Total
299060 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-46203 | 1 Changeweb | 1 Unifiedtransform | 2025-06-10 | N/A | 6.5 MEDIUM |
| An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /students/edit/{id} endpoint. | |||||
| CVE-2025-46204 | 1 Changeweb | 1 Unifiedtransform | 2025-06-10 | N/A | 6.5 MEDIUM |
| An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /course/edit/{id} endpoint. | |||||
| CVE-2025-5614 | 1 Phpgurukul | 1 Online Fire Reporting System | 2025-06-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. Affected is an unknown function of the file /search-report-result.php. The manipulation of the argument serachdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5615 | 1 Phpgurukul | 1 Online Fire Reporting System | 2025-06-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /details.php. The manipulation of the argument requestid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5631 | 2 Anirbandutta9, Code-projects | 2 News-buzz, Content Management System | 2025-06-10 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been classified as critical. Affected is an unknown function of the file /publicposts.php. The manipulation of the argument post leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5632 | 2 Anirbandutta9, Code-projects | 2 News-buzz, Content Management System | 2025-06-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/users.php. The manipulation of the argument change_to_admin leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5633 | 2 Anirbandutta9, Code-projects | 2 News-buzz, Content Management System | 2025-06-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/users.php. The manipulation of the argument delete leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-3076 | 1 Mmilan81 | 1 Mm-email2image | 2025-06-10 | N/A | 3.8 LOW |
| The MM-email2image WordPress plugin through 0.2.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack | |||||
| CVE-2025-5649 | 1 Razormist | 1 Student Result Management System | 2025-06-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical has been found in SourceCodester Student Result Management System 1.0. This affects an unknown part of the file /admin/core/new_user of the component Register Interface. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5650 | 1 1000projects | 1 Online Notice Board | 2025-06-10 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in 1000projects Online Notice Board 1.0. This vulnerability affects unknown code of the file /register.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||
| CVE-2025-5651 | 1 Carmelogarcia | 1 Traffic Offense Reporting System | 2025-06-10 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability, which was classified as problematic, has been found in code-projects Traffic Offense Reporting System 1.0. This issue affects some unknown processing of the file saveuser.php. The manipulation of the argument user_id/username/email/name/position leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5653 | 1 Phpgurukul | 1 Complaint Management System | 2025-06-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/between-date-userreport.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5654 | 1 Phpgurukul | 1 Complaint Management System | 2025-06-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-state.php. The manipulation of the argument description leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5655 | 1 Phpgurukul | 1 Complaint Management System | 2025-06-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument subcategory leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5656 | 1 Phpgurukul | 1 Complaint Management System | 2025-06-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-category.php. The manipulation of the argument description leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5657 | 1 Phpgurukul | 1 Complaint Management System | 2025-06-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument uid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5658 | 1 Phpgurukul | 1 Complaint Management System | 2025-06-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/updatecomplaint.php. The manipulation of the argument Status leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5661 | 1 Carmelogarcia | 1 Traffic Offense Reporting System | 2025-06-10 | 3.3 LOW | 2.4 LOW |
| A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part of the file /save-settings.php of the component Setting Handler. The manipulation of the argument site_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5685 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-06-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5693 | 1 Anujk305 | 1 Human Metapneumovirus \(hmpv\) - Testing Management System | 2025-06-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-report-result.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||