… | |||
| CVE-2025-11595 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown function of the file /admin-profile.php. Performing a manipulation of the argument mobile… | |||
| CVE-2025-11585 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql in… | |||
| CVE-2025-11584 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in code-projects Online Job Search Engine 1.0. The affected element is an unknown function of the file /searchjob.php. The manipulation of the argument txtspecializatio… | |||
| CVE-2025-11583 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in code-projects Online Job Search Engine 1.0. Impacted is an unknown function of the file /postjob.php. Executing manipulation of the argument txtjobID can lead to sql injectio… | |||
| CVE-2025-11582 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in code-projects Online Job Search Engine 1.0. This issue affects some unknown processing of the file /registration.php. Performing manipulation of the argument txtuserna… | |||
| CVE-2025-11558 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/user_index_search.php. Performing manipulation of the argument Search results in … | |||
| CVE-2025-11557 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads… | |||
| CVE-2025-11556 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote ex… | |||
| CVE-2025-11555 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in Campcodes Online Learning Management System 1.0. This affects an unknown part of the file /admin/calendar_of_events.php. The manipulation of the argument date_start re… | |||
| CVE-2025-11553 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the a… | |||
| CVE-2025-11551 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa ca… | |||
| CVE-2025-11529 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The… | |||
| CVE-2025-11513 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/supplier_update.php. This manipulation of the argument supp_id causes sql injec… | |||
| CVE-2025-11511 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplier_add.php. Executing manipulation of the argument supp_email can lead to sql i… |