Total
82278 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-8326 | 1 Code-projects | 1 Exam Form Submission | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in code-projects Exam Form Submission 1.0. Affected is an unknown function of the file /admin/delete_s7.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8407 | 1 Code-projects | 1 Vehicle Management | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, has been found in code-projects Vehicle Management 1.0. This issue affects some unknown processing of the file /filter2.php. The manipulation of the argument from leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-0314 | 1 Gitlab | 1 Gitlab | 2025-08-05 | N/A | 8.7 HIGH |
| An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.6.4, 17.7 before 17.7.3, and 17.8 before 17.8.1. Improper rendering of certain file types lead to cross-site scripting. | |||||
| CVE-2025-8376 | 1 Code-projects | 1 Vehicle Management | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in code-projects Vehicle Management 1.0. Affected is an unknown function of the file /updatebal.php. The manipulation of the argument company leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8375 | 1 Code-projects | 1 Vehicle Management | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects Vehicle Management 1.0. It has been rated as critical. This issue affects some unknown processing of the file /addvehicle.php. The manipulation of the argument vehicle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8374 | 1 Code-projects | 1 Vehicle Management | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects Vehicle Management 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /addcompany.php. The manipulation of the argument company leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8373 | 1 Code-projects | 1 Vehicle Management | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects Vehicle Management 1.0. It has been classified as critical. This affects an unknown part of the file /print.php. The manipulation of the argument sno leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8372 | 1 Code-projects | 1 Exam Form Submission | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/update_s7.php. The manipulation of the argument credits leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8371 | 1 Code-projects | 1 Exam Form Submission | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/update_s5.php. The manipulation of the argument credits leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2020-11709 | 1 Yhirose | 1 Cpp-httplib | 2025-08-05 | 5.0 MEDIUM | 7.5 HIGH |
| cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the set_redirect and set_header functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts. | |||||
| CVE-2025-49083 | 1 Absolute | 1 Secure Access | 2025-08-05 | N/A | 7.2 HIGH |
| CVE-2025-49083 is a vulnerability in the management console of Absolute Secure Access after version 12.00 and prior to version 13.56. Attackers with administrative access to the console can cause unsafe content to be deserialized and executed in the security context of the console. The attack complexity is low and there are no attack requirements. Privileges required are high and there is no user interaction required. The impact to confidentiality is low, impact to integrity is high and there is no impact to availability. The impact to the confidentiality and integrity of subsequent systems is low and there is no subsequent system impact to availability. | |||||
| CVE-2025-8339 | 1 Carmelo | 1 Intern Membership Management System | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /student_login.php. The manipulation of the argument user_name/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8131 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-08-05 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda AC20 16.03.08.05. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8160 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-08-05 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/SetSysTimeCfg of the component httpd. The manipulation of the argument timeZone leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8180 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-08-05 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formdeleteUserName of the file /goform/deleteUserName. The manipulation of the argument old_account leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8431 | 1 Phpgurukul | 1 Boat Booking System | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/add-boat.php. The manipulation of the argument boatname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8434 | 1 Anisha | 1 Online Movie Streaming | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as critical. Affected is an unknown function of the file /admin.php. The manipulation of the argument ID leads to missing authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8435 | 1 Anisha | 1 Online Movie Streaming | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin-control.php. The manipulation of the argument ID leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8437 | 1 Anisha | 1 Kitchen Treasure | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical has been found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8438 | 1 Anisha | 1 Wazifa System | 2025-08-05 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability classified as critical was found in code-projects Wazifa System 1.0. This vulnerability affects unknown code of the file /controllers/postpublish.php. The manipulation of the argument post leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||