CVEs from 2025
Total
12,202
critical
critical 1,301
high
high 1,894
medium
medium 1,908
low
low 193
% Critical
10.7%
% with KEV
1.5%
% with exploit
1.5%
Top vendors
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- microsoft 107
- redhat 106
- portabilis 94
- mayurik 79
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- inventory_management_system 28
- gcp 23
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2025-15127 | critical | 9.8 | 9.8 | 5mo ago | A security vulnerability has been detected in FantasticLBP Hotels_Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. Affected by this issue is some unknown functionality of the file /controller/a… | |
| CVE-2025-15099 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulatio… | |
| CVE-2025-15078 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was detected in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /list_report.php. The manipulation of the argument sy results in sq… | |
| CVE-2025-15077 | critical | 9.8 | 9.8 | 5mo ago | A security vulnerability has been detected in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /form137.php. The manipulation of the argument ID lea… | |
| CVE-2025-15075 | critical | 9.8 | 9.8 | 5mo ago | A security flaw has been discovered in itsourcecode Student Management System 1.0. This issue affects some unknown processing of the file /student_p.php. Performing manipulation of the argument ID re… | |
| CVE-2025-15074 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. This vulnerability affects unknown code of the file /customer_details.php. Such manipulation leads to sql injec… | |
| CVE-2025-15073 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contact_us.php. This manipulation of the argument Name causes sql inj… | |
| CVE-2025-15049 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was identified in code-projects Online Farm System 1.0. Affected is an unknown function of the file /addProduct.php. The manipulation of the argument Username leads to sql injection. … | |
| CVE-2025-15048 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument… | |
| CVE-2025-15034 | critical | 9.8 | 9.8 | 5mo ago | A security flaw has been discovered in itsourcecode Student Management System 1.0. This affects an unknown part of the file /record.php. The manipulation of the argument ID results in sql injection. … | |
| CVE-2025-15012 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was determined in code-projects Refugee Food Management System 1.0. The affected element is an unknown function of the file /home/home.php. This manipulation of the argument a causes … | |
| CVE-2025-15011 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was found in code-projects Simple Stock System 1.0. Impacted is an unknown function of the file /logout.php. The manipulation of the argument uname results in sql injection. The attac… | |
| CVE-2025-15008 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was detected in Tenda WH450 1.0.0.18. This affects an unknown part of the file /goform/L7Port of the component HTTP Request Handler. Performing a manipulation of the argument page res… | |
| CVE-2025-15002 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/lim… | |
| CVE-2025-14990 | critical | 9.8 | 9.8 | 5mo ago | A security flaw has been discovered in Campcodes Complete Online Beauty Parlor Management System 1.0. Impacted is an unknown function of the file /admin/view-appointment.php. Performing a manipulatio… | |
| CVE-2025-14989 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/search-invoices.php. Such manipulation l… | |
| CVE-2025-14968 | critical | 9.8 | 9.8 | 5mo ago | A security flaw has been discovered in code-projects Simple Stock System 1.0. Affected by this issue is some unknown functionality of the file /market/update.php. The manipulation of the argument ema… | |
| CVE-2025-14967 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was identified in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /candidates_report.php. The manipulation of the ar… | |
| CVE-2025-14961 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was detected in code-projects Simple Blood Donor Management System 1.0. The affected element is an unknown function of the file /editedcampaign.php. The manipulation of the argument c… | |
| CVE-2025-14960 | critical | 9.8 | 9.8 | 5mo ago | A security vulnerability has been detected in code-projects Simple Blood Donor Management System 1.0. Impacted is an unknown function of the file /editeddonor.php. The manipulation of the argument Na… | |
| CVE-2025-14959 | critical | 9.8 | 9.8 | 5mo ago | A weakness has been identified in code-projects Simple Stock System 1.0. This issue affects some unknown processing of the file /market/signup.php. Executing a manipulation of the argument Username c… | |
| CVE-2025-14952 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was detected in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/add_category.php. Performing a manipulation of the argument txtCategoryNa… | |
| CVE-2025-14951 | critical | 9.8 | 9.8 | 5mo ago | A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impacted element is an unknown function of the file /home.php. Such manipulation of the argument post_con… | |
| CVE-2025-14950 | critical | 9.8 | 9.8 | 5mo ago | A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /delete_post.php. This manipulation of the argument ID causes sql… | |
| CVE-2025-14940 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/delete_user.php. This manipulation of the argument ID caus… | |
| CVE-2025-64236 | critical | 9.8 | 9.8 | 5mo ago | Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Tuturn allows Authentication Abuse.This issue affects Tuturn: from n/a before 3.6. | |
| CVE-2025-14877 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was identified in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/add_retailer.php. The manipulation of the argument cmbAreaCode leads to… | |
| CVE-2025-58935 | critical | 9.8 | 9.8 | 5mo ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Lunna lunna allows PHP Local File Inclusion.This issue affects Lun… | |
| CVE-2025-14833 | critical | 9.8 | 9.8 | 5mo ago | A security flaw has been discovered in code-projects Online Appointment Booking System 1.0. The impacted element is an unknown function of the file /admin/deletemanagerclinic.php. Performing manipula… | |
| CVE-2025-14832 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was identified in itsourcecode Online Cake Ordering System 1.0. The affected element is an unknown function of the file /updateproduct.php?action=edit. Such manipulation of the argume… | |
| CVE-2025-14711 | critical | 9.8 | 9.8 | 5mo ago | A flaw has been found in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. This vulnerability affects unknown code of the file /controller/api/hotelList.php. This manipulatio… | |
| CVE-2025-14710 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was detected in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0. This affects an unknown part of the file /controller/api/OrderList.php. The manipulation of … | |
| CVE-2025-14704 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was found in Shiguangwu sgwbox N3 2.0.25. The impacted element is an unknown function of the file /eshell of the component API. The manipulation results in path traversal. It is possi… | |
| CVE-2025-14673 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affected is the function snap7_rs::client::S7Client::as_ct_write of the file /tests/snap7-rs/src/client.rs. The manipulation leads to … | |
| CVE-2025-14672 | critical | 9.8 | 9.8 | 5mo ago | A flaw has been found in gmg137 snap7-rs up to 1.142.1. This impacts the function TSnap7MicroClient::opWriteArea of the file s7_micro_client.cpp. Executing a manipulation can lead to heap-based buffe… | |
| CVE-2025-14668 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was detected in campcodes Advanced Online Examination System 1.0. This affects an unknown function of the file /query/loginExe.php. Performing a manipulation of the argument Username … | |
| CVE-2025-14667 | critical | 9.8 | 9.8 | 5mo ago | A security vulnerability has been detected in itsourcecode COVID Tracking System 1.0. The impacted element is an unknown function of the file /admin/?page=system_info. Such manipulation of the argume… | |
| CVE-2025-14666 | critical | 9.8 | 9.8 | 5mo ago | A weakness has been identified in itsourcecode COVID Tracking System 1.0. The affected element is an unknown function of the file /admin/?page=user. This manipulation of the argument Username causes … | |
| CVE-2025-14664 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability was identified in Campcodes Supplier Management System 1.0. This issue affects some unknown processing of the file /admin/view_unit.php. The manipulation of the argument chkId[] leads… | |
| CVE-2025-14661 | critical | 9.8 | 9.8 | 5mo ago | A vulnerability has been found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads… | |
| CVE-2025-14653 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was determined in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /addrecord.php. This manipulation of the argument ID causes sql injection. Re… | |
| CVE-2025-14652 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This issue affects some unknown processing of the file /admindetail.php?action=edit. The manipulation of the argument ID res… | |
| CVE-2025-14650 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown part of the file /cakeshop/product.php. Executing manipulation of the argument Product can lead to sql i… | |
| CVE-2025-14649 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in itsourcecode Online Cake Ordering System 1.0. Affected by this issue is some unknown functionality of the file /cakeshop/supplier.php. Performing manipulation of the a… | |
| CVE-2025-14647 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in code-projects Computer Book Store 1.0. Affected is an unknown function of the file /admin_delete.php. This manipulation of the argument bookisbn causes sql injection… | |
| CVE-2025-14646 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in code-projects Student File Management System 1.0. This impacts an unknown function of the file /admin/delete_student.php. The manipulation of the argument stud_… | |
| CVE-2025-14645 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown function of the file /admin/delete_user.php. The manipulation of the argument user_id leads… | |
| CVE-2025-14644 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /update_subject.php. Executing manipulation of the argument ID ca… | |
| CVE-2025-14643 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in code-projects Simple Attendance Record System 2.0. The affected element is an unknown function of the file /check.php. Performing manipulation of the argument student res… | |
| CVE-2025-14640 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /admin/save_student.php. Executing manipulation of the argument stud… | |
| CVE-2025-14639 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /uprec.php. Performing manipulation of the argument ID results in sql injection… | |
| CVE-2025-14638 | critical | 9.8 | 9.8 | 6mo ago | A security vulnerability has been detected in itsourcecode Online Pet Shop Management System 1.0. This issue affects some unknown processing of the file /pet1/update_cnp.php. Such manipulation of the… | |
| CVE-2025-14637 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname c… | |
| CVE-2025-14623 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument… | |
| CVE-2025-14622 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument fir… | |
| CVE-2025-14621 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to … | |
| CVE-2025-14620 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was determined in code-projects Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/login_query.php. Executing manipulation of … | |
| CVE-2025-14619 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file login_query.php. Performing manipulation of the a… | |
| CVE-2025-14590 | critical | 9.8 | 9.8 | 6mo ago | A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname lead… | |
| CVE-2025-14588 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /update_program.php. Performing manipulation of the argument ID … | |
| CVE-2025-14587 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in itsourcecode Online Pet Shop Management System 1.0. This affects an unknown part of the file /pet1/available.php. Such manipulation of the argument Name leads to sql… | |
| CVE-2025-14586 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue is the function snprintf of the file /cgi-bin/cstecgi.cgi?action=exportOvpn&type=user. This manipulati… | |
| CVE-2025-14585 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=zone. The manipulation of the argument ID resu… | |
| CVE-2025-14584 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument U… | |
| CVE-2025-14583 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing a manipulation of the argument photo can lead to u… | |
| CVE-2025-14578 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /update_account.php. This manipulation of the argument ID causes … | |
| CVE-2025-14571 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /borrow_book.php. Such manipulation of the arg… | |
| CVE-2025-14570 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_admin.php. This manipulation of the argumen… | |
| CVE-2025-14566 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The impacted element is an unknown function of the file /Profilers/SProfile/reg.php… | |
| CVE-2025-14565 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/SProfile/login1.php. … | |
| CVE-2025-14537 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in code-projects Class and Exam Timetable Management 1.0. Affected by this issue is some unknown functionality of the file /preview7.php. This manipulation of the argum… | |
| CVE-2025-14536 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in code-projects Class and Exam Timetable Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login.… | |
| CVE-2025-14529 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in Campcodes Retro Basketball Shoes Online Store 1.0. The affected element is an unknown function of the file /admin/admin_running.php. This manipulation of the argument pid cau… | |
| CVE-2025-14527 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /view_book.php. Executing a manipulation of the argument bo… | |
| CVE-2025-14522 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in baowzh hfly up to 638ff9abe9078bc977c132b37acbe1900b63491c. The impacted element is an unknown function of the file /Public/Kindeditor/php/upload_json.php. Performing … | |
| CVE-2025-14518 | critical | 9.8 | 9.8 | 6mo ago | PowerJob has a server-side request forgery vulnerability in PingPongUtils.java | |
| CVE-2025-14515 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add_unit.php. Such manipulation of the argume… | |
| CVE-2025-14514 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/add_distributor.php. This manipulation of the argument txtDistributorAddress caus… | |
| CVE-2025-14087 | critical | 9.8 | 9.8 | 6mo ago | Moderate: glib2 security update | |
| CVE-2025-14337 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was determined in itsourcecode Student Management System 1.0. This affects an unknown part of the file /new_grade.php. This manipulation of the argument grade causes sql injection. Th… | |
| CVE-2025-14336 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in itsourcecode Student Management System 1.0. Affected by this issue is some unknown functionality of the file /promote.php. The manipulation of the argument sy results in … | |
| CVE-2025-14335 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /new_school_year.php. The manipulation of the argu… | |
| CVE-2025-14334 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /new_adviser.php. Executing manipulation of the argument Name can lead to sql injectio… | |
| CVE-2025-14285 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file edit_personnel.php. The manipulation of the argument per_id results in s… | |
| CVE-2025-14258 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newsubject.php. The manipulation of the argument … | |
| CVE-2025-14257 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /newrecord.php. Executing manipulation of the argument ID can lead to sql injection. T… | |
| CVE-2025-14256 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /newcurriculm.php. Performing manipulation of the argument ID results in sql i… | |
| CVE-2025-14251 | critical | 9.8 | 9.8 | 6mo ago | A security vulnerability has been detected in code-projects Online Ordering System 1.0. This affects an unknown function of the file /admin/ of the component Admin Login. Such manipulation of the arg… | |
| CVE-2025-14250 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /user_contact.php. This manipulation of the argument Name causes sq… | |
| CVE-2025-14249 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in code-projects Online Ordering System 1.0. The affected element is an unknown function of the file /user_school.php. The manipulation of the argument product_id … | |
| CVE-2025-14248 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in code-projects Simple Shopping Cart 1.0. Impacted is an unknown function of the file /adminlogin.php. The manipulation of the argument admin_username leads to sql inj… | |
| CVE-2025-14247 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was determined in code-projects Simple Shopping Cart 1.0. This issue affects some unknown processing of the file /Admin/additems.php. Executing manipulation of the argument item_name … | |
| CVE-2025-14246 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in code-projects Simple Shopping Cart 1.0. This vulnerability affects unknown code of the file /Customers/settings.php. Performing manipulation of the argument user_id resul… | |
| CVE-2025-14245 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in IdeaCMS up to 1.8. This affects the function whereRaw of the file app/common/logic/index/Coupon.php. Such manipulation of the argument params leads to sql injection.… | |
| CVE-2025-14227 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d958. This issue affects some unknown processing of the file /edit.php. The manipulation re… | |
| CVE-2025-14226 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edit_user.php. The manipulation of the argument fname leads to sql i… | |
| CVE-2025-14224 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this issue is some unknown functionality of the component File Upload. Performing manipulation results in … | |
| CVE-2025-14223 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation of the argument staff_… | |
| CVE-2025-14218 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argume… | |
| CVE-2025-14217 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in code-projects Currency Exchange System 1.0. Impacted is an unknown function of the file /edittrns.php. Such manipulation of the argument ID leads to sql injection. T… |