CVEs from 2025
Total
12,202
critical
critical 1,301
high
high 1,894
medium
medium 1,908
low
low 193
% Critical
10.7%
% with KEV
1.5%
% with exploit
1.5%
Top vendors
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- microsoft 107
- redhat 106
- portabilis 94
- mayurik 79
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- inventory_management_system 28
- gcp 24
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2025-14215 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in code-projects Currency Exchange System 1.0. This vulnerability affects unknown code of the file /edit.php. The manipulation of the argument ID results in sql injection. T… | |
| CVE-2025-14212 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /member_search.php. Executing a manipulation of the arg… | |
| CVE-2025-14211 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /delete_book.php. Performing a manipulatio… | |
| CVE-2025-14210 | critical | 9.8 | 9.8 | 6mo ago | A security vulnerability has been detected in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /delete_member.php. Such manipulation of the argument u… | |
| CVE-2025-14209 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /update_query.php. This manipulation of the argument stud_id causes sql inj… | |
| CVE-2025-14199 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in Verysync 微力同步 up to 2.21.3. This impacts an unknown function of the file /rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false of the component Web Administratio… | |
| CVE-2025-14182 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in Sobey Media Convergence System 2.0/2.1. This vulnerability affects unknown code of the file /sobey-mchEditor/watermark/upload. The manipulation of the argument File … | |
| CVE-2025-14094 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in Edimax BR-6478AC V3 1.0.15. The affected element is the function sub_44CCE4 of the file /boafrm/formSysCmd. This manipulation of the argument sysCmd causes os command injecti… | |
| CVE-2025-14093 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub_416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os co… | |
| CVE-2025-14004 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in dayrui XunRuiCMS up to 4.7.1. Affected is an unknown function of the file /admind45f74adbd95.php?c=email&m=add of the component Email Setting Handler. Performin… | |
| CVE-2025-13815 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in moxi159753 Mogu Blog v2 up to 5.2. The affected element is an unknown function of the file /file/pictures. This manipulation of the argument filedatas causes unrestr… | |
| CVE-2025-13814 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results … | |
| CVE-2025-13806 | critical | 9.8 | 9.8 | 6mo ago | NutzBoot Incorrect Privilege Assignment vulnerability | |
| CVE-2025-13800 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. This issue affects the function set_mesh_disconnect of the file /send_order.cgi. The manipulation of the argument mac results in command … | |
| CVE-2025-13799 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function ap_macfilter_del of the file /send_order.cgi. The manipulation of the argument mac leads to … | |
| CVE-2025-13798 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in ADSLR NBR1005GPEV2 250814-r037c. This affects the function ap_macfilter_add of the file /send_order.cgi. Executing manipulation of the argument mac can lead to command inject… | |
| CVE-2025-13797 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in ADSLR B-QE2W401 250814-r037c. Affected by this issue is the function parameterdel_swifimac of the file /send_order.cgi. Performing manipulation of the argument del_swi… | |
| CVE-2025-13788 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown function of the file /tools/upgradeattribute.php. The manipulation of the argument gblOrgID leads to s… | |
| CVE-2025-13786 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Impacted is the function fetch of the file /index.php. Performing manipulation of the argument content res… | |
| CVE-2025-13783 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. This affects the function check/uncheck/delete of the file application/Comment/Controller/Commentad… | |
| CVE-2025-13782 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Affected by this issue is the function delete of the file application/Admin/Controller/SlideController.c… | |
| CVE-2025-65085 | critical | 9.8 | 9.8 | 6mo ago | A Heap-based Buffer Overflow vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose inform… | |
| CVE-2025-65084 | critical | 9.8 | 9.8 | 6mo ago | An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.216 and prior that could allow an attacker to disclose information … | |
| CVE-2025-13585 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injecti… | |
| CVE-2025-13583 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in code-projects Question Paper Generator 1.0. This affects an unknown part of the file /signupscript.php of the component POST Parameter Handler. Executing manipulatio… | |
| CVE-2025-13582 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in code-projects Jonnys Liquor 1.0. Affected by this issue is some unknown functionality of the file /detail.php of the component GET Parameter Handler. Performing… | |
| CVE-2025-13578 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in code-projects Library System 1.0. This affects an unknown function of the file /index.php of the component Login. The manipulation of the argument Username leads to … | |
| CVE-2025-13572 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /delete_admin.php. The manipulation of the argument admin_id leads to … | |
| CVE-2025-13562 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of the file /gena.cgi. Such manipulation of the argument service leads to command injection. The atta… | |
| CVE-2025-13561 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability affects unknown code of the file /admin/index.php. This manipulation of the argument Username causes sql i… | |
| CVE-2025-13560 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in SourceCodester Company Website CMS 1.0. This affects an unknown part of the file /admin/reset-password.php. The manipulation of the argument email results in sql injectio… | |
| CVE-2025-13557 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in Campcodes Online Polling System 1.0. Affected by this issue is some unknown functionality of the file /registeracc.php. The manipulation of the argument email leads … | |
| CVE-2025-13556 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in Campcodes Online Polling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checklogin.php. Executing a manipulation of the argument my… | |
| CVE-2025-13555 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in Campcodes School File Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument s… | |
| CVE-2025-13554 | critical | 9.8 | 9.8 | 6mo ago | A security vulnerability has been detected in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /index.php of the component Login. Such manipulation of the argume… | |
| CVE-2025-13546 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this issue is some unknown functionality of the file /results.php of the compone… | |
| CVE-2025-13544 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected is an unknown function of the file /customer_register.php. Executing manipulation… | |
| CVE-2025-13485 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument … | |
| CVE-2025-13451 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in SourceCodester Online Shop Project 1.0. The affected element is an unknown function of the file /action.php. Such manipulation of the argument Search leads to sql in… | |
| CVE-2025-13449 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in code-projects Online Shop Project 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument Password results in sql injecti… | |
| CVE-2025-13442 | critical | 9.8 | 9.8 | 6mo ago | A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argum… | |
| CVE-2025-13424 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /admin/add_product.php. The manipulation of the argument txtProductName leads … | |
| CVE-2025-13422 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected element is an unknown function of the file /dashboard/admin/change_s_pwd.php. Performing manipulation… | |
| CVE-2025-13421 | critical | 9.8 | 9.8 | 6mo ago | A security vulnerability has been detected in itsourcecode Human Resource Management System 1.0. Impacted is an unknown function of the file /src/store/NoticeStore.php. Such manipulation of the argum… | |
| CVE-2025-13420 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in itsourcecode Human Resource Management System 1.0. This issue affects some unknown processing of the file /src/store/EventStore.php. This manipulation of the argumen… | |
| CVE-2025-13411 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_football.php. Performing a manipula… | |
| CVE-2025-13410 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is an unknown function of the file /admin/receipt.php. Such manipulation of the argument tid leads to sql… | |
| CVE-2025-13396 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql in… | |
| CVE-2025-13344 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in SourceCodester Train Station Ticketing System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=login. This manipulation o… | |
| CVE-2025-13323 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /listorder.php. Performing manipulation of the argument ID results i… | |
| CVE-2025-13303 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was determined in code-projects Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /search-edit.php. This manipulation of the argument Con… | |
| CVE-2025-13302 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in code-projects Courier Management System 1.0. This affects an unknown part of the file /add-new-officer.php. Such manipulation of the argument ManagerName leads to sq… | |
| CVE-2025-13301 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The mani… | |
| CVE-2025-13300 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql… | |
| CVE-2025-13299 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. This impacts an unknown function of the file /user/controller.php. Executing a manipulation can lead to sql … | |
| CVE-2025-13298 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. This affects an unknown function of the file /enrollment/controller.php. Performing a manipulation re… | |
| CVE-2025-13297 | critical | 9.8 | 9.8 | 6mo ago | A security vulnerability has been detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. The impacted element is an unknown function of the file /course/controller.php. Such ma… | |
| CVE-2025-13291 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirm_order.php. Performing a manipulation of the argument ID results i… | |
| CVE-2025-13285 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in itsourcecode Online Voting System 1.0. The affected element is an unknown function of the file /login.php. Such manipulation of the argument Username leads to sql in… | |
| CVE-2025-13280 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was determined in CodeAstro Simple Inventory System 1.0. The impacted element is an unknown function of the file /index.php of the component Login. Executing a manipulation of the arg… | |
| CVE-2025-13277 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in code-projects Nero Social Networking Site 1.0. This issue affects some unknown processing of the file /friendsphoto.php. This manipulation of the argument ID causes sql injec… | |
| CVE-2025-13272 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Affected is an unknown function of the file /manage_course.php. Such manipulation of the argument ID leads to sq… | |
| CVE-2025-13271 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was determined in Campcodes School Fees Payment Management System 1.0. This impacts an unknown function of the file /ajax.php?action=login. This manipulation of the argument Username … | |
| CVE-2025-13267 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in SourceCodester Dental Clinic Appointment Reservation System 1.0. Impacted is an unknown function of the file /success.php. Performing manipulation of the argument user… | |
| CVE-2025-13262 | critical | 9.8 | 9.8 | 6mo ago | lsFusion Platform has a Path Traversal vulnerability | |
| CVE-2025-13257 | critical | 9.8 | 9.8 | 6mo ago | A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user/index.php?view=edit. The manipulation o… | |
| CVE-2025-13248 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is an unknown function of the file /php/api_patient_schedule.php. This manipul… | |
| CVE-2025-13247 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.php. The manipulation of the argument uid… | |
| CVE-2025-13242 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in code-projects Student Information System 2.0. This issue affects some unknown processing of the file /register.php. The manipulation leads to sql injection. The atta… | |
| CVE-2025-13241 | critical | 9.8 | 9.8 | 6mo ago | A flaw has been found in code-projects Student Information System 2.0. This vulnerability affects unknown code of the file /index.php. Executing manipulation of the argument Username can lead to sql … | |
| CVE-2025-13240 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was detected in code-projects Student Information System 2.0. This affects an unknown part of the file /searchquery.php. Performing manipulation of the argument s results in sql injec… | |
| CVE-2025-13237 | critical | 9.8 | 9.8 | 6mo ago | A security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. The manipulation of the argument U_USERNAME results… | |
| CVE-2025-13236 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=edit. The manipulation of the argument ID l… | |
| CVE-2025-13235 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipulation of the argument user_email can le… | |
| CVE-2025-13234 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was found in itsourcecode Inventory Management System 1.0. The impacted element is an unknown function of the file /index.php?q=product. Performing manipulation of the argument PROID … | |
| CVE-2025-13233 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=single-item. Such manipulation of the argument ID … | |
| CVE-2025-13210 | critical | 9.8 | 9.8 | 6mo ago | A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=add. Such manipulation of the a… | |
| CVE-2025-13203 | critical | 9.8 | 9.8 | 6mo ago | A weakness has been identified in code-projects Simple Cafe Ordering System 1.0. This vulnerability affects unknown code of the file /addmem.php. Executing manipulation of the argument studentnum can… | |
| CVE-2025-13201 | critical | 9.8 | 9.8 | 6mo ago | A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /login.php. Such manipulation of the argument Usernam… | |
| CVE-2025-13170 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/edit_account.php. Performing a manipulation of … | |
| CVE-2025-13169 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /add_query_reserve.php. Such manipulation o… | |
| CVE-2025-13168 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in ury-erp ury up to 0.2.0. This affects the function overrided_past_order_list of the file ury/ury/api/pos_extend.py. This manipulation of the argument search_term cau… | |
| CVE-2025-13123 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/get_firstdate.php. Executing manipulation of the argument uid … | |
| CVE-2025-13122 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/api_patient_checkin.php. … | |
| CVE-2025-13076 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/usersetting.php. Executing manipulation of the argument usname can lea… | |
| CVE-2025-13075 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/usersettingdel.php. Performing manipulation of the argument eid results in … | |
| CVE-2025-13060 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in SourceCodester Survey Application System 1.0. This affects an unknown function of the file /view_survey.php. Such manipulation of the argument ID leads t… | |
| CVE-2025-13059 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in SourceCodester Alumni Management System 1.0. The impacted element is an unknown function of the file /manage_career.php. This manipulation of the argument ID causes … | |
| CVE-2025-13057 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_student. The manipulation of the argument ID l… | |
| CVE-2025-60724 | critical | 9.8 | 9.8 | 7mo ago | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. | |
| CVE-2025-12939 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of the file /addCandidate.php. The manipulation of th… | |
| CVE-2025-12938 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in projectworlds Online Admission System 1.0. Affected by this vulnerability is an unknown functionality of the file /process_login.php. The manipulation of the argumen… | |
| CVE-2025-12933 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument rol… | |
| CVE-2025-12932 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=inbox. This manipulation of the argument msgid ca… | |
| CVE-2025-12931 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/edit-orders.php. The manipulation of the argument… | |
| CVE-2025-12930 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in SourceCodester Food Ordering System 1.0. Affected is an unknown function of the file /view-ticket.php. The manipulation of the argument ID leads to sql injection. It… | |
| CVE-2025-12929 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in SourceCodester Survey Application System 1.0. This impacts the function save_user/update_user of the file /LoginRegistration.php. Executing manipulation of the argument fulln… | |
| CVE-2025-12928 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in code-projects Online Job Search Engine 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument username/phone results in … | |
| CVE-2025-12916 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3.0. Impacted is an unknown function of the file /fort/portal_login of the component Frontend. This mani… | |
| CVE-2025-12913 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in code-projects Responsive Hotel Site 1.0. This affects an unknown part of the file /admin/roomdel.php. Executing manipulation of the argument ID can lead to sql injection. It … |