Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-50493 | 1 Phpgurukul | 1 Doctor Appointment Management System | 2025-07-29 | N/A | N/A |
| Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Doctor Appointment Management System v1 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50494 | 1 Phpgurukul | 1 Car Washing Management System | 2025-07-29 | N/A | N/A |
| Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Car Washing Management System v1.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50490 | 1 Phpgurukul | 1 Student Result Management System | 2025-07-29 | N/A | N/A |
| Improper session invalidation in the component /elms/emp-changepassword.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50487 | 1 Phpgurukul | 1 Blood Bank \& Donor Management System | 2025-07-29 | N/A | N/A |
| Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood Bank & Donor Management System v2.4 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50486 | 1 Phpgurukul | 1 E-diary Management System | 2025-07-29 | N/A | N/A |
| Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car Rental Project v3.0 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-50485 | 1 Phpgurukul | 1 Online Course Registration | 2025-07-29 | N/A | N/A |
| Improper session invalidation in the component /crm/change-password.php of PHPGurukul Online Course Registration v3.1 allows attackers to execute a session hijacking attack. | |||||
| CVE-2025-8242 | 1 Totolink | 2 X15, X15 Firmware | 2025-07-29 | N/A | 7.5 HIGH |
| A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr/url/vpnPassword/vpnUser leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8246 | 1 Totolink | 2 X15, X15 Firmware | 2025-07-29 | N/A | 7.5 HIGH |
| A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formRoute of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8245 | 1 Totolink | 2 X15, X15 Firmware | 2025-07-29 | N/A | 7.5 HIGH |
| A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAPVLAN of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8244 | 1 Totolink | 2 X15, X15 Firmware | 2025-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8243 | 1 Totolink | 2 X15, X15 Firmware | 2025-07-29 | N/A | 7.5 HIGH |
| A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-8018 | 1 Carmelo | 1 Food Ordering Review System | 2025-07-29 | N/A | 8.8 HIGH |
| A vulnerability was found in code-projects Food Ordering Review System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /user/reservation_page.php. The manipulation of the argument reg_Id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||
| CVE-2025-7764 | 1 Anisha | 1 Online Appointment Booking System | 2025-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in code-projects Online Appointment Booking System 1.0. Affected is an unknown function of the file /admin/deletedoctorclinic.php. The manipulation of the argument clinic leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7765 | 1 Anisha | 1 Online Appointment Booking System | 2025-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in code-projects Online Appointment Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addmanagerclinic.php. The manipulation of the argument clinic leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7814 | 1 Carmelo | 1 Food Ordering Review System | 2025-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in code-projects Food Ordering Review System 1.0. This vulnerability affects unknown code of the file /pages/signup_function.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||
| CVE-2025-7833 | 1 Carmelo | 1 Church Donation System | 2025-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in code-projects Church Donation System 1.0. This issue affects some unknown processing of the file /members/giving.php. The manipulation of the argument Amount leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7931 | 1 Carmelo | 1 Church Donation System | 2025-07-29 | N/A | 7.3 HIGH |
| A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /members/admin_pic.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7930 | 1 Carmelo | 1 Church Donation System | 2025-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /members/add_members.php. The manipulation of the argument mobile leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||
| CVE-2025-7830 | 1 Carmelo | 1 Church Donation System | 2025-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /reg.php. The manipulation of the argument mobile leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||
| CVE-2025-7928 | 1 Carmelo | 1 Church Donation System | 2025-07-29 | N/A | 9.8 CRITICAL |
| A vulnerability was found in code-projects Church Donation System 1.0 and classified as critical. This issue affects some unknown processing of the file /members/edit_user.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||