CVEs from 2025
Total
11,985
critical
critical 1,301
high
high 1,894
medium
medium 1,908
low
low 193
% Critical
10.9%
% with KEV
1.5%
% with exploit
1.5%
Top vendors
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- microsoft 107
- redhat 106
- portabilis 94
- mayurik 79
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- inventory_management_system 28
- gcp 24
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2025-6749 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability classified as critical was found in huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a. Affected by this vulnerability is the function searchAdminMessageShow of… | |
| CVE-2025-6738 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability, which was classified as critical, has been found in huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a. Affected by this issue is the function userDao.selectUs… | |
| CVE-2025-6731 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Ha… | |
| CVE-2025-6518 | medium | 6.3 | 6.3 | 11mo ago | pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function | |
| CVE-2025-6485 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been classified as critical. This affects the function formWlSiteSurvey of the file /boafrm/formWlSiteSurvey. The manipulatio… | |
| CVE-2025-6281 | medium | 6.3 | 6.3 | 11mo ago | A vulnerability has been found in OpenBMB XAgent up to 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /conv/community. The manipulation leads… | |
| CVE-2025-6142 | medium | 6.3 | 6.3 | 1y ago | A vulnerability was found in Intera InHire up to 20250530. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument 29chcotoo9 le… | |
| CVE-2025-6108 | medium | 6.3 | 6.3 | 1y ago | A vulnerability was found in hansonwang99 Spring-Boot-In-Action up to 807fd37643aa774b94fd004cc3adbd29ca17e9aa. It has been declared as critical. Affected by this vulnerability is the function waterm… | |
| CVE-2025-6100 | medium | 6.3 | 6.3 | 1y ago | A vulnerability was found in realguoshuai open-video-cms 1.0. It has been rated as critical. This issue affects some unknown processing of the file /v1/video/list. The manipulation of the argument so… | |
| CVE-2025-5873 | medium | 6.3 | 6.3 | 1y ago | A vulnerability was detected in eCharge Hardy Barth Salia PLCC up to 2.3.81. Affected by this issue is some unknown functionality of the file /firmware.php of the component Web UI. Performing a manip… | |
| CVE-2025-5836 | medium | 6.3 | 6.3 | 1y ago | A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file /goform/SetIPTVCfg of the component POST Request Handler. Th… | |
| CVE-2025-5783 | medium | 6.3 | 6.3 | 1y ago | A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. This affects an unknown part of the file /editmyexp.php. The manipulation of the argu… | |
| CVE-2025-5782 | medium | 6.3 | 6.3 | 1y ago | A vulnerability, which was classified as critical, has been found in PHPGurukul Employee Record Management System 1.3. Affected by this issue is some unknown functionality of the file /resetpassword.… | |
| CVE-2025-30981 | medium | 6.3 | 6.3 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in tggfref WP-Recall allows Privilege Escalation. This issue affects WP-Recall: from n/a through 16.26.14. | |
| CVE-2025-5145 | medium | 6.3 | 6.3 | 1y ago | A vulnerability, which was classified as critical, was found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2, NBR200V2 and POWER13 up to 20250508. This affects an unknown part of the … | |
| CVE-2025-26940 | medium | 6.3 | 6.3 | 1y ago | Path Traversal vulnerability in NotFound Pie Register Premium. This issue affects Pie Register Premium: from n/a through 3.8.3.2. | |
| CVE-2025-22698 | medium | 6.3 | 6.3 | 1y ago | Missing Authorization vulnerability in Ability, Inc Accessibility Suite online-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility S… | |
| CVE-2025-14693 | medium | 6.2 | 6.2 | 5mo ago | A vulnerability has been found in Ugreen DH2100+ up to 5.3.0. This affects an unknown function of the component USB Handler. Such manipulation leads to symlink following. The attack can be executed d… | |
| CVE-2025-12464 | medium | 6.2 | 6.2 | 7mo ago | A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems… | |
| CVE-2025-9769 | medium | 6.2 | 6.2 | 9mo ago | A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub_478D28 of the file /mng_platform.asp. The manipulation of the argument addr with the input `echo 12345… | |
| CVE-2025-0395 | medium | 6.2 | 6.2 | 1y ago | Moderate: glibc security update | |
| CVE-2025-3359 | medium | 6.2 | 6.2 | 1y ago | A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal may jeopardize the environment. | |
| CVE-2025-66593 | medium | 6.1 | 6.1 | 1d ago | An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content during installation. | |
| CVE-2025-66592 | medium | 6.1 | 6.1 | 1d ago | An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content during installation. | |
| CVE-2025-13593 | medium | 6.1 | 6.1 | 1d ago | Origin validation error vulnerability in Synology ActiveProtect Agent before 1.1.0-0439 allows local users to write arbitrary files with restricted content when installing. | |
| CVE-2025-65954 | medium | 6.1 | 6.1 | 13d ago | SimpleSAMLphp casserver: Open Redirect in logout | |
| CVE-2025-15345 | medium | 6.1 | 6.1 | 14d ago | The MapGeo – Interactive Geo Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'map' parameter in the display-map shortcode in all versions up to, and including, 1.6.2… | |
| CVE-2025-65417 | medium | 6.1 | 6.1 | 17d ago | docuFORM Managed Print Service Client 11.11c is vulnerable to a reflected cross site scripting attack via the login page of the application. | |
| CVE-2025-61310 | medium | 6.1 | 6.1 | 17d ago | A reflected cross-site scripted (XSS) vulnerability in the acc-menu_billings.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in… | |
| CVE-2025-61309 | medium | 6.1 | 6.1 | 17d ago | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_departments.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript… | |
| CVE-2025-61308 | medium | 6.1 | 6.1 | 17d ago | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_maintenance.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript… | |
| CVE-2025-61307 | medium | 6.1 | 6.1 | 17d ago | A reflected cross-site scripted (XSS) vulnerability in the acc-menu_papers.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in t… | |
| CVE-2025-61306 | medium | 6.1 | 6.1 | 17d ago | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_coveragealerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascr… | |
| CVE-2025-61305 | medium | 6.1 | 6.1 | 17d ago | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_firmware.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in… | |
| CVE-2025-67202 | medium | 6.1 | 6.1 | 21d ago | Sidekiq-cron is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL | |
| CVE-2025-59854 | medium | 6.1 | 6.1 | 22d ago | HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the outdated X-XSS-Protection header, which could allow an attacker to exploit b… | |
| CVE-2025-31970 | medium | 6.1 | 6.1 | 22d ago | HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability where the Content-Security-Policy does not define strict directives for object-src and base-uri, which could al… | |
| CVE-2025-61669 | medium | 6.1 | 6.1 | 23d ago | Jupyter Server is the backend for Jupyter web applications. In jupyter_server versions through 2.17.0, the next query parameter in the login flow is insufficiently validated in `LoginFormHandler._red… | |
| CVE-2025-69606 | medium | 6.1 | 6.1 | 27d ago | Cross-Site Scripting (XSS) vulnerability was discovered in the GSVoIP web panel version 2.0.90. The `msg` parameter in the `/painel/gateways.php/error` endpoint does not properly sanitize user-suppli… | |
| CVE-2025-56537 | medium | 6.1 | 6.1 | 29d ago | A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual… | |
| CVE-2025-56536 | medium | 6.1 | 6.1 | 29d ago | A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the user information parameter. | |
| CVE-2025-56535 | medium | 6.1 | 6.1 | 29d ago | A cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the zone attribute parameter. | |
| CVE-2025-56534 | medium | 6.1 | 6.1 | 29d ago | A cross-site scripting (XSS) vulnerability in the custom authenticator driver of opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | |
| CVE-2025-10503 | medium | 6.1 | 6.1 | 29d ago | The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the injection of malicious Java… | |
| CVE-2025-41011 | medium | 6.1 | 6.1 | 1mo ago | HTML injection vulnerability in PHP Point of Sale v19.4. This vulnerability allows an attacker to render HTML in the victim's browser due to a lack of proper validation of user input by sending a req… | |
| CVE-2025-65134 | medium | 6.1 | 6.1 | 1mo ago | In manikandan580 School-management-system 1.0, a reflected cross-site scripting (XSS) vulnerability exists in /studentms/admin/contact-us.php via the email POST parameter. | |
| CVE-2025-62320 | medium | 6.1 | 6.1 | 2mo ago | HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showing it on a webpage. Because of this, an attacker may insert unwanted HTML c… | |
| CVE-2025-70025 | medium | 6.1 | 6.1 | 3mo ago | An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in benkeen generatedata 4.0.14. | |
| CVE-2025-36173 | medium | 6.1 | 6.1 | 3mo ago | Affected Product(s)Version(s)InfoSphere Data Architect9.2.1 | |
| CVE-2025-15223 | medium | 6.1 | 6.1 | 5mo ago | A vulnerability was found in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d958. Impacted is an unknown function of the file /login.php. Performing manipulation of the argument… | |
| CVE-2025-15258 | medium | 6.1 | 6.1 | 5mo ago | A weakness has been identified in Edimax BR-6208AC 1.02/1.03. Affected by this issue is the function formALGSetup of the file /goform/formALGSetup of the component Web-based Configuration Interface. … | |
| CVE-2025-15220 | medium | 6.1 | 6.1 | 5mo ago | A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This affects the function init of the file src/main/java/com/sohu/cache/web/controller/LoginController.java. The manipulation results in… | |
| CVE-2025-15170 | medium | 6.1 | 6.1 | 5mo ago | A security vulnerability has been detected in Advaya Softech GEMS ERP Portal up to 2.1. This affects an unknown part of the file /home.jsp?isError=true of the component Error Message Handler. The man… | |
| CVE-2025-15145 | medium | 6.1 | 6.1 | 5mo ago | A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. This affects the function doTotalList of the file src/main/java/com/sohu/cache/web/controller/TotalManageController.java. … | |
| CVE-2025-15144 | medium | 6.1 | 6.1 | 5mo ago | A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. The impacted element is the function dr_show_error/dr_exit_msg of the file /dayrui/Fcms/Init.php of the component JSONP Callback Handle… | |
| CVE-2025-15094 | medium | 6.1 | 6.1 | 5mo ago | A weakness has been identified in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The impacted element is the function userLogin of the file src/main/java/com/flycms/web/front/UserCo… | |
| CVE-2025-15093 | medium | 6.1 | 6.1 | 5mo ago | A security flaw has been discovered in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The affected element is an unknown function of the file src/main/java/com/flycms/web/system/Ind… | |
| CVE-2025-14962 | medium | 6.1 | 6.1 | 5mo ago | A flaw has been found in code-projects Simple Stock System 1.0. The impacted element is an unknown function of the file /market/chatuser.php. This manipulation causes cross site scripting. The attack… | |
| CVE-2025-14691 | medium | 6.1 | 6.1 | 5mo ago | A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be … | |
| CVE-2025-14692 | medium | 6.1 | 6.1 | 5mo ago | A flaw has been found in Mayan EDMS up to 4.10.1. The impacted element is an unknown function of the file /authentication/. This manipulation causes open redirect. It is possible to initiate the atta… | |
| CVE-2025-14580 | medium | 6.1 | 6.1 | 6mo ago | A security vulnerability has been detected in Qualitor up to 8.24.73. The impacted element is an unknown function of the file /Qualitor/html/bc/bcdocumento9/biblioteca/request/viewDocumento.php. Such… | |
| CVE-2025-14284 | medium | 6.1 | 6.1 | 6mo ago | @tiptap/extension-link vulnerable to Cross-site Scripting (XSS) | |
| CVE-2025-14200 | medium | 6.1 | 6.1 | 6mo ago | A vulnerability has been found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f. Affected is an unknown function of the file /usersub.php of… | |
| CVE-2025-14007 | medium | 6.1 | 6.1 | 6mo ago | A vulnerability was detected in dayrui XunRuiCMS up to 4.7.1. This affects an unknown part of the file /admin79f2ec220c7e.php?c=api&m=demo&name=mobile of the component Domain Name Binding Page. The m… | |
| CVE-2025-14006 | medium | 6.1 | 6.1 | 6mo ago | A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this issue is some unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page… | |
| CVE-2025-14005 | medium | 6.1 | 6.1 | 6mo ago | A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. Affected by this vulnerability is an unknown functionality of the file /admind45f74adbd95.php?c=field&m=add&rname=site&rid=1&page=0 of … | |
| CVE-2025-13484 | medium | 6.1 | 6.1 | 6mo ago | A vulnerability was identified in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/customer-list.php. The manipulation of the … | |
| CVE-2025-13412 | medium | 6.1 | 6.1 | 6mo ago | A vulnerability was determined in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_running.php. Executing a manipulatio… | |
| CVE-2025-13244 | medium | 6.1 | 6.1 | 6mo ago | A vulnerability was determined in code-projects Student Information System 2.0. The affected element is an unknown function of the file /register.php. This manipulation causes cross site scripting. I… | |
| CVE-2025-12335 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability was determined in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/supplier_update.php. This manipulation of the arg… | |
| CVE-2025-12334 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/product_add.php. The manipulation of the argument prod_name/prod_desc/prod_cost r… | |
| CVE-2025-12333 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability has been found in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/supplier_add.php. The manipulation of the argument supp_name/supp_address l… | |
| CVE-2025-12302 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability was detected in code-projects Simple Food Ordering System 1.0. The affected element is an unknown function of the file /editproduct.php. Performing manipulation of the argument pname/… | |
| CVE-2025-12300 | medium | 6.1 | 6.1 | 7mo ago | A weakness has been identified in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname cause… | |
| CVE-2025-12299 | medium | 6.1 | 6.1 | 7mo ago | A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/categ… | |
| CVE-2025-12298 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site… | |
| CVE-2025-12246 | medium | 6.1 | 6.1 | 7mo ago | A security flaw has been discovered in chatwoot up to 4.7.0. This issue affects some unknown processing of the file app/javascript/shared/components/IframeLoader.vue of the component Admin Interface.… | |
| CVE-2025-12244 | medium | 6.1 | 6.1 | 7mo ago | A vulnerability was determined in code-projects Simple E-Banking System 1.0. This affects an unknown part of the file /eBank/register.php. Executing manipulation of the argument Username can lead to … | |
| CVE-2025-56008 | medium | 6.1 | 6.1 | 7mo ago | Cross site scripting (XSS) vulnerability in KeeneticOS before 4.3 at "Wireless ISP" page allows attackers located near to the router to takeover the device via adding additional users with full permi… | |
| CVE-2025-34512 | medium | 6.1 | 6.1 | 7mo ago | Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a reflected cross-site scripting (XSS) vulnerability in index.php that allows an unauthenticated attacker to execute arbitrary script in… | |
| CVE-2025-11663 | medium | 6.1 | 6.1 | 8mo ago | A weakness has been identified in Campcodes Online Beauty Parlor Management System 1.0. The affected element is an unknown function of the file /admin/manage-services.php. This manipulation of the ar… | |
| CVE-2025-52650 | medium | 6.1 | 6.1 | 8mo ago | Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0 | |
| CVE-2025-11512 | medium | 6.1 | 6.1 | 8mo ago | A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/voters_add.php. The manipulation of the argument Firstname/Lastna… | |
| CVE-2025-11435 | medium | 6.1 | 6.1 | 8mo ago | A security vulnerability has been detected in JhumanJ OpnForm up to 1.9.3. Affected by this vulnerability is an unknown functionality of the file /show/submissions. The manipulation leads to cross si… | |
| CVE-2025-11433 | medium | 6.1 | 6.1 | 8mo ago | A security flaw has been discovered in itsourcecode Leave Management System 1.0. This impacts the function redirect of the file /module/employee/controller.php?action=reset of the component Query Par… | |
| CVE-2025-11390 | medium | 6.1 | 6.1 | 8mo ago | A weakness has been identified in PHPGurukul Cyber Cafe Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php of the component POST Parameter Handl… | |
| CVE-2025-11332 | medium | 6.1 | 6.1 | 8mo ago | A vulnerability was determined in CmsEasy up to 7.7.7. This affects an unknown function in the library lib/inc/view.php of the component URL Handler. Executing a manipulation of the argument PHP_SELF… | |
| CVE-2025-11306 | medium | 6.1 | 6.1 | 8mo ago | A vulnerability was found in qianfox FoxCMS up to 1.2. This affects an unknown part of the file /index.php/Search of the component Search Page. The manipulation of the argument keyword results in cro… | |
| CVE-2025-11282 | medium | 6.1 | 6.1 | 8mo ago | A vulnerability was found in Frappe LMS 2.34.x/2.35.0. The impacted element is an unknown function of the component Incomplete Fix CVE-2025-55006. Performing a manipulation results in cross site scri… | |
| CVE-2025-11119 | medium | 6.1 | 6.1 | 8mo ago | A security flaw has been discovered in itsourcecode Hostel Management System 1.0. Impacted is an unknown function of the file /justines/index.php of the component POST Request Handler. Performing man… | |
| CVE-2025-11112 | medium | 6.1 | 6.1 | 8mo ago | A security vulnerability has been detected in PHPGurukul Employee Record Management System 1.3. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument First na… | |
| CVE-2025-10827 | medium | 6.1 | 6.1 | 8mo ago | A weakness has been identified in PHPJabbers Restaurant Menu Maker up to 1.1. Affected by this issue is some unknown functionality of the file /preview.php. This manipulation of the argument theme ca… | |
| CVE-2025-10794 | medium | 6.1 | 6.1 | 8mo ago | A flaw has been found in PHPGurukul Car Rental Project 3.0. Affected by this issue is some unknown functionality of the file /carrental/search.php. Executing manipulation of the argument autofocus ca… | |
| CVE-2025-10614 | medium | 6.1 | 6.1 | 8mo ago | A vulnerability was determined in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0 on COVID. This affects an unknown function of the file /print_reports_prev.php. Executing manip… | |
| CVE-2025-10606 | medium | 6.1 | 6.1 | 8mo ago | A weakness has been identified in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /module/Configuracao/ConfiguracaoMovimentoGeral. This manipulation of the argu… | |
| CVE-2025-10605 | medium | 6.1 | 6.1 | 8mo ago | A security flaw has been discovered in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /agenda_preferencias.php. The manipulation of the argument tipoacao results … | |
| CVE-2025-10590 | medium | 6.1 | 6.1 | 8mo ago | A security flaw has been discovered in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file /intranet/educar_usuario_det.php. The manipulation of the argument ref_p… | |
| CVE-2025-10566 | medium | 6.1 | 6.1 | 8mo ago | A vulnerability was identified in Campcodes Grocery Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /index.php?page=users. The manipulation of the arg… | |
| CVE-2025-10411 | medium | 6.1 | 6.1 | 9mo ago | A vulnerability was detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This issue affects some unknown processing of the file /stc-log-keeper/check_profile.php of the … | |
| CVE-2025-10373 | medium | 6.1 | 6.1 | 9mo ago | A security vulnerability has been detected in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /intranet/educar_turma_tipo_cad.php. Such manipulation of the arg… |