CVEs from 2025
Total
8,944
critical
critical 1,359
high
high 2,043
medium
medium 2,031
low
low 202
% Critical
15.2%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 108
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-11664 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in Campcodes Online Beauty Parlor Management System 1.0. The impacted element is an unknown function of the file /admin/search-appointment.php. Such manipul… | |||
| CVE-2025-11662 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. Impacted is an unknown function of the file /booking.php. The manipulation of the argument serv_id results in s… | |||
| CVE-2025-11661 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown part. Performing manipulation results in missing auth… | |||
| CVE-2025-11660 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this issue is some unknown functionality of the file /assets… | |||
| CVE-2025-11659 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this vulnerability is an unknown functionality of the file /assets/up… | |||
| CVE-2025-11658 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected is an unknown function of the file /assets/changeSllyabus.php. Th… | |||
| CVE-2025-11657 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This impacts an unknown function of the file /assets/createN… | |||
| CVE-2025-11656 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown function of the file /assets/editNotes.php. Exec… | |||
| CVE-2025-11630 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in RainyGao DocSys up to 2.02.36. Affected is the function updateRealDoc of the file /Doc/uploadDoc.do of the component File Upload. Performing manipulation of the argument … | |||
| CVE-2025-11629 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in RainyGao DocSys up to 2.02.36. This impacts the function getUserList of the file /Manage/getUserList.do. Such manipulation leads to sql injection. It is possible to … | |||
| CVE-2025-11615 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add_invoice.php. Performing manipulation of the argument Servic… | |||
| CVE-2025-11614 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /panel/edit-appointment.php. Such manipulation of t… | |||
| CVE-2025-11608 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation … | |||
| CVE-2025-11604 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status cause… | |||
| CVE-2025-11601 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in SourceCodester Online Student Result System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. Performing manipulation of the argu… | |||
| CVE-2025-11599 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in Campcodes Online Apartment Visitor Management System 1.0. This impacts an unknown function of the file /forgot-password.php. This manipulation of the argument email … | |||
| CVE-2025-11597 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/product_add_qty.php. The manipulation of the argument prod_id le… | |||
| CVE-2025-11596 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/delete_order_details.php. Executing manipulation of the argument… | |||
| CVE-2025-11595 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown function of the file /admin-profile.php. Performing a manipulation of the argument mobile… | |||
| CVE-2025-11585 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql in… | |||
| CVE-2025-11584 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in code-projects Online Job Search Engine 1.0. The affected element is an unknown function of the file /searchjob.php. The manipulation of the argument txtspecializatio… | |||
| CVE-2025-11583 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in code-projects Online Job Search Engine 1.0. Impacted is an unknown function of the file /postjob.php. Executing manipulation of the argument txtjobID can lead to sql injectio… | |||
| CVE-2025-11582 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in code-projects Online Job Search Engine 1.0. This issue affects some unknown processing of the file /registration.php. Performing manipulation of the argument txtuserna… | |||
| CVE-2025-11558 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/user_index_search.php. Performing manipulation of the argument Search results in … | |||
| CVE-2025-11557 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads… | |||
| CVE-2025-11556 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote ex… | |||
| CVE-2025-11555 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in Campcodes Online Learning Management System 1.0. This affects an unknown part of the file /admin/calendar_of_events.php. The manipulation of the argument date_start re… | |||
| CVE-2025-11553 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the a… | |||
| CVE-2025-11551 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa ca… | |||
| CVE-2025-11529 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The… | |||
| CVE-2025-11513 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/supplier_update.php. This manipulation of the argument supp_id causes sql injec… | |||
| CVE-2025-11511 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplier_add.php. Executing manipulation of the argument supp_email can lead to sql i… | |||
| CVE-2025-11509 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/product_add.php. Performing manipulation of the argument prod_name results in… | |||
| CVE-2025-11508 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in code-projects Voting System 1.0. This affects an unknown function of the file /admin/voters_add.php. Such manipulation of the argument photo leads to unr… | |||
| CVE-2025-11507 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argumen… | |||
| CVE-2025-11506 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. The affected element is an unknown function of the file /admin/search-appointment.php. The manipulation of the … | |||
| CVE-2025-11505 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads… | |||
| CVE-2025-11503 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in PHPGurukul Beauty Parlour Management System 1.1. This issue affects some unknown processing of the file /admin/manage-services.php. Executing a manipulation of the a… | |||
| CVE-2025-11491 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in … | |||
| CVE-2025-11490 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected element is the function extractBaseCommand of the file src/command-manager.ts of the component Absolute P… | |||
| CVE-2025-11487 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in SourceCodester Farm Management System 1.0. Affected by this issue is some unknown functionality of the file /uploadProduct.php. Performing manipulation of the a… | |||
| CVE-2025-11486 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in SourceCodester Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /buyNow.php. Such manipulation of the argument Name… | |||
| CVE-2025-11481 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in varunsardana004 Blood-Bank-And-Donation-Management-System up to dc9e0393d826fbc85fad9755b5bc12cba1919df2. The impacted element is an unknown function of the file /donate_bloo… | |||
| CVE-2025-11480 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument register… | |||
| CVE-2025-11479 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in SourceCodester Wedding Reservation Management System 1.0. Impacted is the function insertReservation of the file function.php. Such manipulation of the a… | |||
| CVE-2025-11477 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in SourceCodester Wedding Reservation Management System 1.0. This vulnerability affects unknown code of the file /global.php. The manipulation of the argument User… | |||
| CVE-2025-11476 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument login_username leads to sql inj… | |||
| CVE-2025-11475 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /view_member.php. Executing a manipulation of … | |||
| CVE-2025-11474 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_booking.php. Performing manipulation of… | |||
| CVE-2025-11473 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /edit_curr.php. Such manipulation of the argument currsymbol leads … | |||
| CVE-2025-11472 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /edit_room.php. This manipulation of the argument ID causes sql injection. … | |||
| CVE-2025-11471 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /edit_customer.php. The manipulation of the argument ID results in s… | |||
| CVE-2025-11469 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/save_customer.php. Executing manipulation of the… | |||
| CVE-2025-11434 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in itsourcecode Student Transcript Processing System 1.0. Affected is an unknown function of the file /login.php. Executing a manipulation of the argument uname can lea… | |||
| CVE-2025-11432 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in itsourcecode Leave Management System 1.0. This affects an unknown function of the file /reset.php. Such manipulation of the argument employid leads to sql injection.… | |||
| CVE-2025-11431 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. The impacted element is an unknown function of the file /transaction.php. This manipulation of the argument sho… | |||
| CVE-2025-11430 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /cart.php. The manipulation of the argument remove results in sql … | |||
| CVE-2025-11424 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. This impacts an unknown function of the file /login.php. Executing manipulation of the argument emailid can lea… | |||
| CVE-2025-11422 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in Campcodes Advanced Online Voting Management System 1.0. The impacted element is an unknown function of the file /admin/login.php. Such manipulation of the argument U… | |||
| CVE-2025-11420 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/edit_order_details.php. The manipulation of the argument order_id results in s… | |||
| CVE-2025-11416 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/invoices.php. Performing a manipulation of the argument delid r… | |||
| CVE-2025-11415 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/customer-list.php. Such manipulation of the … | |||
| CVE-2025-11407 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function of the file /upgrade_filter.asp. This manipulation of the argument path causes os command injection. … | |||
| CVE-2025-11405 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in SourceCodester Hotel and Lodge Management System 1.0. This vulnerability affects unknown code of the file /del_tax.php. The manipulation of the argument ID leads to … | |||
| CVE-2025-11404 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown part of the file /pages/save_tax.php. Executing manipulation of the argument percentage… | |||
| CVE-2025-11403 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this issue is some unknown functionality of the file /del_booking.php. Performing manipulation of the ar… | |||
| CVE-2025-11402 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /del_curr.php. Such manipulation of the … | |||
| CVE-2025-11401 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /pages/save_curr.php. This manipulation of the argument currcode causes sql … | |||
| CVE-2025-11400 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /del_room.php. The manipulation of the argument ID results in sql in… | |||
| CVE-2025-11399 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /pages/save_room.php. The manipulation of the argument… | |||
| CVE-2025-11397 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /login.php. Performing manipulation of the argumen… | |||
| CVE-2025-11396 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /product.php. Such manipulation of the argument Category leads to sql inje… | |||
| CVE-2025-11354 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in code-projects Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/addslideexec.php. Executing manipulation of the argument image can lead … | |||
| CVE-2025-11350 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in Campcodes Online Apartment Visitor Management System 1.0. The affected element is an unknown function of the file /bwdates-reports-details.php. The manipulation… | |||
| CVE-2025-11349 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown function of the file /search-visitor.php. The manipulation of the argument searchdat… | |||
| CVE-2025-11348 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in Campcodes Online Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /index.php. Executing a manipulation of the argument… | |||
| CVE-2025-11347 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function move_uploaded_file of the file add.php of the component Add Student Page/Edit Stud… | |||
| CVE-2025-11342 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in code-projects Online Course Registration 1.0. This impacts an unknown function of the file /admin/edit-course.php. Executing manipulation of the argument coursecode … | |||
| CVE-2025-11341 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in Jinher OA up to 2.0. This affects an unknown function of the file /c6/Jhsoft.Web.module/eformaspx/WebDesign.aspx/?type=SystemUserInfo&style=1. Performing manipu… | |||
| CVE-2025-11334 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in Campcodes Online Apartment Visitor Management System 1.0. Affected is an unknown function of the file /visitor-detail.php. The manipulation of the argument edit… | |||
| CVE-2025-11329 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in code-projects Online Course Registration 1.0. Impacted is an unknown function of the file /admin/manage-students.php. This manipulation of the argument ID causes sql injectio… | |||
| CVE-2025-11318 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This vulnerability affects unknown code of the file uploadWxFile.do. The manipulation of the … | |||
| CVE-2025-11317 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findRolePage of the file findSingConfigPage.do. The manipulation of the … | |||
| CVE-2025-11316 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected by this issue is the function findCategoryPage of the file findCategoryPage.do. Executing… | |||
| CVE-2025-11315 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected by this vulnerability is the function findUserPage of the file findUserPage.do. Performing man… | |||
| CVE-2025-11314 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected is the function findRolePage of the file findSingConfigPage.do. Such manipulation of the … | |||
| CVE-2025-11313 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation of the argument sort … | |||
| CVE-2025-11312 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findModulePage of the file findModulePage.do. The manipulation of the argu… | |||
| CVE-2025-11311 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. The impacted element is the function findTenantPage of the file findTenantPage.do. The… | |||
| CVE-2025-11310 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. The affected element is the function findFileServerPage of the file findFileServerPage.do. Executi… | |||
| CVE-2025-11309 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Impacted is the function doFilter of the file findDeptPage.do. Performing manipulation of the… | |||
| CVE-2025-11287 | critical | 9.8 | 9.8 | 8mo ago | MCPHub has an Improper Authorization vulnerability via its handleSseConnection function | |||
| CVE-2025-56513 | critical | 9.8 | 9.8 | 8mo ago | NiceHash QuickMiner 6.12.0 perform software updates over HTTP without validating digital signatures or hash checks. An attacker capable of intercepting or redirecting traffic to the update url and ca… | |||
| CVE-2025-11140 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is the function openForm of the component com.artery.richclient.RichClientService. Such manipulation of … | |||
| CVE-2025-11139 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in Bjskzy Zhiyou ERP up to 11.0. Affected is the function uploadStudioFile of the component com.artery.form.services.FormStudioUpdater. This manipulation of the argumen… | |||
| CVE-2025-11118 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in CodeAstro Student Grading System 1.0. This issue affects some unknown processing of the file /adminLogin.php. Such manipulation of the argument staffId leads to sql … | |||
| CVE-2025-11116 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in code-projects Simple Scheduling System 1.0. This affects an unknown part of the file /add.home.php. The manipulation of the argument faculty results in sql injection. The… | |||
| CVE-2025-11115 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in code-projects Simple Scheduling System 1.0. Affected by this issue is some unknown functionality of the file /addtime.php. The manipulation of the argument starttime… | |||
| CVE-2025-11111 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in Campcodes Advanced Online Voting Management System 1.0. This affects an unknown function of the file /admin/candidates_edit.php. This manipulation of the argument ID… | |||
| CVE-2025-11110 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/school_year.php. The manipulation of the argumen… |