CVEs from 2025
Total
9,419
critical
critical 1,301
high
high 1,908
medium
medium 1,905
low
low 193
% Critical
13.8%
% with KEV
1.9%
% with exploit
2.0%
Top vendors
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- microsoft 107
- redhat 106
- portabilis 94
- mayurik 79
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- inventory_management_system 28
- gcp 24
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2025-12913 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in code-projects Responsive Hotel Site 1.0. This affects an unknown part of the file /admin/roomdel.php. Executing manipulation of the argument ID can lead to sql injection. It … | |
| CVE-2025-12873 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in Campcodes School File Management 1.0. This affects an unknown part of the file /admin/update_user.php. Performing manipulation of the argument user_id results i… | |
| CVE-2025-12862 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by this issue is some unknown functionality of the file /dashboard/userprofile.php. Such manipulation of th… | |
| CVE-2025-12857 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/roombook.php. Such manipulation of the argument r… | |
| CVE-2025-12856 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/reservation.php. This manipulation of the argument email causes sql injec… | |
| CVE-2025-12855 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in code-projects Responsive Hotel Site 1.0. This issue affects some unknown processing of the file /admin/newsletterdel.php. The manipulation of the argument eid r… | |
| CVE-2025-12853 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affects the function delete_house of the file /admin_class.php. Executing manipulation of the argument I… | |
| CVE-2025-12617 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in itsourcecode Billing System 1.0. This affects an unknown function of the file /admin/app/login_crud.php. Executing a manipulation of the argument Password can lead to sql inj… | |
| CVE-2025-12614 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted is the function delete_payment of the file /admin_class.php. This manipulation of the argument ID ca… | |
| CVE-2025-12612 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=delete_course. The manipulation of … | |
| CVE-2025-12608 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in itsourcecode Online Loan Management System 1.0. The affected element is an unknown function of the file /manage_user.php. Performing manipulation of the argumen… | |
| CVE-2025-12607 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in itsourcecode Online Loan Management System 1.0. Impacted is an unknown function of the file /manage_payment.php. Such manipulation of the argument ID leads to sql in… | |
| CVE-2025-12606 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in itsourcecode Online Loan Management System 1.0. This issue affects some unknown processing of the file /manage_borrower.php. This manipulation of the argument ID cau… | |
| CVE-2025-12605 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in itsourcecode Online Loan Management System 1.0. This vulnerability affects unknown code of the file /manage_loan.php. The manipulation of the argument ID results in sql i… | |
| CVE-2025-12604 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in itsourcecode Online Loan Management System 1.0. This affects an unknown part of the file /load_fields.php. The manipulation of the argument loan_id leads to sql inje… | |
| CVE-2025-12598 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function save_tenant of the file /admin_class.php. Executing manipulation of the argumen… | |
| CVE-2025-12597 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function save_category of the file /admin_class.php. Performing manipulat… | |
| CVE-2025-12378 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument p… | |
| CVE-2025-12339 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in Campcodes Retro Basketball Shoes Online Store 1.0. This issue affects some unknown processing of the file /admin/admin_football.php. The manipulation of … | |
| CVE-2025-12338 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. This vulnerability affects unknown code of the file /admin/admin_product.ph. Executing a manipulation of the argum… | |
| CVE-2025-12337 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in Campcodes Retro Basketball Shoes Online Store 1.0. This affects an unknown part of the file /admin/admin_feature.php. Performing a manipulation of the argument … | |
| CVE-2025-12336 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_index.php. Such manipulation of the … | |
| CVE-2025-12325 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/forgot-password.php. The manipulation of the argument email leads to… | |
| CVE-2025-12316 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in code-projects Courier Management System 1.0. This impacts an unknown function of the file /courier/edit-courier.php. The manipulation of the argument OfficeName lead… | |
| CVE-2025-12315 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to … | |
| CVE-2025-12314 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in code-projects Food Ordering System 1.0. The impacted element is an unknown function of the file /admin/deleteitem.php. Performing a manipulation of the argument itemID re… | |
| CVE-2025-12313 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /msp_info.htm. Such manipulation of the argument cmd leads to comm… | |
| CVE-2025-12309 | critical | 9.8 | 9.8 | 7mo ago | A weakness has been identified in code-projects Nero Social Networking Site 1.0. This affects an unknown part of the file /friendprofile.php. Executing manipulation of the argument ID can lead to sql… | |
| CVE-2025-12308 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in code-projects Nero Social Networking Site 1.0. Affected by this issue is some unknown functionality of the file /deletemessage.php. Performing manipulation of t… | |
| CVE-2025-12307 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in code-projects Nero Social Networking Site 1.0. Affected by this vulnerability is an unknown functionality of the file /addfriend.php. Such manipulation of the argume… | |
| CVE-2025-12306 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in code-projects Nero Social Networking Site 1.0. Affected is an unknown function of the file /acceptoffres.php. This manipulation of the argument ID causes sql injecti… | |
| CVE-2025-12305 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in quequnlong shiyi-blog up to 1.2.1. This impacts an unknown function of the file src/main/java/com/mojian/controller/SysJobController.java of the component Job Handler. Th… | |
| CVE-2025-12301 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /editproduct.php. Such manipulation of the argument photo lead… | |
| CVE-2025-12296 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub_4174B0 of the component Firmware Update Handler. The manipulation leads to os command … | |
| CVE-2025-12294 | critical | 9.8 | 9.8 | 7mo ago | A security flaw has been discovered in SourceCodester Point of Sales 1.0. Impacted is an unknown function of the file /delete_category.php. Performing manipulation of the argument ID results in sql i… | |
| CVE-2025-12293 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in SourceCodester Point of Sales 1.0. This issue affects some unknown processing of the file /category.php. Such manipulation of the argument Category leads to sql inje… | |
| CVE-2025-12292 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in SourceCodester Point of Sales 1.0. This vulnerability affects unknown code of the file /index.php. This manipulation of the argument Username causes sql injection. I… | |
| CVE-2025-12268 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. Impacted is an unknown function of the file /api/v1/courses/ of the component Course Thumbnail Handler. Th… | |
| CVE-2025-12257 | critical | 9.8 | 9.8 | 7mo ago | A security vulnerability has been detected in SourceCodester Online Student Result System 1.0. This issue affects some unknown processing of the file /view_result.php. The manipulation of the argumen… | |
| CVE-2025-12253 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/portal/get_expiredtime.php. This manipulation… | |
| CVE-2025-12237 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /index.php. Such manipulation of the argument keywords leads to sql… | |
| CVE-2025-12226 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Impacted is the function save_house of the file /admin_class.php. Performing manipulation of the argument house_no… | |
| CVE-2025-12215 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /login_submit.php. Executing a manipulation of the argument keywords can lead to sql inj… | |
| CVE-2025-12208 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability was found in SourceCodester Best House Rental Management System 1.0. This impacts the function login2 of the file /admin_class.php. Performing manipulation of the argument Username re… | |
| CVE-2025-59007 | critical | 9.8 | 9.8 | 7mo ago | Deserialization of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For Elementor tf-woo-product-grid allows Object Injection.This issue affects TF Woo Product Grid Addon For Elem… | |
| CVE-2025-49380 | critical | 9.8 | 9.8 | 7mo ago | Deserialization of Untrusted Data vulnerability in wpinstinct WooCommerce Vehicle Parts Finder woo-vehicle-parts-finder allows Object Injection.This issue affects WooCommerce Vehicle Parts Finder: fr… | |
| CVE-2025-11943 | critical | 9.8 | 9.8 | 7mo ago | A vulnerability has been found in 70mai X200 up to 20251010. Affected by this vulnerability is an unknown functionality of the component HTTP Web Server. The manipulation leads to use of default cred… | |
| CVE-2025-11942 | critical | 9.8 | 9.8 | 7mo ago | A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the a… | |
| CVE-2025-11736 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in itsourcecode Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /index.php. This manipulation of the argument Username causes sql… | |
| CVE-2025-11664 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in Campcodes Online Beauty Parlor Management System 1.0. The impacted element is an unknown function of the file /admin/search-appointment.php. Such manipul… | |
| CVE-2025-11662 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. Impacted is an unknown function of the file /booking.php. The manipulation of the argument serv_id results in s… | |
| CVE-2025-11661 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown part. Performing manipulation results in missing auth… | |
| CVE-2025-11660 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this issue is some unknown functionality of the file /assets… | |
| CVE-2025-11659 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this vulnerability is an unknown functionality of the file /assets/up… | |
| CVE-2025-11658 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected is an unknown function of the file /assets/changeSllyabus.php. Th… | |
| CVE-2025-11657 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This impacts an unknown function of the file /assets/createN… | |
| CVE-2025-11656 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown function of the file /assets/editNotes.php. Exec… | |
| CVE-2025-11630 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in RainyGao DocSys up to 2.02.36. Affected is the function updateRealDoc of the file /Doc/uploadDoc.do of the component File Upload. Performing manipulation of the argument … | |
| CVE-2025-11629 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in RainyGao DocSys up to 2.02.36. This impacts the function getUserList of the file /Manage/getUserList.do. Such manipulation leads to sql injection. It is possible to … | |
| CVE-2025-11615 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add_invoice.php. Performing manipulation of the argument Servic… | |
| CVE-2025-11614 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /panel/edit-appointment.php. Such manipulation of t… | |
| CVE-2025-11608 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation … | |
| CVE-2025-11604 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status cause… | |
| CVE-2025-11601 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in SourceCodester Online Student Result System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. Performing manipulation of the argu… | |
| CVE-2025-11599 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in Campcodes Online Apartment Visitor Management System 1.0. This impacts an unknown function of the file /forgot-password.php. This manipulation of the argument email … | |
| CVE-2025-11597 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/product_add_qty.php. The manipulation of the argument prod_id le… | |
| CVE-2025-11596 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/delete_order_details.php. Executing manipulation of the argument… | |
| CVE-2025-11595 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown function of the file /admin-profile.php. Performing a manipulation of the argument mobile… | |
| CVE-2025-11585 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulation of the argument uid results in sql in… | |
| CVE-2025-11584 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in code-projects Online Job Search Engine 1.0. The affected element is an unknown function of the file /searchjob.php. The manipulation of the argument txtspecializatio… | |
| CVE-2025-11583 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in code-projects Online Job Search Engine 1.0. Impacted is an unknown function of the file /postjob.php. Executing manipulation of the argument txtjobID can lead to sql injectio… | |
| CVE-2025-11582 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in code-projects Online Job Search Engine 1.0. This issue affects some unknown processing of the file /registration.php. Performing manipulation of the argument txtuserna… | |
| CVE-2025-11558 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/user_index_search.php. Performing manipulation of the argument Search results in … | |
| CVE-2025-11557 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads… | |
| CVE-2025-11556 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in code-projects Simple Leave Manager 1.0. This vulnerability affects unknown code of the file /user.php. This manipulation of the argument table causes sql injection. Remote ex… | |
| CVE-2025-11555 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in Campcodes Online Learning Management System 1.0. This affects an unknown part of the file /admin/calendar_of_events.php. The manipulation of the argument date_start re… | |
| CVE-2025-11553 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in code-projects Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-courier.php. Executing manipulation of the a… | |
| CVE-2025-11551 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa ca… | |
| CVE-2025-11529 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The… | |
| CVE-2025-11513 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/supplier_update.php. This manipulation of the argument supp_id causes sql injec… | |
| CVE-2025-11511 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplier_add.php. Executing manipulation of the argument supp_email can lead to sql i… | |
| CVE-2025-11509 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/product_add.php. Performing manipulation of the argument prod_name results in… | |
| CVE-2025-11508 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in code-projects Voting System 1.0. This affects an unknown function of the file /admin/voters_add.php. Such manipulation of the argument photo leads to unr… | |
| CVE-2025-11507 | critical | 9.8 | 9.8 | 8mo ago | A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argumen… | |
| CVE-2025-11506 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. The affected element is an unknown function of the file /admin/search-appointment.php. The manipulation of the … | |
| CVE-2025-11505 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads… | |
| CVE-2025-11503 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in PHPGurukul Beauty Parlour Management System 1.1. This issue affects some unknown processing of the file /admin/manage-services.php. Executing a manipulation of the a… | |
| CVE-2025-11491 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in … | |
| CVE-2025-11490 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected element is the function extractBaseCommand of the file src/command-manager.ts of the component Absolute P… | |
| CVE-2025-11487 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in SourceCodester Farm Management System 1.0. Affected by this issue is some unknown functionality of the file /uploadProduct.php. Performing manipulation of the a… | |
| CVE-2025-11486 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in SourceCodester Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /buyNow.php. Such manipulation of the argument Name… | |
| CVE-2025-11481 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in varunsardana004 Blood-Bank-And-Donation-Management-System up to dc9e0393d826fbc85fad9755b5bc12cba1919df2. The impacted element is an unknown function of the file /donate_bloo… | |
| CVE-2025-11480 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument register… | |
| CVE-2025-11479 | critical | 9.8 | 9.8 | 8mo ago | A security vulnerability has been detected in SourceCodester Wedding Reservation Management System 1.0. Impacted is the function insertReservation of the file function.php. Such manipulation of the a… | |
| CVE-2025-11477 | critical | 9.8 | 9.8 | 8mo ago | A security flaw has been discovered in SourceCodester Wedding Reservation Management System 1.0. This vulnerability affects unknown code of the file /global.php. The manipulation of the argument User… | |
| CVE-2025-11476 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was identified in SourceCodester Simple E-Commerce Bookstore 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument login_username leads to sql inj… | |
| CVE-2025-11475 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /view_member.php. Executing a manipulation of … | |
| CVE-2025-11474 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_booking.php. Performing manipulation of… | |
| CVE-2025-11473 | critical | 9.8 | 9.8 | 8mo ago | A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /edit_curr.php. Such manipulation of the argument currsymbol leads … | |
| CVE-2025-11472 | critical | 9.8 | 9.8 | 8mo ago | A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /edit_room.php. This manipulation of the argument ID causes sql injection. … |