CVEs from 2025
Total
8,951
critical
critical 1,361
high
high 2,043
medium
medium 2,040
low
low 203
% Critical
15.2%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 110
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-9766 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was found in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/facilitator.php. Performing manipulation of the argument code re… | |||
| CVE-2025-9765 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability has been found in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/tournament_details.php. Such manipulation of the argument I… | |||
| CVE-2025-9764 | critical | 9.8 | 9.8 | 9mo ago | A flaw has been found in itsourcecode Sports Management System 1.0. Impacted is an unknown function of the file /Admin/resultdetails.php. This manipulation of the argument ID causes sql injection. Th… | |||
| CVE-2025-9763 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was detected in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /student_signup.php. The manipulation of the argument Username … | |||
| CVE-2025-9761 | critical | 9.8 | 9.8 | 9mo ago | A security vulnerability has been detected in Campcodes Online Feeds Product Inventory System 1.0. This vulnerability affects unknown code of the file /feeds/index.php of the component Login. The man… | |||
| CVE-2025-9759 | critical | 9.8 | 9.8 | 9mo ago | A security flaw has been discovered in Campcodes/SourceCodester Courier Management System 1.0. Affected by this issue is the function Signup of the file /ajax.php. Performing manipulation of the argu… | |||
| CVE-2025-9758 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was identified in deepakmisal24 Chemical Inventory Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /inventory_form.php. Such manipu… | |||
| CVE-2025-9757 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was determined in Campcodes/SourceCodester Courier Management System 1.0. Affected is the function Login of the file /ajax.php. This manipulation of the argument email causes sql inje… | |||
| CVE-2025-9752 | critical | 9.8 | 9.8 | 9mo ago | A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgi_main of the file soap.cgi of the component SOAP Service. Such manipulation of the argument se… | |||
| CVE-2025-9751 | critical | 9.8 | 9.8 | 9mo ago | A weakness has been identified in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /login.php. This manipulation of the argument Username causes… | |||
| CVE-2025-9750 | critical | 9.8 | 9.8 | 9mo ago | A security flaw has been discovered in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument Username… | |||
| CVE-2025-9749 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was identified in HKritesh009 Grocery List Management Web App up to f491b681eb70d465f445c9a721415c965190f83b. This affects an unknown part of the file /src/update.php. The manipulatio… | |||
| CVE-2025-9744 | critical | 9.8 | 9.8 | 9mo ago | A weakness has been identified in Campcodes Online Loan Management System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Executing manipulation of the argument U… | |||
| CVE-2025-9743 | critical | 9.8 | 9.8 | 9mo ago | A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file login_attendance2.php. Performing manipulation of the argument e… | |||
| CVE-2025-9740 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was found in code-projects Human Resource Integrated System 1.0. This affects an unknown part of the file /log_query.php. The manipulation of the argument ID results in sql injection.… | |||
| CVE-2025-9739 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability has been found in Campcodes Online Water Billing System 1.0. Affected by this issue is some unknown functionality of the file /process.php. The manipulation of the argument Username l… | |||
| CVE-2025-9733 | critical | 9.8 | 9.8 | 9mo ago | A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. This impacts an unknown function of the file /login_timeee.php. Performing manipulation of the argument emp_… | |||
| CVE-2025-9730 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was found in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /ajax/updateProfile.php. The manipulation of the argument user_id re… | |||
| CVE-2025-9729 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was detected in PHPGurukul Online Course Registration 3.1. This vulnerability affects unknown code of the file /admin/student-registration.php. Performing manipulation of the argument… | |||
| CVE-2025-9727 | critical | 9.8 | 9.8 | 9mo ago | A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgi_main of the file /soap.cgi. This manipulation of the argument service causes os command inject… | |||
| CVE-2025-9726 | critical | 9.8 | 9.8 | 9mo ago | A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /review.php. The manipulation of the argument pid r… | |||
| CVE-2025-9706 | critical | 9.8 | 9.8 | 9mo ago | A security vulnerability has been detected in SourceCodester Water Billing System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit.php. Such manipulation of the argum… | |||
| CVE-2025-9705 | critical | 9.8 | 9.8 | 9mo ago | A weakness has been identified in SourceCodester Water Billing System 1.0. Affected is an unknown function of the file /paybill.php. This manipulation of the argument ID causes sql injection. Remote … | |||
| CVE-2025-9704 | critical | 9.8 | 9.8 | 9mo ago | A security flaw has been discovered in SourceCodester Water Billing System 1.0. This impacts an unknown function of the file /viewbill.php. The manipulation of the argument ID results in sql injectio… | |||
| CVE-2025-9702 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was identified in SourceCodester Simple Cafe Billing System 1.0. This affects an unknown function of the file /sales_report.php. The manipulation of the argument month leads to sql in… | |||
| CVE-2025-9701 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was determined in SourceCodester Simple Cafe Billing System 1.0. The impacted element is an unknown function of the file /receipt.php. Executing manipulation of the argument ID can le… | |||
| CVE-2025-9700 | critical | 9.8 | 9.8 | 9mo ago | A flaw has been found in SourceCodester Online Book Store 1.0. This issue affects some unknown processing of the file /publisher_list.php. This manipulation of the argument pubid causes sql injection… | |||
| CVE-2025-9699 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was detected in SourceCodester Online Polling System Code 1.0. This vulnerability affects unknown code of the file /admin/checklogin.php. The manipulation of the argument myusername r… | |||
| CVE-2025-9694 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was determined in Campcodes Advanced Online Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. Executing manipulation of the a… | |||
| CVE-2025-9692 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was found in Campcodes Online Shopping System 1.0. Affected is an unknown function of the file /product.php. Performing manipulation of the argument p results in sql injection. The at… | |||
| CVE-2025-9691 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability has been found in Campcodes Online Shopping System 1.0. This impacts an unknown function of the file /login.php. Such manipulation of the argument Password leads to sql injection. The… | |||
| CVE-2025-9679 | critical | 9.8 | 9.8 | 9mo ago | A security vulnerability has been detected in itsourcecode Student Information System 1.0. This affects an unknown function of the file /course_edit1.php. Such manipulation of the argument ID leads t… | |||
| CVE-2025-9678 | critical | 9.8 | 9.8 | 9mo ago | A weakness has been identified in Campcodes Online Loan Management System 1.0. The impacted element is an unknown function of the file /ajax.php?action=delete_borrower. This manipulation of the argum… | |||
| CVE-2025-9669 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability has been found in Jinher OA 1.0. This issue affects some unknown processing of the file GetTreeDate.aspx. The manipulation of the argument ID leads to sql injection. Remote exploitati… | |||
| CVE-2025-9662 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was determined in code-projects Simple Grading System 1.0. This affects an unknown function of the file /login.php of the component Admin Panel. Executing manipulation can lead to sql… | |||
| CVE-2025-9660 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was found in SourceCodester Bakeshop Online Ordering System 1.0. The impacted element is an unknown function of the file /passwordrecover.php. Performing manipulation of the argument … | |||
| CVE-2025-9645 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was identified in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /t_dashboard/r_all_info.php. The manipulation of the argument mid leads to sql… | |||
| CVE-2025-9644 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was determined in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /setting/bill_setup.php. Executing manipulation of the… | |||
| CVE-2025-9643 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was found in itsourcecode Apartment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /setting/utility_bill_setup.php. Performing manipulat… | |||
| CVE-2025-9610 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /create_account.php. This manipulation of the argument fname ca… | |||
| CVE-2025-9603 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Ho… | |||
| CVE-2025-9601 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was detected in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /setting/employee_salary_setup.php. The manipulation of the argument ddlEmpName … | |||
| CVE-2025-9600 | critical | 9.8 | 9.8 | 9mo ago | A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /setting/member_type_setup.php. The manipu… | |||
| CVE-2025-9599 | critical | 9.8 | 9.8 | 9mo ago | A weakness has been identified in itsourcecode Apartment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /setting/month_setup.php. Executing manipulation… | |||
| CVE-2025-9598 | critical | 9.8 | 9.8 | 9mo ago | A security flaw has been discovered in itsourcecode Apartment Management System 1.0. Affected is an unknown function of the file /setting/year_setup.php. Performing manipulation of the argument txtXY… | |||
| CVE-2025-9597 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was identified in itsourcecode Apartment Management System 1.0. This impacts an unknown function of the file /o_dashboard/rented_all_info.php. Such manipulation of the argument uid le… | |||
| CVE-2025-9596 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /login.php. This manipulation of the argument User causes sql injection. It i… | |||
| CVE-2025-9594 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability has been found in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /report/complain_info.php. The manipulation of the argument vid… | |||
| CVE-2025-9593 | critical | 9.8 | 9.8 | 9mo ago | A flaw has been found in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/unit_status_info.php. Executing manipulation of the argument usid can lead t… | |||
| CVE-2025-9592 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was detected in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/bill_info.php. Performing manipulation of the argument vid… | |||
| CVE-2025-9582 | critical | 9.8 | 9.8 | 9mo ago | A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntp_timezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The att… | |||
| CVE-2025-9581 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multi_pppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phy_interface results in command injec… | |||
| CVE-2025-34523 | critical | 9.8 | 9.8 | 9mo ago | A heap-based buffer overflow vulnerability exists in the network-facing input handling routines of Arcserve Unified Data Protection (UDP). This flaw is reachable without authentication and results fr… | |||
| CVE-2025-9533 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown function of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads… | |||
| CVE-2025-9511 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was identified in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /visitor/addvisitor.php. Such manipulation of the argument ID leads… | |||
| CVE-2025-9510 | critical | 9.8 | 9.8 | 9mo ago | A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /branch/addbranch.php. The manipulation of the argu… | |||
| CVE-2025-9509 | critical | 9.8 | 9.8 | 9mo ago | A security flaw has been discovered in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/fair_info_all.php. Performing manipulation of the a… | |||
| CVE-2025-9508 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was detected in itsourcecode Apartment Management System 1.0. The impacted element is an unknown function of the file /report/rented_info.php. The manipulation of the argument rsid re… | |||
| CVE-2025-9507 | critical | 9.8 | 9.8 | 9mo ago | A weakness has been identified in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/visitor_info.php. Executing manipulation of the argument vid can le… | |||
| CVE-2025-9506 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability has been found in Campcodes Online Loan Management System 1.0. This affects an unknown part of the file /ajax.php?action=delete_plan. Such manipulation of the argument ID leads to sql… | |||
| CVE-2025-9505 | critical | 9.8 | 9.8 | 9mo ago | A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_loan_type. This manipulation of the argume… | |||
| CVE-2025-9504 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was detected in Campcodes Online Loan Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_plan. The manipulation of the… | |||
| CVE-2025-9503 | critical | 9.8 | 9.8 | 9mo ago | A security vulnerability has been detected in Campcodes Online Loan Management System 1.0. Affected is an unknown function of the file /ajax.php?action=save_borrower. The manipulation of the argument… | |||
| CVE-2025-9502 | critical | 9.8 | 9.8 | 9mo ago | A weakness has been identified in Campcodes Online Loan Management System 1.0. This impacts an unknown function of the file /ajax.php?action=save_payment. Executing manipulation of the argument loan_… | |||
| CVE-2025-9492 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was determined in Campcodes Online Water Billing System 1.0. This affects an unknown function of the file /addclient1.php. Executing manipulation of the argument lname can lead to sql… | |||
| CVE-2025-9476 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability has been found in SourceCodester Human Resource Information System 1.0. Affected by this issue is some unknown functionality of the file /Superadmin_Dashboard/process/editemployee_pro… | |||
| CVE-2025-9475 | critical | 9.8 | 9.8 | 9mo ago | A flaw has been found in SourceCodester Human Resource Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /Admin_Dashboard/process/editemployee_process.php… | |||
| CVE-2025-9473 | critical | 9.8 | 9.8 | 9mo ago | A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. This impacts an unknown function of the file /feedback.php. The manipulation of the argument msg leads … | |||
| CVE-2025-9472 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was found in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /owner_utility/add_owner_utility.php. The manipulation of the argumen… | |||
| CVE-2025-9471 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability has been found in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /maintenance/add_maintenance_cost.php. The manipulation of the argu… | |||
| CVE-2025-9470 | critical | 9.8 | 9.8 | 9mo ago | A flaw has been found in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /management/add_m_committee.php. Executing manipulation of the argument ID can lead to … | |||
| CVE-2025-9469 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was detected in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /fund/add_fund.php. Performing manipulation of the argum… | |||
| CVE-2025-9468 | critical | 9.8 | 9.8 | 9mo ago | A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /bill/add_bill.php. Such manipulatio… | |||
| CVE-2025-9444 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown processing of the file /admin/controller/delete_group_studen… | |||
| CVE-2025-9426 | critical | 9.8 | 9.8 | 9mo ago | A weakness has been identified in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /package.php. Executing manipulation of the argument subcatid can… | |||
| CVE-2025-9425 | critical | 9.8 | 9.8 | 9mo ago | A security flaw has been discovered in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /enquiry.php. Performing manipulatio… | |||
| CVE-2025-9424 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was identified in Ruijie WS7204-A 2017.06.15. Affected by this vulnerability is an unknown functionality of the file /itbox_pi/branch_import.php?a=branch_list. Such manipulation of th… | |||
| CVE-2025-9423 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was determined in Campcodes Online Water Billing System 1.0. Affected is an unknown function of the file /editecex.php. This manipulation of the argument ID causes sql injection. Remo… | |||
| CVE-2025-9421 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability has been found in itsourcecode Apartment Management System 1.0. This affects an unknown function of the file /complain/addcomplain.php. The manipulation of the argument ID leads to sq… | |||
| CVE-2025-9420 | critical | 9.8 | 9.8 | 9mo ago | A flaw has been found in itsourcecode Apartment Management System 1.0. The impacted element is an unknown function of the file /floor/addfloor.php. Executing manipulation of the argument hdnid can le… | |||
| CVE-2025-9419 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was detected in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /unit/addunit.php. Performing manipulation of the argument ID res… | |||
| CVE-2025-9418 | critical | 9.8 | 9.8 | 9mo ago | A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /owner/addowner.php. Such manipulation of the argument ID leads… | |||
| CVE-2025-9415 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation of the argument upload[] leads to unrest… | |||
| CVE-2025-9413 | critical | 9.8 | 9.8 | 9mo ago | A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts the function SelectListByPage of the file modules/system/system_router.go. This manipulation of the argument orderByColumn/isAsc … | |||
| CVE-2025-9412 | critical | 9.8 | 9.8 | 9mo ago | A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColum… | |||
| CVE-2025-9411 | critical | 9.8 | 9.8 | 9mo ago | A security vulnerability has been detected in lostvip-com ruoyi-go up to 2.1. The impacted element is the function SelectPageList of the file modules/system/service/LoginInforService.go. The manipula… | |||
| CVE-2025-9410 | critical | 9.8 | 9.8 | 9mo ago | A weakness has been identified in lostvip-com ruoyi-go up to 2.1. The affected element is the function SelectListByPage of the file modules/system/dao/GenTableDao.go. Executing manipulation of the ar… | |||
| CVE-2025-9406 | critical | 9.8 | 9.8 | 10mo ago | A weakness has been identified in xuhuisheng lemon up to 1.13.0. This affects the function uploadImage of the file CmsArticleController.java of the component com.mossle.cms.web.CmsArticleController.u… | |||
| CVE-2025-9397 | critical | 9.8 | 9.8 | 10mo ago | A weakness has been identified in givanz Vvveb up to 1.0.7.2. Affected is an unknown function of the file /system/traits/media.php. Executing manipulation of the argument files[] can lead to unrestri… | |||
| CVE-2025-9391 | critical | 9.8 | 9.8 | 10mo ago | A weakness has been identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this issue is the function getFieldValue of the component com.artery.workflow.ServiceImpl. This manipulation of the argumen… | |||
| CVE-2025-9387 | critical | 9.8 | 9.8 | 10mo ago | A vulnerability was found in DCN DCME-720 9.1.5.11. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ip_block.php of the component Web Management Backend. Perf… | |||
| CVE-2025-9311 | critical | 9.8 | 9.8 | 10mo ago | A vulnerability was identified in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /fair/addfair.php. The manipulation of the argument ID… | |||
| CVE-2025-9307 | critical | 9.8 | 9.8 | 10mo ago | A flaw has been found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /admin/session.php. This manipulation of the argument sesssion causes sql injection. T… | |||
| CVE-2025-9305 | critical | 9.8 | 9.8 | 10mo ago | A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. The affected element is an unknown function of the file /bank/mnotice.php. The manipulation of the argu… | |||
| CVE-2025-9304 | critical | 9.8 | 9.8 | 10mo ago | A weakness has been identified in SourceCodester Online Bank Management System 1.0. Impacted is an unknown function of the file /bank/show.php. Executing manipulation of the argument ID can lead to s… | |||
| CVE-2025-9302 | critical | 9.8 | 9.8 | 10mo ago | A vulnerability was identified in PHPGurukul User Management System 1.0. This vulnerability affects unknown code of the file /signup.php. Such manipulation of the argument emailid leads to sql inject… | |||
| CVE-2025-9296 | critical | 9.8 | 9.8 | 10mo ago | A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=update_avatar. Such manipulation of the argument image lea… | |||
| CVE-2025-49409 | critical | 9.8 | 9.8 | 10mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brewlabs SensorPress allows Stored XSS. This issue affects SensorPress: from n/a through 1.0. | |||
| CVE-2025-49400 | critical | 9.8 | 9.8 | 10mo ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) allows Stored XSS. This issue affects WP Visi… | |||
| CVE-2025-9156 | critical | 9.8 | 9.8 | 10mo ago | A vulnerability was found in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/sports.php. Performing manipulation of the argument code results… |