CNA 2025

VulDB is an officially certified CVE Numbering Authority (CNA) by MITRE and Authorized Data Publisher (ADP) by NIST NVD. We are authorized to handle new vulnerability submissions, assign unique CVEs and disclose them. CVE is an international program to discover vulnerabilities which are then assigned and published to the CVE list. Partners coordinate such CVE entries to communicate consistent descriptions. Information technology and cybersecurity professionals all around the world use CVE records to ensure they are discussing the same issues, and to coordinate their efforts to prioritize and address these properly.

Vendor

PHPGurukul224
Not Defined153
code-projects147
SourceCodester98
D-Link63

Identifying all affected vendors is a good starting point for an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Product

PCMan FTP Server48
Campcodes Sales and Inventory System20
Open Asset Import Library Assimp20
ESAFENET CDG20
TOTOLINK A3002R18

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix125
Temporary Fix0
Workaround61
Unavailable1
Not Defined1567

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High1
Functional0
Proof-of-Concept1646
Unproven0
Not Defined107

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical8
Local130
Adjacent63
Network1553

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High140
Low880
None734

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required336
None1418

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

VulDB

≤10
≤24
≤397
≤4209
≤5220
≤6169
≤7452
≤8508
≤990
≤105

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

Exploit 0-day

<1k346
<2k527
<5k796
<10k15
<25k30
<50k40
<100k0
≥100k0

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

IDVulnerabilityScopeResponsibleSubmissionCreatedUpdatedCVESubmitCNA
309418Campcodes Online Shopping Portal forgot-password.php sql injectionVulDBVulDB05/13/202505/16/202505/16/2025CVE-2025-4875576265
accepted
309416PHPGurukul News Portal Project contactus.php sql injectionVulDBVulDB05/13/202505/16/202505/16/2025CVE-2025-4874576251
accepted
309415PHPGurukul News Portal Login index.php sql injectionVulDBVulDB05/13/202505/16/202505/16/2025CVE-2025-4873576244
accepted
309414FreeFloat FTP Server CCC Command buffer overflowVulDBVulDB05/12/202505/16/202505/16/2025CVE-2025-4872575631
accepted
309413PCMan FTP Server REST Command buffer overflowVulDBVulDB05/12/202505/16/202505/16/2025CVE-2025-4871575624
accepted
309412itsourcecode Restaurant Management System menu_save.php sql injectionVulDBVulDB05/12/202505/16/202505/16/2025CVE-2025-4870575553
accepted
309411itsourcecode Restaurant Management System member_update.php sql injectionVulDBVulDB05/12/202505/16/202505/16/2025CVE-2025-4869575552
accepted
309410merikbest ecommerce-spring-reactjs File Upload Endpoint admin path traversalVulDBVulDB05/12/202505/16/202505/16/2025CVE-2025-4868575506
accepted
309409Tenda A15 ArpNerworkSet formArpNerworkSet denial of serviceVulDBVulDB05/12/202505/16/202505/16/2025CVE-2025-4867575501
accepted
309408weibocom rill-flow Management Console code injectionVulDBVulDB05/12/202505/16/202505/16/2025CVE-2025-4866575478
accepted
309407itsourcecode Restaurant Management System member_save.php sql injectionVulDBVulDB05/12/202505/16/202505/16/2025CVE-2025-4865575466
accepted
309406itsourcecode Restaurant Management System finished.php sql injectionVulDBVulDB05/12/202505/16/202505/16/2025CVE-2025-4864575465
accepted
309405Advaya Softech GEMS ERP Portal studentLogin.action sql injectionVulDBVulDB05/11/202505/16/202505/16/2025CVE-2025-4863575384
accepted
309404PHPGurukul Directory Management System searchdata.php cross site scriptingVulDBVulDB05/11/202505/16/202505/16/2025CVE-2025-4862575355
accepted
309403PHPGurukul Beauty Parlour Management System admin-profile.php sql injectionVulDBVulDB05/11/202505/16/202505/16/2025CVE-2025-4861575230
accepted
309402D-Link DAP-2695 Static Pool Settings Page adv_dhcps.php cross site scriptingVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4860575103
accepted
309401D-Link DAP-2695 MAC Bypass Settings Page adv_macbypass.php cross site scriptingVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4859575101
accepted
309400D-Link DAP-2695 ARP Spoofing Prevention Page adv_arpspoofing.php cross site scriptingVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4858575100
accepted
309323TOTOLINK A3002R VPN Page cross site scriptingVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4852575099
accepted
309322TOTOLINK N300RH cstecgi.cgi setUploadUserData command injectionVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4851575074
accepted
309321TOTOLINK N300RH cstecgi.cgi setUnloadUserData command injectionVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4850575073
accepted
309320TOTOLINK N300RH cstecgi.cgi CloudACMunualUpdateUserdata command injectionVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4849575072
accepted
309317FreeFloat FTP Server RECV Command buffer overflowVulDBVulDB05/07/202505/16/202505/16/2025CVE-2025-4848572492
accepted
309316FreeFloat FTP Server MLS Command buffer overflowVulDBVulDB05/07/202505/16/202505/16/2025CVE-2025-4847572487
accepted
309315FreeFloat FTP Server MPUT Command buffer overflowVulDBVulDB05/07/202505/16/202505/16/2025CVE-2025-4846572486
accepted
309314FreeFloat FTP Server TRACE Command buffer overflowVulDBVulDB05/07/202505/16/202505/16/2025CVE-2025-4845572483
accepted
309313FreeFloat FTP Server CD Command buffer overflowVulDBVulDB05/07/202505/16/202505/16/2025CVE-2025-4844572475
accepted
309310D-Link DCS-932L ucp isUCPCameraNameChanged stack-based overflowVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4842574925
accepted
309309D-Link DCS-932L udev SubUPnPCSInit stack-based overflowVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4843574926
accepted
309308D-Link DCS-932L gpio sub_404780 stack-based overflowVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4841574924
accepted
309307itwanger paicoding CrossUtil.java cross-domain policyVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4839574826
accepted
309306kanwangzjm Funiture Login LoginServlet.java doPost redirectVulDBVulDB05/10/202505/16/202505/16/2025CVE-2025-4838574825
accepted
309303projectworlds Student Project Allocation System make_group_sql.php sql injectionVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4837574646
accepted
309302Projectworlds Life Insurance Management System deleteAgent.php sql injectionVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4836574617
accepted
309301TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formWlanRedirect buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4835574608
accepted
309300TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formSetLg buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4834574607
accepted
309299TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formNtp buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4833574606
accepted
309298TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formDosCfg buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4832574605
accepted
309297TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formSiteSurveyProfile buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4831574604
accepted
309296TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formSysCmd buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4830574600
accepted
309295TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formStats sub_40BE30 buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4829574599
accepted
309288TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formSaveConfig buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4827574598
accepted
309287TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formWirelessTbl buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4826574597
accepted
309286TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formDMZ buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4825574596
accepted
309285TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formWsc buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4824574594
accepted
309284TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formReflashClientTbl submit-url buffer overflowVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4823574593
accepted
309276y_project RuoYi Offline Logout batchForceLogout improper authorizationVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4819574443
accepted
309275SourceCodester Doctor's Appointment System GET Parameter delete-doctor.php sql injectionVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4818574219
accepted
309274Sourcecodester Doctor's Appointment System GET Parameter delete-appointment.php sql injectionVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4817574178
accepted
309273SourceCodester Doctor's Appointment System GET Parameter appointment.php sql injectionVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4816574129
accepted
309272Campcodes Sales and Inventory System supplier_update.php sql injectionVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4815574082
accepted
309271Campcodes Sales and Inventory System supplier_add.php sql injectionVulDBVulDB05/09/202505/16/202505/16/2025CVE-2025-4814574081
accepted
309270PHPGurukul Human Metapneumovirus Testing Management System edit-phlebotomist.php sql injectionVulDBVulDB05/08/202505/16/202505/16/2025CVE-2025-4813573888
accepted
309269PHPGurukul Human Metapneumovirus Testing Management System profile.php sql injectionVulDBVulDB05/08/202505/16/202505/16/2025CVE-2025-4812573886
accepted
309266CodeAstro Pharmacy Management System Login index.php sql injectionVulDBVulDB05/08/202505/16/202505/16/2025CVE-2025-4811573700
accepted
309265Tenda AC7 SetRebootTimer formSetRebootTimer stack-based overflowVulDBVulDB05/08/202505/16/202505/16/2025CVE-2025-4810573643
accepted
309264Tenda AC7 setMacFilterCfg fromSafeSetMacFilter stack-based overflowVulDBVulDB05/08/202505/16/202505/16/2025CVE-2025-4809573642
accepted
309263PHPGurukul Park Ticketing Management System add-normal-ticket.php sql injectionVulDBVulDB05/07/202505/16/202505/16/2025CVE-2025-4808572602
accepted
309261SourceCodester Online Student Clearance System exposure of information through directory listingVulDBVulDB05/06/202505/16/202505/16/2025CVE-2025-4807572238
accepted
309260SourceCodester/oretnom23 Stock Management System view_bo sql injectionVulDBVulDB05/06/202505/16/202505/16/2025CVE-2025-4806572219
accepted
309105gongfuxiang schoolcms index.php SaveInfo sql injectionVulDBVulDB05/07/202505/15/202505/16/2025CVE-2025-4795572601
accepted
309103PHPGurukul Online Course Registration news.php sql injectionVulDBVulDB05/07/202505/15/202505/16/2025CVE-2025-4794572508
accepted
309102PHPGurukul Online Course Registration edit-student-profile.php sql injectionVulDBVulDB05/07/202505/15/202505/16/2025CVE-2025-4793572507
accepted
309101FreeFloat FTP Server MDELETE Command buffer overflowVulDBVulDB05/07/202505/15/202505/16/2025CVE-2025-4792572481
accepted
309100FreeFloat FTP Server HASH Command buffer overflowVulDBVulDB05/07/202505/15/202505/16/2025CVE-2025-4791572480
accepted
309099FreeFloat FTP Server GLOB Command buffer overflowVulDBVulDB05/07/202505/15/202505/16/2025CVE-2025-4790572479
accepted
309098FreeFloat FTP Server LCD Command buffer overflowVulDBVulDB05/07/202505/15/202505/15/2025CVE-2025-4789572478
accepted
309097FreeFloat FTP Server DELETE Command buffer overflowVulDBVulDB05/07/202505/15/202505/16/2025CVE-2025-4788572476
accepted
309096SourceCodester/oretnom23 Stock Management System view_sale sql injectionVulDBVulDB05/06/202505/15/202505/16/2025CVE-2025-4787572333
accepted
309095SourceCodester/oretnom23 Stock Management System view_return sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4786572297
accepted
309086PHPGurukul Daily Expense Tracker System user-profile.php sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4785572264
accepted
309082SourceCodester/oretnom23 Stock Management System view_receiving sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4782572195
accepted
309078PHPGurukul Park Ticketing Management System forgot-password.php sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4781572164
accepted
309077PHPGurukul Park Ticketing Management System foreigner-search.php sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4780572163
accepted
309076PHPGurukul Park Ticketing Management System normal-search.php sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4778572161
accepted
309075PHPGurukul Park Ticketing Management System view-foreigner-ticket.php sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4777572155
accepted
309074PHPGurukul Online Course Registration level.php sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4773572144
accepted
309073PHPGurukul Online Course Registration department.php sql injectionVulDBVulDB05/06/202505/15/202505/16/2025CVE-2025-4772572143
accepted
309072PHPGurukul Online Course Registration course.php sql injectionVulDBVulDB05/06/202505/15/202505/16/2025CVE-2025-4771572135
accepted
309071PHPGurukul Park Ticketing Management System view-normal-ticket.php sql injectionVulDBVulDB05/06/202505/15/202505/16/2025CVE-2025-4770572134
accepted
309070CBEWIN Anytxt Searcher ATService.exe uncontrolled search pathVulDBVulDB05/06/202505/15/202505/16/2025CVE-2025-4769571820
accepted
309069feng_ha_ha/megagao ssm-erp/production_ssm PictureServiceImpl.java uploadPicture unrestricted uploadVulDBVulDB05/06/202505/15/202505/16/2025CVE-2025-4768571737
accepted
309068defog-ai introspect Test Endpoint integration_routes.py test_custom_tool code injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4767571363
accepted
309067PHPGurukul Zoo Management System profile.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4766571351
accepted
309066PHPGurukul Zoo Management System contactus.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4765571345
accepted
309064PHPGurukul Complaint Management System admin-profile.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4761571314
accepted
309060PHPGurukul Beauty Parlour Management System contact.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4758571306
accepted
309059PHPGurukul Beauty Parlour Management System forgot-password.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4757571303
accepted
309058D-Link DI-7003GV2 restart.asp denial of serviceVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4756571077
accepted
309057D-Link DI-7003GV2 netconfig.asp sub_497DE4 improper authenticationVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4755571073
accepted
309056D-Link DI-7003GV2 login.data information disclosureVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4753571072
accepted
309055D-Link DI-7003GV2 install_base.data information disclosureVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4752571071
accepted
309054D-Link DI-7003GV2 index.data information disclosureVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4751571070
accepted
309053D-Link DI-7003GV2 Configuration get_version.data information disclosureVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4750571069
accepted
309052D-Link DI-7003GV2 Factory Reset backup.asp sub_4983B0 denial of serviceVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4749571068
accepted
309047Bohua NetDragon Firewall ip_status.php command injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4747571035
accepted
309046Campcodes Sales and Inventory System purchase_delete.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4746571020
accepted
309045code-projects Employee Record System current_employees.php cross site scriptingVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4745570967
accepted
309044code-projects Employee Record System edit_employee.php cross site scriptingVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4744570965
accepted
309043code-projects Employee Record System getData.php sql injectionVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4743570963
accepted
309042XU-YIJIE grpo-flat grpo_vanilla.py main deserializationVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4742570923
accepted
309041Campcodes Sales and Inventory System purchase_add.php sql injectionVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4741570913
accepted
309040BeamCtrl Airiana coef deserializationVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4740570888
accepted
309039projectworlds Hospital Database Management System medicines_info.php sql injectionVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4739570855
accepted
309038PHPGurukul Daily Expense Tracker register.php sql injectionVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4736570814
accepted
309037Campcodes Sales and Inventory System product.php unrestricted uploadVulDBVulDB05/03/202505/15/202505/16/2025CVE-2025-4735570715
accepted
309036Campcodes Sales and Inventory System ci_update.php sql injectionVulDBVulDB05/03/202505/15/202505/16/2025CVE-2025-4734570714
accepted
309035TOTOLINK A3002R/A3002RU HTTP POST Request formIpQoS buffer overflowVulDBVulDB05/03/202505/15/202505/16/2025CVE-2025-4733570703
accepted
309034TOTOLINK A3002R/A3002RU HTTP POST Request formFilter buffer overflowVulDBVulDB05/03/202505/15/202505/16/2025CVE-2025-4732570690
accepted
309033TOTOLINK A3002R/A3002RU HTTP POST Request formPortFw buffer overflowVulDBVulDB05/03/202505/15/202505/16/2025CVE-2025-4731570688
accepted
309032TOTOLINK A3002R/A3002RU HTTP POST Request formMapDel buffer overflowVulDBVulDB05/03/202505/15/202505/16/2025CVE-2025-4730570687
accepted
309031TOTOLINK A3002R/A3002RU HTTP POST Request formMapDelDevice command injectionVulDBVulDB05/03/202505/15/202505/16/2025CVE-2025-4729570686
accepted
309030SourceCodester Best Online News Portal search.php sql injectionVulDBVulDB05/03/202505/15/202505/16/2025CVE-2025-4728570677
accepted
309029Meteor livedata_server.js Object.assign redosVulDBVulDB05/03/202505/15/202505/16/2025CVE-2025-4727570441
accepted
309028itsourcecode Placement Management System view_student.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4726570010
accepted
309027itsourcecode Placement Management System view_drive.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4725569977
accepted
309026itsourcecode Placement Management System student_profile.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4724569974
accepted
309025itsourcecode Placement Management System all_student.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4723569965
accepted
309024itsourcecode Placement Management System edit_profile.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4722569951
accepted
309023itsourcecode Placement Management System drive.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4721569945
accepted
309022SourceCodester Student Result Management System drop_student.php path traversalVulDBVulDB05/02/202505/15/202505/15/2025CVE-2025-4720569855
accepted
309020Campcodes Sales and Inventory System cash_transaction.php sql injectionVulDBVulDB05/01/202505/15/202505/16/2025CVE-2025-4719568387
accepted
309019Campcodes Sales and Inventory System customer_add.php sql injectionVulDBVulDB05/01/202505/15/202505/16/2025CVE-2025-4718568386
accepted
309018PHPGurukul Company Visitor Management System visitors-form.php sql injectionVulDBVulDB05/01/202505/15/202505/16/2025CVE-2025-4717568331
accepted
309014Campcodes Sales and Inventory System credit_transaction_add.php sql injectionVulDBVulDB05/01/202505/15/202505/16/2025CVE-2025-4716568296
accepted
309013Campcodes Sales and Inventory System view_application.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4715568295
accepted
309012Campcodes Sales and Inventory System reprint.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4714568294
accepted
309011Campcodes Sales and Inventory System print.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4713568293
accepted
309010Campcodes Sales and Inventory System account_summary.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4712568292
accepted
309009Campcodes Sales and Inventory System stockin_add.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4711568291
accepted
309008Campcodes Sales and Inventory System transaction.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4710568290
accepted
309007Campcodes Sales and Inventory System transaction_del.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4709568289
accepted
309006Campcodes Sales and Inventory System sales_add.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4708568288
accepted
309005Campcodes Sales and Inventory System transaction_add.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4707568287
accepted
309004projectworlds Online Examination System Procedure3b_yearwiseVisit.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4706567923
accepted
309003PHPGurukul Vehicle Parking Management System view-incomingvehicle-detail.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4705567827
accepted
309002PHPGurukul Vehicle Parking Management System edit-category.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4704567821
accepted
309001PHPGurukul Vehicle Parking Management System admin-profile.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4703567820
accepted
309000PHPGurukul Vehicle Parking Management System add-category.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4702567805
accepted
308999VITA-MLLM Freeze-Omni utils.py torch.load deserializationVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4701567796
accepted
308998PHPGurukul Apartment Visitors Management System visitors-form.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4699567738
accepted
308997PHPGurukul Directory Management System forget-password.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4698567695
accepted
308996PHPGurukul Directory Management System edit-directory.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4697567694
accepted
308995PHPGurukul Cyber Cafe Management System search.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4696567683
accepted
308994PHPGurukul Cyber Cafe Management System add-users.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4695567673
accepted
308301PHPGurukul Apartment Visitors Management System bwdates-passreports-details.php sql injectionVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4554567586
accepted
308300PHPGurukul Apartment Visitors Management System bwdates-reports-details.php sql injectionVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4553567584
accepted
308299ContiNew Admin password unverified password changeVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4552567572
accepted
308298ContiNew Admin file cross site scriptingVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4551567568
accepted
308297PHPGurukul Apartment Visitors Management System pass-details.php sql injectionVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4550567567
accepted
308296Campcodes Online Food Ordering System register-router.php sql injectionVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4549567549
accepted
308295Campcodes Online Food Ordering System router.php sql injectionVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4548567547
accepted
308294SourceCodester Web-based Pharmacy Product Management System Add User Page cross site scriptingVulDBVulDB04/29/202505/10/202505/11/2025CVE-2025-4547567497
accepted
3082931Panel-dev MaxKB Knowledge Base Module csv injectionVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4546566517
accepted
308292CTCMS Content Management System File Tpl.php del path traversalVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4545566498
accepted
308291D-Link DI-8100 jhttpd ddos.asp stack-based overflowVulDBVulDB04/20/202505/10/202505/11/2025CVE-2025-4544562695
accepted
308289LyLme Spage ajax_link.php sql injectionVulDBVulDB04/29/202505/10/202505/12/2025CVE-2025-4543567290
accepted
308288Freeebird Hotel 酒店管理系统 API SessionInterceptor.java cross-domain policyVulDBVulDB04/29/202505/10/202505/12/2025CVE-2025-4542567214
accepted
308286LmxCMS POST Request ZtAction.class.php manageZt sql injectionVulDBVulDB04/29/202505/10/202505/12/2025CVE-2025-4541567191
accepted
308285MTSoftware C-Lodop CLodopPrintService unquoted search pathVulDBVulDB04/28/202505/10/202505/12/2025CVE-2025-4540566789
accepted
308284Hainan ToDesk DLL File Parser profapi.dll uncontrolled search pathVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4539566698
accepted
308283kkFileView fileUpload unrestricted uploadVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4538566596
accepted
308282yangzongzhuan RuoYi-Vue Password login.vue sensitive information in a cookieVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4537566469
accepted
308281Gosuncn Technology Group Audio-Visual Integrated Management Platform listByPage information disclosureVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4536566425
accepted
308280Gosuncn Technology Group Audio-Visual Integrated Management Platform Configuration File config.properties information disclosureVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4535566424
accepted
308279SunGrow Logger1000 weak passwordVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4534566423
accepted
308278JeecgBoot Document Library Upload zip unzipFile resource consumptionVulDBVulDB04/27/202505/10/202505/11/2025CVE-2025-4533566192
accepted
308277Shanghai Bairui Information Technology SunloginClient sunlogin_guard.exe uncontrolled search pathVulDBVulDB04/27/202505/10/202505/11/2025CVE-2025-4532566141
accepted
308276Seeyon Zhiyuan OA Web Application System Beetl Template EhrSalaryPayrollServiceImpl.class postData code injectionVulDBVulDB04/27/202505/10/202505/11/2025CVE-2025-4531566097
accepted
308275feng_ha_ha/megagao ssm-erp/production_ssm File FileController.java handleFileDownload path traversalVulDBVulDB04/25/202505/10/202505/11/2025CVE-2025-4530565380
accepted
308274Seeyon Zhiyuan OA Web Application System ZIP File M3CoreController.class download path traversalVulDBVulDB04/25/202505/10/202505/11/2025CVE-2025-4529565379
accepted
308273Dígitro NGC Explorer session expirationVulDBVulDB04/24/202505/10/202505/11/2025CVE-2025-4528565309
accepted
308272Dígitro NGC Explorer Password Transmission client-side enforcement of server-side securityVulDBVulDB04/24/202505/10/202505/11/2025CVE-2025-4527565308
accepted
308271Dígitro NGC Explorer Configuration Page missing password field maskingVulDBVulDB04/24/202505/10/202505/11/2025CVE-2025-4526565307
accepted
308270Discord WINSTA.dll uncontrolled search pathVulDBVulDB04/21/202505/10/202505/11/2025CVE-2025-4525562788
accepted
308235Zylon PrivateGPT settings.yaml cross-domain policyVulDBVulDB04/23/202505/09/202505/10/2025CVE-2025-4515564451
accepted
308234Zhengzhou Jiuhua Electronic Technology mayicms javascript.php sql injectionVulDBVulDB04/23/202505/09/202505/10/2025CVE-2025-4514564243
accepted
308233Catalyst User Key Authentication Plugin Logout logout.php redirectVulDBVulDB04/23/202505/09/202505/10/2025CVE-2025-4513564090
accepted
308232Inetum IODAS app.jsp cross site scriptingVulDBVulDB04/22/202505/09/202505/10/2025CVE-2025-4512563733
accepted
308231vector4wang spring-boot-quick quick-img2txt Img2TxtController.java ResponseEntity path traversalVulDBVulDB04/22/202505/09/202505/10/2025CVE-2025-4511563538
accepted
308230Changjietong UFIDA CRM optntyday.php sql injectionVulDBVulDB04/25/202505/09/202505/10/2025CVE-2025-4510565531
accepted
308225PHPGurukul e-Diary Management System manage-notes.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4509567288
accepted
308224PHPGurukul e-Diary Management System my-profile.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4508567263
accepted
308223Campcodes Online Food Ordering System add-item.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4507567170
accepted
308222Campcodes Online Food Ordering System menu-router.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4506567169
accepted
308221PHPGurukul Apartment Visitors Management System category.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4505567166
accepted
308220SourceCodester Online College Library System index.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4504567156
accepted
308219Campcodes Sales and Inventory System customer_update.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4503567145
accepted
308218Campcodes Sales and Inventory System creditor_add.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4502567144
accepted
308217code-projects Album Management System Search Albums searchalbum stack-based overflowVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4501567111
accepted
308216code-projects Hotel Management System Edit Room edit stack-based overflowVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4500567110
accepted
308215code-projects Simple Hospital Management System Add Information add stack-based overflowVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4499567109
accepted
308214code-projects Simple Bus Reservation System Install Bus install stack-based overflowVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4498567108
accepted
308213code-projects Simple Banking System Sign In buffer overflowVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4497567082
accepted
308212TOTOLINK T10/A3100R/A950RG/A800R/N600R/A3000RU/A810R cstecgi.cgi CloudACMunualUpdate buffer overflowVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4496567081
accepted
308209JAdmin-JAVA JAdmin save cross site scriptingVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4495566985
accepted
308208JAdmin-JAVA JAdmin Admin Backend NoNeedLoginController.java toLogin improper authenticationVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4494566984
accepted
308207Campcodes Online Food Ordering System ticket-message.php sql injectionVulDBVulDB04/28/202505/09/202505/10/2025CVE-2025-4492566787
accepted
308206Campcodes Online Food Ordering System ticket-status.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4491566786
accepted
308205Campcodes Online Food Ordering System view-ticket-admin.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4490566785
accepted
308204Campcodes Online Food Ordering System user-router.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4489566784
accepted
308203itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4488566783
accepted
308202itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4487566782
accepted
308201itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4486566781
accepted
308200itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4485566780
accepted
308199itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4484566779
accepted
308198itsourcecode Gym Management System view_pdetails.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4483566778
accepted
308197Project Worlds Student Project Allocation System forgot_password_sql.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4482566719
accepted
308195SourceCodester Apartment Visitor Management System search-result.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4481566671
accepted
308194code-projects Simple College Management System Add New Student input stack-based overflowVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4480566525
accepted
308094code-projects Departmental Store Management System bill stack-based overflowVulDBVulDB04/28/202505/08/202505/08/2025CVE-2025-4472566516
accepted
308090code-projects Jewelery Store Management system Search Item View stack-based overflowVulDBVulDB04/27/202505/08/202505/10/2025CVE-2025-4471566273
accepted
308089SourceCodester Online Student Clearance System add-student.php cross site scriptingVulDBVulDB04/27/202505/08/202505/08/2025CVE-2025-4470566249
accepted
308088SourceCodester Online Student Clearance System add-admin.php cross site scriptingVulDBVulDB04/27/202505/08/202505/16/2025CVE-2025-4469566248
accepted
308087SourceCodester Online Student Clearance System edit-photo.php unrestricted uploadVulDBVulDB04/27/202505/08/202505/08/2025CVE-2025-4468566246
accepted
308086SourceCodester Online Student Clearance System edit-admin.php sql injectionVulDBVulDB04/27/202505/08/202505/15/2025CVE-2025-4467566245
accepted
308085itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/27/202505/08/202505/09/2025CVE-2025-4466566105
accepted
308084itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/27/202505/08/202505/09/2025CVE-2025-4465566104
accepted
308083itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/26/202505/08/202505/09/2025CVE-2025-4464565990
accepted
308082itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/26/202505/08/202505/09/2025CVE-2025-4463565984
accepted
308081TOTOLINK N150RT formWsc buffer overflowVulDBVulDB04/26/202505/08/202505/09/2025CVE-2025-4462565958
accepted
308080TOTOLINK N150RT Virtual Server Page cross site scriptingVulDBVulDB04/26/202505/08/202505/09/2025CVE-2025-4461565957
accepted
308079TOTOLINK N150RT URL Filtering Page cross site scriptingVulDBVulDB04/26/202505/08/202505/09/2025CVE-2025-4460565956
accepted
308078code-projects Patient Record Management System fecalysis_form.php sql injectionVulDBVulDB04/25/202505/08/202505/09/2025CVE-2025-4459565464
accepted
308077code-projects Patient Record Management System edit_upatient.php sql injectionVulDBVulDB04/25/202505/08/202505/09/2025CVE-2025-4458565463
accepted
308071Project Worlds Car Rental Project approve.php sql injectionVulDBVulDB04/25/202505/08/202505/09/2025CVE-2025-4457565445
accepted
308070Project Worlds Car Rental Project signup.php sql injectionVulDBVulDB04/25/202505/08/202505/09/2025CVE-2025-4456565441
accepted
308069Patch My PC Home Updater System.IO uncontrolled search pathVulDBVulDB04/19/202505/08/202505/09/2025CVE-2025-4455562440
accepted
308068D-Link DIR-619L wake_on_lan command injectionVulDBVulDB04/17/202505/08/202505/09/2025CVE-2025-4454560798
accepted
308067D-Link DIR-619L formSysCmd command injectionVulDBVulDB04/17/202505/08/202505/09/2025CVE-2025-4453560797
accepted
308066D-Link DIR-619L formSetWizard2 buffer overflowVulDBVulDB04/17/202505/08/202505/09/2025CVE-2025-4452560795
accepted
308065D-Link DIR-619L formSetWAN_Wizard52 buffer overflowVulDBVulDB04/17/202505/08/202505/09/2025CVE-2025-4451560793
accepted
308064D-Link DIR-619L formSetEasy_Wizard buffer overflowVulDBVulDB04/17/202505/08/202505/09/2025CVE-2025-4450560792
accepted
308063D-Link DIR-619L formEasySetupWizard3 buffer overflowVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4449558358
accepted
308062D-Link DIR-619L formEasySetupWizard buffer overflowVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4448558357
accepted
308056H3C GR-5400AX aspForm Edit_List_SSID buffer overflowVulDBVulDB04/18/202505/08/202505/09/2025CVE-2025-4446561866
accepted
308052D-Link DIR-605L wake_on_lan command injectionVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4445558356
accepted
308051D-Link DIR-605L sub_454F2C command injectionVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4443558355
accepted
308050D-Link DIR-605L formSetWAN_Wizard55 buffer overflowVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4442558352
accepted
308049D-Link DIR-605L formSetWAN_Wizard534 buffer overflowVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4441558351
accepted
308048H3C GR-1800AX aspForm EnableIpv6 buffer overflowVulDBVulDB04/12/202505/08/202505/09/2025CVE-2025-4440557087
accepted
307488Tenda AC8 MtuSetMacWan formGetRouterStatus buffer overflowVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4368564812
accepted
307487itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4363564759
accepted
307486itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4362564758
accepted
307485PHPGurukul Company Visitor Management System department.php sql injectionVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4361564750
accepted
307478itsourcecode Gym Management System view_member.php sql injectionVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4360564748
accepted
307477itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4359564746
accepted
307476PHPGurukul Company Visitor Management System admin-profile.php sql injectionVulDBVulDB04/24/202505/05/202505/15/2025CVE-2025-4358564733
accepted
307475Tenda RX3 telnet command injectionVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4357564727
accepted
307474Tenda DAP-1520 Authentication storage mod_graph_auth_uri_handler stack-based overflowVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4356564722
accepted
307473Tenda DAP-1520 api set_ws_action heap-based overflowVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4355564720
accepted
307472Tenda DAP-1520 storage check_dws_cookie stack-based overflowVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4354564719
accepted
307470Golden Link Secondary System queryTsDictionaryType.htm sql injectionVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4353564593
accepted
307469Golden Link Secondary System tcEntrFlowSelect.htm sql injectionVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4352564592
accepted
307468D-Link DIR-600L wake_on_lan command injectionVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4350558303
accepted
307467D-Link DIR-600L formSysCmd command injectionVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4349558302
accepted
307466D-Link DIR-600L formSetWanL2TP buffer overflowVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4348558301
accepted
307465D-Link DIR-600L formWlSiteSurvey buffer overflowVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4347558300
accepted
307464D-Link DIR-600L formSetWAN_Wizard534 buffer overflowVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4346558299
accepted
307463D-Link DIR-600L formSetLog buffer overflowVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4345558298
accepted
307462D-Link DIR-600L formEasySetupWizard buffer overflowVulDBVulDB04/15/202505/05/202505/05/2025CVE-2025-4343558296
accepted
307461D-Link DIR-600L formLogin buffer overflowVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4344558297
accepted
307460D-Link DIR-600L formEasySetupWizard3 buffer overflowVulDBVulDB04/15/202505/05/202505/05/2025CVE-2025-4342558295
accepted
307459D-Link DIR-880L Request Header ssdpcgi sub_16570 command injectionVulDBVulDB04/11/202505/05/202505/05/2025CVE-2025-4341556433
accepted
307458D-Link DIR-890L/DIR-806A1 soap.cgi sub_175C8 command injectionVulDBVulDB04/10/202505/05/202505/05/2025CVE-2025-4340556092
accepted
307437feng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java uploadFile unrestricted uploadVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4333564591
accepted
307436PHPGurukul Company Visitor Management System visitor-detail.php sql injectionVulDBVulDB04/23/202505/05/202505/09/2025CVE-2025-4332564339
accepted
307432SourceCodester Online Student Clearance System login.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4331564329
accepted
30743074CMS index path traversalVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4329564318
accepted
307429fp2952 spring-cloud-base HTTP Header MvcController.java sendBack redirectVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4328564161
accepted
307428MRCMS cross-site request forgeryVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4327563555
accepted
307427MRCMS Add Fragment Page add.do cross site scriptingVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4326563549
accepted
307426MRCMS Category Management Page add.do cross site scriptingVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4325563545
accepted
307425MRCMS External Link Management Page edit.do cross site scriptingVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4324563543
accepted
307424MRCMS Edit Article Page cross site scriptingVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4323563540
accepted
307417SourceCodester Advanced Web Store index.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4314564314
accepted
307416SourceCodester Advanced Web Store admin_addnew_product.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4313564311
accepted
307415SourceCodester Advanced Web Store productdetail.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4312564301
accepted
307414itsourcecode Content Management System update_main_topic_img.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4311564230
accepted
307413itsourcecode Content Management System add_topic.php unrestricted uploadVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4310564206
accepted
307412PHPGurukul Art Gallery Management System add-art-type.php sql injectionVulDBVulDB04/23/202505/05/202505/09/2025CVE-2025-4309564207
accepted
307411PHPGurukul Art Gallery Management System add-art-type.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4308564188
accepted
307410PHPGurukul Art Gallery Management System add-art-medium.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4307564179
accepted
307409PHPGurukul Nipah Virus Testing Management System edit-phlebotomist.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4306564120
accepted
307408kefaming mayi File.php upload unrestricted uploadVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4305563784
accepted
307407PHPGurukul Cyber Cafe Management System adminprofile.php sql injectionVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4304563723
accepted
307406PHPGurukul Human Metapneumovirus Testing Management System add-phlebotomist.php sql injectionVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4303563706
accepted
307405itsourcecode Content Management System search-notice.php sql injectionVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4301563625
accepted
307404itsourcecode Content Management System search_list.php sql injectionVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4300563623
accepted
307403Tenda AC1206 openSchedWifi setSchedWifi buffer overflowVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4299563558
accepted
307402Tenda AC1206 setcfm formSetCfm buffer overflowVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4298563557
accepted
307401PHPGurukul Men Salon Management System change-password.php sql injectionVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4297563548
accepted
307400MRCMS Group Edit Page edit.do cross site scriptingVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4293563534
accepted
307399MRCMS Edit User Page edit.do cross site scriptingVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4292563533
accepted
307398IdeaCMS saveUpload unrestricted uploadVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4291563522
accepted
307397PCMan FTP Server SMNT Command buffer overflowVulDBVulDB04/17/202505/05/202505/06/2025CVE-2025-4290561628
accepted
307396PCMan FTP Server RNTO Command buffer overflowVulDBVulDB04/17/202505/05/202505/05/2025CVE-2025-4289561626
accepted
307395PCMan FTP Server RNFR Command buffer overflowVulDBVulDB04/17/202505/05/202505/05/2025CVE-2025-4288561625
accepted
307394PyTorch nccl.py torch.cuda.nccl.reduce denial of serviceVulDBVulDB04/08/202505/05/202505/05/2025CVE-2025-4287553644
accepted
307392Intelbras InControl Dispositivos Edição Page credentials storageVulDBVulDB01/16/202505/05/202505/05/2025CVE-2025-4286483834
accepted
307391SourceCodester/oretnom23 Stock Management System Login.php sql injectionVulDBVulDB04/21/202505/05/202505/05/2025CVE-2025-4283563175
accepted
307390SourceCodester/oretnom23 Stock Management System Users.php cross-site request forgeryVulDBVulDB04/21/202505/05/202505/05/2025CVE-2025-4282563102
accepted
307389Shenzhen Sixun Software Sixun Shanghui Group Business Management System LoadData information disclosureVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4281563515
accepted
307376Mechrevo Control Console GCUService csCAPI.dll uncontrolled search pathVulDBVulDB04/22/202505/04/202505/05/2025CVE-2025-4272563468
accepted
307375TOTOLINK A720R cstecgi.cgi information disclosureVulDBVulDB04/22/202505/04/202505/05/2025CVE-2025-4271563444
accepted
307374TOTOLINK A720R Config cstecgi.cgi information disclosureVulDBVulDB04/22/202505/04/202505/05/2025CVE-2025-4270563442
accepted
307373TOTOLINK A720R Log cstecgi.cgi access controlVulDBVulDB04/22/202505/04/202505/05/2025CVE-2025-4269563430
accepted
307372TOTOLINK A720R cstecgi.cgi missing authenticationVulDBVulDB04/22/202505/04/202505/05/2025CVE-2025-4268563429
accepted
307371SourceCodester/oretnom23 Stock Management System Purchase Order Details Page view_po sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4267563231
accepted
307370PHPGurukul Notice Board System bwdates-reports-details.php sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4266563148
accepted
307369PHPGurukul Emergency Ambulance Hiring Portal contact-us.php sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4265562993
accepted
307368PHPGurukul Emergency Ambulance Hiring Portal edit-ambulance.php sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4264562992
accepted
307367PHPGurukul Online DJ Booking Management System booking-search.php sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4263562991
accepted
307366PHPGurukul Online DJ Booking Management System user-search.php sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4262562965
accepted
307365GAIR-NLP factool tool.py run_single code injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4261562942
accepted
307364zhangyanbo2007 youkefu TemplateController.java impsave deserializationVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4260562902
accepted
307363newbee-mall UploadController.java upload unrestricted uploadVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4259562865
accepted
307362zhangyanbo2007 youkefu MediaController.java upload unrestricted uploadVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4258562848
accepted
307361SeaCMS admin_pay.php cross site scriptingVulDBVulDB04/20/202505/04/202505/05/2025CVE-2025-4257562719
accepted
307360SeaCMS admin_paylog.php cross site scriptingVulDBVulDB04/20/202505/04/202505/05/2025CVE-2025-4256562718
accepted
307359PCMan FTP Server RMD Command buffer overflowVulDBVulDB04/17/202505/04/202505/05/2025CVE-2025-4255561623
accepted
307358PCMan FTP Server LIST Command buffer overflowVulDBVulDB04/17/202505/04/202505/05/2025CVE-2025-4254561611
accepted
307357PCMan FTP Server HASH Command buffer overflowVulDBVulDB04/17/202505/04/202505/05/2025CVE-2025-4253561609
accepted
307356PCMan FTP Server APPEND Command buffer overflowVulDBVulDB04/17/202505/04/202505/05/2025CVE-2025-4252561606
accepted
307355PCMan FTP Server RMDIR Command buffer overflowVulDBVulDB04/17/202505/04/202505/05/2025CVE-2025-4251561597
accepted
307347code-projects Nero Social Networking Site index.php sql injectionVulDBVulDB04/21/202505/03/202505/04/2025CVE-2025-4250562906
accepted
307346PHPGurukul e-Diary Management System manage-categories.php sql injectionVulDBVulDB04/21/202505/03/202505/04/2025CVE-2025-4249562836
accepted
307345SourceCodester Simple To-Do List System complete_task.php sql injectionVulDBVulDB04/20/202505/03/202505/04/2025CVE-2025-4248562700
accepted
307344SourceCodester Simple To-Do List System delete_task.php sql injectionVulDBVulDB04/20/202505/03/202505/04/2025CVE-2025-4247562699
accepted
307335code-projects Online Bus Reservation System seatlocation.php sql injectionVulDBVulDB04/20/202505/02/202505/03/2025CVE-2025-4244562691
accepted
307334code-projects Online Bus Reservation System print.php sql injectionVulDBVulDB04/20/202505/02/202505/03/2025CVE-2025-4243562690
accepted
307333PHPGurukul Online Birth Certificate System between-dates-report.php sql injectionVulDBVulDB04/20/202505/02/202505/09/2025CVE-2025-4242562624
accepted
307332PHPGurukul Teacher Subject Allocation Management System search.php sql injectionVulDBVulDB04/19/202505/02/202505/03/2025CVE-2025-4241562452
accepted
307331PCMan FTP Server LCD Command buffer overflowVulDBVulDB04/17/202505/02/202505/03/2025CVE-2025-4240561571
accepted
307330PCMan FTP Server TYPE Command buffer overflowVulDBVulDB04/17/202505/02/202505/03/2025CVE-2025-4239561562
accepted
307329PCMan FTP Server MGET Command buffer overflowVulDBVulDB04/17/202505/02/202505/03/2025CVE-2025-4238561561
accepted
307328PCMan FTP Server MDELETE Command buffer overflowVulDBVulDB04/17/202505/02/202505/03/2025CVE-2025-4237561536
accepted
307327PCMan FTP Server MDIR Command buffer overflowVulDBVulDB04/17/202505/02/202505/03/2025CVE-2025-4236561510
accepted
307323PHPGurukul Cyber Cafe Management System add-computer.php sql injectionVulDBVulDB04/19/202505/02/202505/05/2025CVE-2025-4226562409
accepted
307195handrew browserpilot gpt_selenium_agent.py GPTSeleniumAgent code injectionVulDBVulDB04/19/202505/02/202505/03/2025CVE-2025-4218562383
accepted
307194gorhill uBlock Origin UI 1p-filters.js currentStateChanged redosVulDBVulDB04/19/202505/02/202505/03/2025CVE-2025-4215562301
accepted
307193PHPGuruku Online DJ Booking Management System booking-bwdates-reports-details.php sql injectionVulDBVulDB04/19/202505/02/202505/03/2025CVE-2025-4214562295
accepted
307192PHPGurukul Online Birth Certificate System search.php sql injectionVulDBVulDB04/19/202505/02/202505/02/2025CVE-2025-4213562291
accepted
307180Casdoor SCIM User Creation Endpoint scim.go HandleScim authorizationVulDBVulDB04/11/202505/02/202505/02/2025CVE-2025-4210556201
accepted
306810code-projects Patient Record Management System edit_xpatient.php sql injectionVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4197561890
accepted
306809SourceCodester Patient Record Management System birthing.php sql injectionVulDBVulDB04/18/202505/01/202505/15/2025CVE-2025-4196561880
accepted
306808itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4195561876
accepted
306807itsourcecode Restaurant Management System category_save.php sql injectionVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4192561838
accepted
306806itsourcecode Restaurant Management System category_update.php sql injectionVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4193561849
accepted
306805PHPGurukul Employee Record Management System editmyeducation.php sql injectionVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4191561816
accepted
306804Wangshen SecGate 3600 g=route_ispinfo_export_save path traversalVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4186561814
accepted
306803Wangshen SecGate 3600 g=obj_area_export_save path traversalVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4185561803
accepted
306802PCMan FTP Server QUOTE Command buffer overflowVulDBVulDB04/17/202505/01/202505/02/2025CVE-2025-4184561145
accepted
306801PCMan FTP Server RECV Command buffer overflowVulDBVulDB04/17/202505/01/202505/02/2025CVE-2025-4183561144
accepted
306800PCMan FTP Server BELL Command buffer overflowVulDBVulDB04/17/202505/01/202505/02/2025CVE-2025-4182561141
accepted
306799PCMan FTP Server SEND Command buffer overflowVulDBVulDB04/17/202505/01/202505/02/2025CVE-2025-4181561139
accepted
306798PCMan FTP Server TRACE Command buffer overflowVulDBVulDB04/17/202505/01/202505/02/2025CVE-2025-4180561035
accepted
306797xiaowei1118 java_server File Upload API FoodController.java path traversalVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4178561794
accepted
306796PHPGurukul Blood Bank & Donor Management System request-received-bydonar.php sql injectionVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4176561764
accepted
306795AlanBinu007 Spring-Boot-Advanced-Projects Upload Profile API Endpoint UserProfileController.java uploadUserProfileImage path traversalVulDBVulDB04/18/202505/01/202505/10/2025CVE-2025-4175561760
accepted
306794PHPGurukul COVID19 Testing Management System login.php sql injectionVulDBVulDB04/18/202505/01/202505/09/2025CVE-2025-4174561746
accepted
306793SourceCodester Online Eyewear Shop Master.php delete_cart sql injectionVulDBVulDB04/18/202505/01/202505/01/2025CVE-2025-4173561737
accepted
306696PHPGurukul Employee Record Management System changepassword.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4164561140
accepted
306695PHPGurukul Land Record System aboutus.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4163560883
accepted
306694PCMan FTP Server ASCII Command buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4162561034
accepted
306693PCMan FTP Server VERBOSE Command buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4161561033
accepted
306692PCMan FTP Server LS Command buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4160561030
accepted
306691PCMan FTP Server GLOB Command buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4159561029
accepted
306690PCMan FTP Server PROMPT Command buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4158561028
accepted
306689PHPGurukul Boat Booking System booking-details.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4157560863
accepted
306688PHPGurukul Boat Booking System change-image.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4156560856
accepted
306687PHPGurukul Boat Booking System edit-boat.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4155560853
accepted
306686PHPGurukul Pre-School Enrollment System enrollment-details.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4154560833
accepted
306685PHPGurukul Park Ticketing Management System profile.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4153560809
accepted
306684PHPGurukul Online Birth Certificate System bwdates-reports-details.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4152560808
accepted
306683PHPGurukul Curfew e-Pass Management System pass-bwdates-reports-details.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4151560806
accepted
306682Netgear EX6200 sub_54340 buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4150560804
accepted
306681Netgear EX6200 sub_54014 buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4149560803
accepted
306680Netgear EX6200 sub_503FC buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4148560802
accepted
306679Netgear EX6200 sub_47F7C buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4147560801
accepted
306678Netgear EX6200 sub_41940 buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4146560800
accepted
306677Netgear EX6200 sub_3D0BC buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4145560799
accepted
306634Netgear EX6200 sub_3C8EC buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4142560790
accepted
306633Netgear EX6200 sub_3C03C buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4141560789
accepted
306632Netgear EX6120 sub_30394 buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4140560788
accepted
306631Netgear EX6120 fwAcosCgiInbound buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4139560785
accepted
306627Weitong Mall Sale Endpoint improper authorizationVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4136560782
accepted
306626Netgear WG302v2 ui_get_input_value command injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4135560779
accepted
306604Weitong Mall Product Statistics queryTotal access controlVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4119560778
accepted
306603Weitong Mall Product History historyList access controlVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4118560777
accepted
306602Netgear JWNR2000v2 sub_435E04 command injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4122560776
accepted
306601Netgear JWNR2000v2 cmd_wireless command injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4121560775
accepted
306600Netgear JWNR2000v2 sub_4238E8 buffer overflowVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4120560774
accepted
306597Netgear JWNR2000v2 sub_41A914 buffer overflowVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4117560771
accepted
306596Netgear JWNR2000v2 get_cur_lang_ver buffer overflowVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4116560770
accepted
306595Netgear JWNR2000v2 default_version_is_new buffer overflowVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4115560769
accepted
306594Netgear JWNR2000v2 check_language_file buffer overflowVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4114560768
accepted
306593PHPGurukul Curfew e-Pass Management System edit-pass-detail.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4113560738
accepted
306592PHPGurukul Student Record System add-course.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4112560701
accepted
306591PHPGurukul Pre-School Enrollment System visitor-details.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4111560706
accepted
306590PHPGurukul Pre-School Enrollment System edit-teacher.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4110560703
accepted
306589PHPGurukul Pre-School Enrollment System edit-subadmin.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4109560700
accepted
306588PHPGurukul Student Record System add-subject.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4108560697
accepted
306517PHPGurukul Online Nurse Hiring System view-request.php sql injectionVulDBVulDB04/17/202504/29/202505/15/2025CVE-2025-4080560558
accepted
306516PCMan FTP Server RENAME Command buffer overflowVulDBVulDB04/17/202504/29/202504/29/2025CVE-2025-4079560541
accepted
306515Wangshen SecGate 3600 g=log_export_file path traversalVulDBVulDB04/17/202504/29/202504/29/2025CVE-2025-4078560540
accepted
306514code-projects School Billing System searchrec stack-based overflowVulDBVulDB04/17/202504/29/202505/15/2025CVE-2025-4077560534
accepted
306513LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4076560232
accepted
306512VMSMan login.php cross site scriptingVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4075560212
accepted
306511PHPGurukul Curfew e-Pass Management System pass-bwdates-report.php sql injectionVulDBVulDB04/16/202504/29/202505/09/2025CVE-2025-4074559983
accepted
306510PHPGurukul Student Record System change-password.php sql injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4073559947
accepted
306509PHPGurukul Online Nurse Hiring System edit-nurse.php sql injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4072559939
accepted
306508PHPGurukul COVID19 Testing Management System test-details.php sql injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4071559904
accepted
306507PHPGurukul Rail Pass Management System changeimage.php sql injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4070559620
accepted
306506code-projects Product Management System add_item stack-based overflowVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4069559516
accepted
306505code-projects Simple Movie Ticket Booking System changeprize stack-based overflowVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4068559479
accepted
306504ScriptAndTools Online-Travling-System viewpackage.php access controlVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4067559514
accepted
306503ScriptAndTools Online-Travling-System addpackage.php access controlVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4066559480
accepted
306502ScriptAndTools Online-Travling-System addadvertisement.php access controlVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4065559478
accepted
306501ScriptAndTools Online-Travling-System viewenquiry.php access controlVulDBVulDB04/16/202504/29/202505/02/2025CVE-2025-4064559467
accepted
306500code-projects Student Information Management System cancel stack-based overflowVulDBVulDB04/16/202504/29/202505/10/2025CVE-2025-4063559466
accepted
306499code-projects Theater Seat Booking System cancel stack-based overflowVulDBVulDB04/16/202504/29/202505/10/2025CVE-2025-4062559452
accepted
306498code-projects Clothing Store Management System add_item stack-based overflowVulDBVulDB04/16/202504/29/202505/10/2025CVE-2025-4061559447
accepted
306497PHPGurukul Notice Board System category.php sql injectionVulDBVulDB04/16/202504/29/202505/10/2025CVE-2025-4060559361
accepted
306496code-projects Prison Management System Prison_Mgmt_Sys addrecord stack-based overflowVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4059559359
accepted
306495Projectworlds Online Examination System Bloodgroop_process.php sql injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4058559354
accepted
306404PHPGurukul Rail Pass Management System search-pass.php sql injectionVulDBVulDB04/16/202504/28/202504/30/2025CVE-2025-4039559345
accepted
306403code-projects Train Ticket Reservation System reservation stack-based overflowVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4038559344
accepted
306402code-projects ATM Banking moneyWithdraw logic errorVulDBVulDB04/16/202504/28/202504/29/2025CVE-2025-4037559303
accepted
306401201206030 Novel Chapter AuthorController.java updateBookChapter access controlVulDBVulDB04/15/202504/28/202505/10/2025CVE-2025-4036558414
accepted
306397projectworlds Online Examination System inser_doc_process.php sql injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4034559297
accepted
306396PHPGurukul Nipah Virus Testing Management System patient-search-report.php sql injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4033559239
accepted
306395inclusionAI AWorld shell_tool.py subprocess.Popen os command injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4032559222
accepted
306394PHPGurukul Pre-School Enrollment System aboutus.php sql injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4031559221
accepted
306393PHPGurukul COVID19 Testing Management System search-report-result.php sql injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4030559199
accepted
306392code-projects Personal Diary Management System New Record addrecord stack-based overflowVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4029559198
accepted
306391PHPGurukul COVID19 Testing Management System profile.php sql injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4028559193
accepted
306390PHPGurukul Old Age Home Management System rules.php sql injectionVulDBVulDB04/16/202504/28/202504/28/2025CVE-2025-4027559159
accepted
306389PHPGurukul Nipah Virus Testing Management System profile.php sql injectionVulDBVulDB04/15/202504/28/202505/05/2025CVE-2025-4026558628
accepted
306379itsourcecode Placement Management System registration.php sql injectionVulDBVulDB04/15/202504/27/202504/27/2025CVE-2025-4025558621
accepted
306378itsourcecode Placement Management System add_drive.php sql injectionVulDBVulDB04/15/202504/27/202504/27/2025CVE-2025-4024558616
accepted
306377itsourcecode Placement Management System add_company.php sql injectionVulDBVulDB04/15/202504/27/202505/15/2025CVE-2025-4023558546
accepted
306376web-arena-x webarena evaluators.py HTMLContentEvaluator code injectionVulDBVulDB04/15/202504/27/202505/15/2025CVE-2025-4022558415
accepted
306375code-projects Patient Record Management System edit_spatient.php sql injectionVulDBVulDB04/15/202504/27/202505/15/2025CVE-2025-4021558402
accepted
306374PHPGurukul Old Age Home Management System contact.php sql injectionVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4020558365
accepted
30637220120630 Novel-Plus GeneratorController.java genCode missing authenticationVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4019558360
accepted
30637120120630 Novel-Plus CrawlController.java addCrawlSource missing authenticationVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4018558377
accepted
30637020120630 Novel-Plus LogController.java list improper authorizationVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4017558376
accepted
30636920120630 Novel-Plus LogController.java deleteIndex improper authorizationVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4016558375
accepted
30636820120630 Novel-Plus SessionController.java list missing authenticationVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4015558367
accepted
306367PHPGurukul Art Gallery Management System manage-art-medium.php sql injectionVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4014558350
accepted
306366PHPGurukul Art Gallery Management System aboutus.php sql injectionVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4013558348
accepted
306365playeduxyz PlayEdu 开源培训系统 User Avatar create server-side request forgeryVulDBVulDB04/15/202504/27/202505/13/2025CVE-2025-4012558283
accepted
306364Redmine Custom Query cross site scriptingVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4011558240
accepted
306343Tenda W12/i24 httpd modules cgidhcpsCfgSet stack-based overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4007558165
accepted
306342youyiio BeyongCms Document Management Page Upload.html unrestricted uploadVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4006558152
accepted
306341PHPGurukul COVID19 Testing Management System patient-report.php sql injectionVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4005558126
accepted
306340PHPGurukul COVID19 Testing Management System password-recovery.php sql injectionVulDBVulDB04/15/202504/26/202505/02/2025CVE-2025-4004558125
accepted
306339RefindPlusRepo RefindPlus RP_ApfsIo.c InternalApfsTranslateBlock null pointer dereferenceVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4003558123
accepted
306338RefindPlusRepo RefindPlus BootLog.c GetDebugLogFile null pointer dereferenceVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4002558122
accepted
306337scipopt scip File Descriptor genRandomLOPInstance.c main file descriptor consumptionVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4001558121
accepted
306336Seeyon Zhiyuan OA Web Application System ssoproxy.jsp cross site scriptingVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4000558067
accepted
306335Seeyon Zhiyuan OA Web Application System URL Parameter date.jsp cross site scriptingVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3999557987
accepted
306334CodeAstro Membership Management System renew.php sql injectionVulDBVulDB04/15/202504/26/202505/15/2025CVE-2025-3998557972
accepted
306333dazhouda lecms Personal Information Page index.php cross-site request forgeryVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3997557956
accepted
306332TOTOLINK N150RT MAC Filtering Page home.htm cross site scriptingVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3996557947
accepted
306331TOTOLINK N150RT LAN Settings Page fromStaticDHCP cross site scriptingVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3995557946
accepted
306330TOTOLINK N150RT IP Port Filtering home.htm cross site scriptingVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3994557945
accepted
306329TOTOLINK N150RT formWsc buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3993557944
accepted
306328TOTOLINK N150RT formWlwds buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3992557943
accepted
306327TOTOLINK N150RT formWdsEncrypt buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3991557942
accepted
306326TOTOLINK N150RT formVlan buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3990557941
accepted
306325TOTOLINK N150RT formStaticDHCP buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3989557940
accepted
306324TOTOLINK N150RT formPortFw buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3988557939
accepted
306323TOTOLINK N150RT formWsc command injectionVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3987557938
accepted
306322Apereo CAS CasConfigurationMetadataServerController.java redosVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3986557473
accepted
306321Apereo CAS ResponseEntity redosVulDBVulDB04/12/202504/26/202504/27/2025CVE-2025-3985557110
accepted
306320Apereo CAS Groovy Code RegisteredServiceSimpleFormController.java saveService code injectionVulDBVulDB04/12/202504/26/202504/27/2025CVE-2025-3984557100
accepted
306319AMTT Hotel Broadband Operation System nlog_down.php command injectionVulDBVulDB04/11/202504/26/202505/02/2025CVE-2025-3983556223
accepted
306318nortikin Sverchok Set Property Mk2 Node getsetprop_mk2.py SvSetPropNodeMK2 prototype pollutionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3982557411
accepted
306317wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System details improper authorizationVulDBVulDB04/26/202505/13/2025CVE-2025-3981
 
accepted
306316wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System list improper authorizationVulDBVulDB04/15/202504/26/202505/13/2025CVE-2025-3980557930
accepted
306315dazhouda lecms Password Change index.php cross-site request forgeryVulDBVulDB04/14/202504/26/202504/28/2025CVE-2025-3979557787
accepted
306314dazhouda lecms user_set.htm information disclosureVulDBVulDB04/14/202504/26/202504/28/2025CVE-2025-3978557748
accepted
306313iteachyou Dreamer CMS Attachment download improper authorizationVulDBVulDB04/14/202504/26/202504/28/2025CVE-2025-3977557639
accepted
306312PHPGurukul COVID19 Testing Management System new-user-testing.php sql injectionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3976557472
accepted
306311ScriptAndTools eCommerce-website-in-PHP subscriber-csv.php information disclosureVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3975557414
accepted
306310PHPGurukul COVID19 Testing Management System edit-phlebotomist.php sql injectionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3974557394
accepted
306309PHPGurukul COVID19 Testing Management System check_availability.php sql injectionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3973557393
accepted
306308PHPGurukul COVID19 Testing Management System bwdates-report-result.php sql injectionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3972557392
accepted
306307PHPGurukul COVID19 Testing Management System add-phlebotomist.php sql injectionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3971557391
accepted
306306baseweb JSite save cross site scriptingVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3970557385
accepted
306305codeprojects News Publishing Site Dashboard Edit Category Page edit-category.php unrestricted uploadVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3969557287
accepted
306304codeprojects News Publishing Site Dashboard api.php sql injectionVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3968557286
accepted
306303itwanger paicoding Article post improper authorizationVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3967557251
accepted
306302itwanger paicoding Browsing History home information disclosureVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3966557250
accepted
306301itwanger paicoding post cross site scriptingVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3965557249
accepted
306300withstars Books-Management-System Article del cross-site request forgeryVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3964557239
accepted
306299withstars Books-Management-System Background Interface list authorizationVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3963557237
accepted
306298withstars Books-Management-System Comment add cross site scriptingVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3962557236
accepted
306297withstars Books-Management-System do cross site scriptingVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3961557231
accepted
306296withstars Books-Management-System Background Interface allreaders.html authorizationVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3960557230
accepted
306295withstars Books-Management-System reader_delete.html cross-site request forgeryVulDBVulDB04/12/202504/26/202504/27/2025CVE-2025-3959557147
accepted
306294withstars Books-Management-System Book Edit Page book_edit_do.html cross site scriptingVulDBVulDB04/12/202504/26/202504/29/2025CVE-2025-3958557146
accepted
306293opplus springboot-admin SysLogDao.xml sql injectionVulDBVulDB04/12/202504/26/202504/29/2025CVE-2025-3957557131
accepted
306292201206030 novel-cloud BookInfoMapper.xml RestResp sql injectionVulDBVulDB04/12/202504/26/202504/27/2025CVE-2025-3956557055
accepted
306291codeprojects Patient Record Management System edit_rpatient.php.php sql injectionVulDBVulDB04/12/202504/26/202504/27/2025CVE-2025-3955557036
accepted
306290ChurchCRM Referer server-side request forgeryVulDBVulDB04/10/202504/26/202504/28/2025CVE-2025-3954555938
accepted
306288GL.iNet GL-A1300 Slate Plus RPC plugins.so buffer overflowVulDBVulDB04/26/202504/26/2025CVE-2025-2851
 
accepted
306287GL.iNet GL-A1300 Slate Plus Download Interface improper authorizationVulDBVulDB04/26/202504/26/2025CVE-2025-2850
 
accepted
306286GL.iNet GL-A1300 Slate Plus API redosVulDBVulDB03/21/202504/26/202504/26/2025CVE-2025-2811524459
accepted
305781xxyopen Novel-Plus searchByPage sql injectionVulDBVulDB04/12/202504/21/202504/22/2025CVE-2025-3856557011
accepted
305780CodeCanyon RISE Ultimate Project Manager Profile Picture save_profile_image resource injectionVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3855556871
accepted
305778H3C GR-3000AX HTTP POST Request aspForm Edit_List_SSID buffer overflowVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3854556614
accepted
305777YXJ2018 SpringBoot-Vue-OnlineExam API improper authenticationVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3850556284
accepted
305776YXJ2018 SpringBoot-Vue-OnlineExam studentPWD unverified password changeVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3849556283
accepted
305775markparticle WebServer Login httprequest.cpp sql injectionVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3847556275
accepted
305774markparticle WebServer Registration httprequest.cpp sql injectionVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3846556274
accepted
305773markparticle WebServer buffer.cpp HasWritten buffer overflowVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3845556273
accepted
305772panhainan DS-Java cross-site request forgeryVulDBVulDB04/10/202504/21/202504/22/2025CVE-2025-3843556136
accepted
305771panhainan DS-Java FileUpload.java uploadUserPic.action code injectionVulDBVulDB04/10/202504/21/202504/21/2025CVE-2025-3842556135
accepted
305769wix-incubator jam Jinja2 Template jam.py special elements used in a template engineVulDBVulDB04/10/202504/21/202504/24/2025CVE-2025-3841555905
accepted
305737kuangstudy KuangSimpleBBS QuestionController.java fileUpload unrestricted uploadVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3830556133
accepted
305736PHPGurukul Men Salon Management System sales-reports-detail.php sql injectionVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3829555930
accepted
305735PHPGurukul Men Salon Management System view-appointment.php sql injectionVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3828555929
accepted
305734PHPGurukul Men Salon Management System forgot-password.php sql injectionVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3827555928
accepted
305733SourceCodester Web-based Pharmacy Product Management System add-supplier.php cross site scriptingVulDBVulDB04/19/202504/20/2025CVE-2025-3826
 
accepted
305732SourceCodester Web-based Pharmacy Product Management System add-category.php cross site scriptingVulDBVulDB04/19/202504/20/2025CVE-2025-3825
 
accepted
305731SourceCodester Web-based Pharmacy Product Management System add-product.php cross site scriptingVulDBVulDB04/19/202504/20/2025CVE-2025-3824
 
accepted
305730SourceCodester Web-based Pharmacy Product Management System add-stock.php cross site scriptingVulDBVulDB04/19/202504/20/2025CVE-2025-3823
 
accepted
305729SourceCodester Web-based Pharmacy Product Management System changepassword.php cross site scriptingVulDBVulDB04/19/202504/20/2025CVE-2025-3822
 
accepted
305728SourceCodester Web-based Pharmacy Product Management System add-admin.php cross site scriptingVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3821555918
accepted
305726Tenda W12/i24 httpd cgiSysUplinkCheckSet stack-based overflowVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3820555728
accepted
305725PHPGurukul Men Salon Management System search-appointment.php sql injectionVulDBVulDB04/10/202504/19/202505/14/2025CVE-2025-3819555687
accepted
305724webpy web.py db.py PostgresDB._process_insert_query sql injectionVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3818555649
accepted
305723SourceCodester Online Eyewear Shop Master.php sql injectionVulDBVulDB04/10/202504/19/202505/15/2025CVE-2025-3817555607
accepted
305722westboy CicadasCMS Scheduled Task save os command injectionVulDBVulDB04/10/202504/19/202504/19/2025CVE-2025-3816555555
accepted
305662zhenfeng13 My-BBS cross-site request forgeryVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3808555259
accepted
305661zhenfeng13 My-BBS Endpoint UploadController.java upload unrestricted uploadVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3807555258
accepted
305660dazhouda lecms Edit Profile admin cross site scriptingVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3806554977
accepted
305659sarrionandia tournatrack Jinja2 Template check_id.py injectionVulDBVulDB04/09/202504/18/202504/21/2025CVE-2025-3805554781
accepted
305658thautwarm vscode-diana Jinja2 Template Gen.py injectionVulDBVulDB04/09/202504/18/202504/21/2025CVE-2025-3804554779
accepted
305657Tenda W12/i24 httpd cgiSysScheduleRebootSet stack-based overflowVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3803554756
accepted
305656Tenda W12/i24 httpd cgiPingSet stack-based overflowVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3802554746
accepted
305655songquanpeng one-api System Setting cross site scriptingVulDBVulDB04/09/202504/18/202504/21/2025CVE-2025-3801554702
accepted
305653WCMS AnonymousController.php sql injectionVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3800554698
accepted
305652WCMS AnonymousController.php sql injectionVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3799554697
accepted
305651WCMS Advertisement Image AdvadminController.php sub unrestricted uploadVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3798554696
accepted
305650SeaCMS admin_topic.php sql injectionVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3797554660
accepted
305649PHPGurukul Men Salon Management System contact-us.php sql injectionVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3796554659
accepted
305648DaiCuo SEO Optimization Settings Section cross site scriptingVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3795554639
accepted
305615SeaCMS admin_link.php sql injectionVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3792554592
accepted
305614symisc UnQLite unqlite.c jx9MemObjStore heap-based overflowVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3791554574
accepted
305613baseweb JSite Apache Druid Monitoring Console index.html access controlVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3790554572
accepted
305612baseweb JSite save cross site scriptingVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3789554566
accepted
305611baseweb JSite save cross site scriptingVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3788554565
accepted
305610PbootCMS Image server-side request forgeryVulDBVulDB04/08/202504/18/202504/18/2025CVE-2025-3787553731
accepted
305609Tenda AC15 WifiExtraSet fromSetWirelessRepeat buffer overflowVulDBVulDB04/08/202504/18/202504/18/2025CVE-2025-3786553703
accepted
305608D-Link DWR-M961 Authorization Interface formStaticDHCP stack-based overflowVulDBVulDB04/08/202504/18/202504/18/2025CVE-2025-3785553547
accepted
305605SourceCodester Web-based Pharmacy Product Management System add-product.php unrestricted uploadVulDBVulDB04/08/202504/18/202504/18/2025CVE-2025-3783553723
accepted
305399SourceCodester Web-based Pharmacy Product Management System edit-photo.php unrestricted uploadVulDBVulDB04/08/202504/17/202505/15/2025CVE-2025-3765553722
accepted
305398SourceCodester Web-based Pharmacy Product Management System edit-product.php unrestricted uploadVulDBVulDB04/08/202504/17/202505/15/2025CVE-2025-3764553721
accepted
305397SourceCodester Phone Management System Password main buffer overflowVulDBVulDB04/08/202504/17/202504/19/2025CVE-2025-3763553650
accepted
305396PCMan FTP Server MPUT Command buffer overflowVulDBVulDB04/08/202504/17/202504/17/2025CVE-2025-3762553567
accepted
305076PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of serviceVulDBVulDB04/08/202504/16/202505/06/2025CVE-2025-3730553645
accepted
305075SourceCodester Web-based Pharmacy Product Management System Database Backup backup.php os command injectionVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3729553631
accepted
305074SourceCodester Simple Hotel Booking System login buffer overflowVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3728553627
accepted
305073PCMan FTP Server STATUS Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3727552816
accepted
305072PCMan FTP Server CD Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3726552815
accepted
305071PCMan FTP Server MIC Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3725552814
accepted
305070PCMan FTP Server DIR Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3724552808
accepted
305069PCMan FTP Server MDTM Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3723552796
accepted
304985SourceCodester Web-based Pharmacy Product Management System edit-product.php sql injectionVulDBVulDB04/08/202504/16/202505/15/2025CVE-2025-3697553624
accepted
304984SourceCodester Web-based Pharmacy Product Management System search_stock. php sql injectionVulDBVulDB04/08/202504/16/202505/15/2025CVE-2025-3696553579
accepted
304983SourceCodester Web-based Pharmacy Product Management System Login sql injectionVulDBVulDB04/08/202504/16/202505/15/2025CVE-2025-3694553568
accepted
304982Tenda W12 httpd cgiWifiRadioSet stack-based overflowVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3693553526
accepted
304981SourceCodester Online Eyewear Shop Master.php cross site scriptingVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3692553520
accepted
304980mirweiye Seven Bears Library CMS Add Link server-side request forgeryVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3691553507
accepted
304979PHPGurukul Men Salon Management System edit-services.php sql injectionVulDBVulDB04/08/202504/16/202504/24/2025CVE-2025-3690553501
accepted
304978PHPGurukul Men Salon Management System edit-customer-detailed.php sql injectionVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3689553500
accepted
304977mirweiye Seven Bears Library CMS Background Management Page cross site scriptingVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3688553486
accepted
304976misstt123 oasys Sticky Notes cross-site request forgeryVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3687553429
accepted
304975misstt123 oasys show image path traversalVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3686553372
accepted
304974code-projects Patient Record Management System edit_fpatient.php sql injectionVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3685553346
accepted
304973Xianqi Kindergarten Management System Child Management stu_list.php sql injectionVulDBVulDB04/08/202504/16/202504/24/2025CVE-2025-3684553239
accepted
304972PCMan FTP Server SIZE Command buffer overflowVulDBVulDB04/07/202504/16/202504/16/2025CVE-2025-3683552791
accepted
304971PCMan FTP Server PASV Command buffer overflowVulDBVulDB04/07/202504/16/202504/16/2025CVE-2025-3682552790
accepted
304970PCMan FTP Server MODE Command buffer overflowVulDBVulDB04/07/202504/16/202504/16/2025CVE-2025-3681552789
accepted
304969PCMan FTP Server LANG Command buffer overflowVulDBVulDB04/07/202504/16/202504/16/2025CVE-2025-3680552788
accepted
304968PCMan FTP Server HOST Command buffer overflowVulDBVulDB04/07/202504/16/202504/16/2025CVE-2025-3679552787
accepted
304967PCMan FTP Server HELP Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3678552780
accepted
304966lm-sys fastchat apply_delta.py apply_delta_low_cpu_mem deserializationVulDBVulDB04/07/202504/16/202504/21/2025CVE-2025-3677552755
accepted
304965xxyopen Novel-Plus books sql injectionVulDBVulDB04/05/202504/16/202504/16/2025CVE-2025-3676551950
accepted
304964TOTOLINK A3700R cstecgi.cgi setL2tpServerCfg access controlVulDBVulDB04/04/202504/16/202504/16/2025CVE-2025-3675551304
accepted
304963TOTOLINK A3700R cstecgi.cgi setUrlFilterRules access controlVulDBVulDB04/04/202504/16/202504/16/2025CVE-2025-3674551302
accepted
304846TOTOLINK A3700R cstecgi.cgi setScheduleCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3668551300
accepted
304845TOTOLINK A3700R cstecgi.cgi setUPnPCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3667551299
accepted
304844TOTOLINK A3700R cstecgi.cgi setDdnsCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3666551298
accepted
304843TOTOLINK A3700R cstecgi.cgi setSmartQosCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3665551297
accepted
304842TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3664551296
accepted
304841TOTOLINK A3700R Password cstecgi.cgi setWiFiEasyGuestCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3663551295
accepted
304679Xorbits Inference model.py load deserializationVulDBVulDB04/06/202504/15/202504/21/2025CVE-2025-3622552245
accepted
304672Demtec Graphytics visualization cross site scriptingVulDBVulDB04/04/202504/14/202504/15/2025CVE-2025-3613551172
accepted
304671Demtec Graphytics HTTP GET Parameter visualization cross site scriptingVulDBVulDB04/04/202504/14/202504/15/2025CVE-2025-3612551123
accepted
304648ZHENFENG13/code-projects My-Blog-layui authorImg upload unrestricted uploadVulDBVulDB04/04/202504/14/202504/15/2025CVE-2025-3593550912
accepted
304647ZHENFENG13/code-projects My-Blog-layui edit cross site scriptingVulDBVulDB04/04/202504/14/202504/15/2025CVE-2025-3592550910
accepted
304646ZHENFENG13/code-projects My-Blog-layui edit cross site scriptingVulDBVulDB04/04/202504/14/202504/15/2025CVE-2025-3591550909
accepted
304645Adianti Framework deserializationVulDBVulDB04/03/202504/14/202504/15/2025CVE-2025-3590550296
accepted
304644SourceCodester Music Class Enrollment System manage_class.php sql injectionVulDBVulDB04/03/202504/14/202504/15/2025CVE-2025-3589550267
accepted
304643joelittlejohn jsonschema2pojo JSON File SchemaRule.java apply stack-based overflowVulDBVulDB04/03/202504/14/202504/15/2025CVE-2025-3588550136
accepted
304642ZeroWdd/code-projects studentmanager getTeacherList improper authorizationVulDBVulDB04/03/202504/14/202504/15/2025CVE-2025-3587550129
accepted
304641westboy CicadasCMS JSP Parser upload unrestricted uploadVulDBVulDB04/03/202504/14/202504/14/2025CVE-2025-3585549981
accepted
304612Fannuo Enterprise Content Management System 凡诺企业网站管理系统 cms_chip.php sql injectionVulDBVulDB04/03/202504/14/202504/14/2025CVE-2025-3571549927
accepted
304611JamesZBL/code-projects db-hospital-drug ContentController.java save cross site scriptingVulDBVulDB04/03/202504/14/202504/14/2025CVE-2025-3570549923
accepted
304610JamesZBL/code-projects db-hospital-drug ShiroConfig.java improper authorizationVulDBVulDB04/03/202504/14/202504/14/2025CVE-2025-3569549920
accepted
304609Webkul Krayin CRM SVG File edit cross site scriptingVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3568549591
accepted
304608veal98 小牛肉 Echo 开源社区系统 Ticket LoginTicketInterceptor.java preHandle improper authorizationVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3567549537
accepted
304607veal98 小牛肉 Echo 开源社区系统 uploadMdPic unrestricted uploadVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3566549509
accepted
304606huanfenz/code-projects StudentManager Announcement Management Section uploadArticle.do unrestricted uploadVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3565549316
accepted
304605huanfenz/code-projects StudentManager Teacher String improper authorizationVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3564549309
accepted
304604WuzhiCMS Setting index.php set code injectionVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3563549270
accepted
304603Yonyou YonBIP userfile FileInputStream path traversalVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3562549269
accepted
304602ghostxbh uzy-ssm-mall cross-site request forgeryVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3561549268
accepted
304601ghostxbh uzy-ssm-mall product cross site scriptingVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3560549261
accepted
304600ghostxbh uzy-ssm-mall 20 ForeProductListController sql injectionVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3559549260
accepted
304599ghostxbh uzy-ssm-mall uploadUserHeadImage unrestricted uploadVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3558549259
accepted
304598ScriptAndTools eCommerce-website-in-PHP cross-site request forgeryVulDBVulDB04/04/202504/14/202504/19/2025CVE-2025-3557551053
accepted
304597ScriptAndTools eCommerce-website-in-PHP login.php excessive authenticationVulDBVulDB04/02/202504/14/202504/16/2025CVE-2025-3556549187
accepted
304596ScriptAndTools eCommerce-website-in-PHP login.php excessive authenticationVulDBVulDB04/02/202504/14/202504/16/2025CVE-2025-3555549168
accepted
304595phpshe api.php cross site scriptingVulDBVulDB04/01/202504/14/202504/14/2025CVE-2025-3554548411
accepted
304594phpshe admin.php pe_delete sql injectionVulDBVulDB04/01/202504/14/202504/14/2025CVE-2025-3553548265
accepted
304593Lingxing ERP UploadAjax.ashx unrestricted upload [False-Positive]VulDBVulDB04/01/202504/14/202505/05/2025CVE-2025-3552547881revoked
304592Lingxing ERP FileUpload.ashx DoUpload unrestricted upload [False-Positive]VulDBVulDB04/01/202504/14/202505/05/2025CVE-2025-3551547878revoked
304591wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System detail improper authorizationVulDBVulDB04/01/202504/13/202504/14/2025CVE-2025-3550547789
accepted
304590Open Asset Import Library Assimp File MD3Loader.cpp ValidateSurfaceHeaderOffsets heap-based overflowVulDBVulDB03/31/202504/13/202504/14/2025CVE-2025-3549546414
accepted
304589Open Asset Import Library Assimp File types.h Set heap-based overflowVulDBVulDB03/31/202504/13/202505/14/2025CVE-2025-3548546413
accepted
304588frdel Agent-Zero get_work_dir_files path traversalVulDBVulDB03/30/202504/13/202504/14/2025CVE-2025-3547546220
accepted
304585H3C Magic BE18000 HTTP POST Request getLanguage FCGI_CheckStringIfContainsSemicolon command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3546524745
accepted
304584H3C Magic BE18000 HTTP POST Request setLanguage FCGI_CheckStringIfContainsSemicolon command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3545524744
accepted
304583H3C Magic BE18000 HTTP POST Request getCapabilityWeb FCGI_CheckStringIfContainsSemicolon command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3544524743
accepted
304582H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request setsyncpppoecfg FCGI_WizardProtoProcess command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3543524739
accepted
304581H3C Magic NX15/Magic NX400/Magic R3010 HTTP POST Request getsyncpppoecfg FCGI_WizardProtoProcess command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3542524738
accepted
304580H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getSpecs FCGI_WizardProtoProcess command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3541524737
accepted
304579H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getCapability FCGI_WizardProtoProcess command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3540524734
accepted
304578H3C Magic BE18000 HTTP POST Request getBasicInfo FCGI_CheckStringIfContainsSemicolon command injectionVulDBVulDB03/17/202504/13/202504/14/2025CVE-2025-3539521814
accepted
304577D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflowVulDBVulDB03/20/202504/13/202504/13/2025CVE-2025-3538524224
accepted
304575Tutorials-Website Employee Management System update-user.php improper authorizationVulDBVulDB03/29/202504/12/202504/13/2025CVE-2025-3537545859
accepted
304574Tutorials-Website Employee Management System delete-user.php improper authorizationVulDBVulDB03/29/202504/12/202504/13/2025CVE-2025-3536545810
accepted
304573shuanx BurpAPIFinder BurpApiFinder.db denial of serviceVulDBVulDB03/28/202504/12/202504/13/2025CVE-2025-3535545457
accepted
304572PowerCreator CMS OpenPublicCourse.aspx sql injectionVulDBVulDB03/26/202504/12/202504/13/2025CVE-2025-3534543120
accepted
304571YouDianCMS index.html.Attackers cross site scriptingVulDBVulDB03/26/202504/12/202504/13/2025CVE-2025-3533543083
accepted
304570YouDianCMS index.html.Attackers cross site scriptingVulDBVulDB03/26/202504/12/202504/13/2025CVE-2025-3532543082
accepted
304569YouDianCMS index.html cross site scriptingVulDBVulDB03/26/202504/12/202504/13/2025CVE-2025-3531543080
accepted
304298Nababur Simple-User-Management-System register.php cross site scriptingVulDBVulDB03/28/202504/10/202504/10/2025CVE-2025-3489545504
accepted
303691opplus springboot-admin SysGeneratorController.java code deserializationVulDBVulDB03/28/202504/07/202504/07/2025CVE-2025-3413545374
accepted
303690mymagicpower AIAS InferController.java server-side request forgeryVulDBVulDB03/27/202504/07/202504/07/2025CVE-2025-3412544289
accepted
303689mymagicpower AIAS AsrController.java server-side request forgeryVulDBVulDB03/27/202504/07/202504/07/2025CVE-2025-3411544288
accepted
303688mymagicpower AIAS LocalStorageController.java unrestricted uploadVulDBVulDB03/27/202504/07/202504/07/2025CVE-2025-3410544243
accepted
303687Nothings stb stb_include_string stack-based overflowVulDBVulDB03/27/202504/07/202504/07/2025CVE-2025-3409544231
accepted
303686Nothings stb stb_dupreplace integer overflowVulDBVulDB03/27/202504/07/202504/08/2025CVE-2025-3408544230
accepted
303685Nothings stb stbhw_build_tileset_from_image out-of-boundsVulDBVulDB03/27/202504/07/202504/08/2025CVE-2025-3407544227
accepted
303684Nothings stb Header Array stbhw_build_tileset_from_image out-of-boundsVulDBVulDB03/27/202504/07/202504/08/2025CVE-2025-3406544226
accepted
303649FCJ Venture Builder appclientefiel HTTP GET Request ObterPedido resource injectionVulDBVulDB03/27/202504/07/202504/08/2025CVE-2025-3405544136
accepted
303648Vivotek NVR ND8422P/NVR ND9525P/NVR ND9541P HTML Form sensitive information in sourceVulDBVulDB03/26/202504/07/202504/08/2025CVE-2025-3403543589
accepted
303647Seeyon Zhiyuan Interconnect FE Collaborative Office Platform check.js%70 sql injectionVulDBVulDB03/25/202504/07/202504/08/2025CVE-2025-3402542343
accepted
303646ESAFENET CDG getLimitIPList.jsp sql injectionVulDBVulDB03/24/202504/07/202504/08/2025CVE-2025-3401525612
accepted
303645ESAFENET CDG UnChkMailApplication.jsp sql injectionVulDBVulDB03/24/202504/07/202504/08/2025CVE-2025-3400525611
accepted
303644ESAFENET CDG updateNotice.jsp sql injectionVulDBVulDB03/24/202504/07/202504/08/2025CVE-2025-3399525610
accepted
303643lenve VBlog WebSecurityConfig.java configure access controlVulDBVulDB03/24/202504/07/202504/08/2025CVE-2025-3398525609
accepted
303642YzmCMS message.tpl cross site scriptingVulDBVulDB03/22/202504/07/202504/08/2025CVE-2025-3397525203
accepted
303639mrcen springboot-ucan-admin Personal Settings Interface index cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3393
 
accepted
303638hailey888 oa_system Backend MailController.java save cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3392
 
accepted
303637hailey888 oa_system Backend AddrController. java outAddress cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3391
 
accepted
303636hailey888 oa_system Backend DaymanageController.java addandchangeday cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3390
 
accepted
303635hailey888 oa_system Backend InformManageController.java testMess cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3389
 
accepted
303634hailey888 oa_system Frontend LoginsController.java loginCheck cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3388
 
accepted
303633renrenio renren-security JSON cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3387
 
accepted
303632LinZhaoguan pb-cms Friendship Link admin#links cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3386
 
accepted
303631LinZhaoguan pb-cms Classification Management Page cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3385
 
accepted
3036301000 Projects Human Resource Management System employee.php sql injectionVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3384552447
accepted
303629SourceCodester Web-based Pharmacy Product Management System search_sales.php sql injectionVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3383552388
accepted
303628joey-zhou xiaozhi-esp32-server-java update sql injectionVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3382552387
accepted
303627zhangyanbo2007 youkefu File Upload WebIMController.java path traversalVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3381552369
accepted
303626PCMan FTP Server FEAT Command buffer overflowVulDBVulDB04/07/202504/07/202504/23/2025CVE-2025-3380552342
accepted
303625PCMan FTP Server EPSV Command buffer overflowVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3379552341
accepted
303624PCMan FTP Server EPRT Command buffer overflowVulDBVulDB04/07/202504/07/202504/24/2025CVE-2025-3378552340
accepted
303623PCMan FTP Server ENC Command buffer overflowVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3377552339
accepted
303622PCMan FTP Server CONF Command buffer overflowVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3376552338
accepted
303621PCMan FTP Server CDUP Command buffer overflowVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3375552337
accepted
303620PCMan FTP Server CCC Command buffer overflowVulDBVulDB04/07/202504/07/202504/24/2025CVE-2025-3374552336
accepted
303619PCMan FTP Server SITE CHMOD Command buffer overflowVulDBVulDB04/06/202504/07/202504/07/2025CVE-2025-3373552274
accepted
303618PCMan FTP Server MKDIR Command buffer overflowVulDBVulDB04/06/202504/07/202504/07/2025CVE-2025-3372552273
accepted
303617PCMan FTP Server DELETE Command buffer overflowVulDBVulDB04/06/202504/07/202504/07/2025CVE-2025-3371552270
accepted
303615PHPGurukul Men Salon Management System admin-profile.php sql injectionVulDBVulDB04/06/202504/07/202504/07/2025CVE-2025-3370552172
accepted
303614xxyopen Novel-Plus list sql injectionVulDBVulDB04/06/202504/07/202504/07/2025CVE-2025-3369552101
accepted
303567PHPGurukul Men Salon Management System add-services.php sql injectionVulDBVulDB04/06/202504/06/202504/06/2025CVE-2025-3353552239
accepted
303566PHPGurukul Old Age Home Management System edit-scdetails.php sql injectionVulDBVulDB04/06/202504/06/202504/06/2025CVE-2025-3352552171
accepted
303565PHPGurukul Old Age Home Management System login.php sql injectionVulDBVulDB04/06/202504/06/202504/06/2025CVE-2025-3351552130
accepted
303564PHPGurukul Old Age Home Management System view-enquiry.php sql injectionVulDBVulDB04/06/202504/06/202504/06/2025CVE-2025-3350552051
accepted
303563PCMan FTP Server SYST Command buffer overflowVulDBVulDB04/06/202504/06/202504/06/2025CVE-2025-3349552039
accepted
303562code-projects Patient Record Management System edit_dpatient.php sql injectionVulDBVulDB04/05/202504/06/202504/06/2025CVE-2025-3348551940
accepted
303561code-projects Patient Record Management System dental_pending.php sql injectionVulDBVulDB04/05/202504/06/202504/06/2025CVE-2025-3347551939
accepted
303560Tenda AC7 SetPptpServerCfg formSetPPTPServer buffer overflowVulDBVulDB04/05/202504/06/202504/06/2025CVE-2025-3346551927
accepted
303559codeprojects Online Restaurant Management System combo.php sql injectionVulDBVulDB04/05/202504/06/202504/30/2025CVE-2025-3345551919
accepted
303558codeprojects Online Restaurant Management System assign_save.php sql injectionVulDBVulDB04/05/202504/06/202504/30/2025CVE-2025-3344551918
accepted
303557codeprojects Online Restaurant Management System reservation_update.php sql injectionVulDBVulDB04/05/202504/06/202504/30/2025CVE-2025-3343551917
accepted
303556codeprojects Online Restaurant Management System payment_save.php sql injectionVulDBVulDB04/05/202504/06/202504/30/2025CVE-2025-3342551916
accepted
303555codeprojects Online Restaurant Management System reservation_view.php sql injectionVulDBVulDB04/05/202504/06/202504/30/2025CVE-2025-3341551915
accepted
303554codeprojects Online Restaurant Management System combo_update.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3340551914
accepted
303553codeprojects Online Restaurant Management System user_update.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3339551913
accepted
303552codeprojects Online Restaurant Management System user_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3338551912
accepted
303551codeprojects Online Restaurant Management System member_update.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3337551911
accepted
303550codeprojects Online Restaurant Management System member_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3336551910
accepted
303549codeprojects Online Restaurant Management System category_update.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3335551909
accepted
303548codeprojects Online Restaurant Management System category_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3334551908
accepted
303547codeprojects Online Restaurant Management System menu_update.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3333551907
accepted
303546codeprojects Online Restaurant Management System menu_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3332551906
accepted
303545codeprojects Online Restaurant Management System payment_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3331551905
accepted
303544codeprojects Online Restaurant Management System reservation_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3330551904
accepted
303543Consumer Comanda Mobile Restaurant Order cleartext transmissionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3329551790
accepted
303540Tenda AC1206 fast_setting_wifi_set form_fast_setting_wifi_set buffer overflowVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3328551893
accepted
303539iteaj iboot 物联网网关 File Upload batch cross site scriptingVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3327551871
accepted
303538iteaj iboot 物联网网关 File Upload upload cross site scriptingVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3326551870
accepted
303537iteaj iboot 物联网网关 Admin Password pwd access controlVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3325551869
accepted
303536godcheese/code-projects Nimrod FileRestController.java unrestricted uploadVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3324551864
accepted
303535godcheese/code-projects Nimrod ViewMenuCategoryRestController.java sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3323551863
accepted
303517Kenj_Frog 肯尼基蛙 company-financial-management 公司财务管理系统 ShangpinleixingController.java page sql injectionVulDBVulDB04/05/202504/06/2025CVE-2025-3318
 
accepted
303516fumiao opencms dataPage.jsp path traversalVulDBVulDB04/05/202504/21/2025CVE-2025-3317
 
accepted
303515PHPGurukul Men Salon Management System search-invoices.php sql injectionVulDBVulDB04/05/202504/05/202504/06/2025CVE-2025-3316551749
accepted
303512SourceCodester Apartment Visitor Management System view-report.php sql injectionVulDBVulDB04/04/202504/05/202505/15/2025CVE-2025-3315551262
accepted
303511SourceCodester Apartment Visitor Management System forgotpw.php sql injectionVulDBVulDB04/04/202504/05/202505/15/2025CVE-2025-3314551257
accepted
303510PHPGurukul Men Salon Management System add-customer.php sql injectionVulDBVulDB04/04/202504/05/202504/06/2025CVE-2025-3313550884
accepted
303509PHPGurukul Men Salon Management System add-customer-services.php sql injectionVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3312550199
accepted
303508PHPGurukul Men Salon Management System about-us.php sql injectionVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3311550196
accepted
303507code-projects Blood Bank Management System delete.php sql injectionVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3310550195
accepted
303506code-projects Blood Bank Management System campsdetails.php sql injectionVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3309550194
accepted
303505code-projects Blood Bank Management System viewrequest.php sql injectionVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3308550193
accepted
303504code-projects Blood Bank Management System reset.php sql injectionVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3307550192
accepted
303503code-projects Blood Bank Management System don.php sql injectionVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3306550190
accepted
3035021902756969/code-projects IKUN_Library Borrow MvcConfig.java addInterceptors access controlVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3305550186
accepted
303501code-projects Patient Record Management System dental_not.php sql injectionVulDBVulDB04/02/202504/05/202504/06/2025CVE-2025-3304549645
accepted
303500code-projects Patient Record Management System birthing_record.php sql injectionVulDBVulDB04/02/202504/05/202504/06/2025CVE-2025-3303549644
accepted
303494PHPGurukul Men Salon Management System appointment.php sql injectionVulDBVulDB04/03/202504/04/202504/05/2025CVE-2025-3299550185
accepted
303493SourceCodester Online Eyewear Shop Registration Master.php access controlVulDBVulDB04/03/202504/04/202504/05/2025CVE-2025-3298550010
accepted
303492SourceCodester Online Eyewear Shop Master.php cross site scriptingVulDBVulDB04/03/202504/04/202504/05/2025CVE-2025-3297549982
accepted
303491SourceCodester Online Eyewear Shop Users.php sql injectionVulDBVulDB04/03/202504/04/202504/05/2025CVE-2025-3296549932
accepted
303340qinguoyi TinyWebServer http_conn.cpp improper authenticationVulDBVulDB04/02/202504/04/202504/23/2025CVE-2025-3268549229
accepted
303339qinguoyi TinyWebServer http_conn.cpp sql injectionVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3267549228
accepted
303338qinguoyi TinyWebServer http_conn.cpp stack-based overflowVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3266549227
accepted
303337PHPGurukul e-Diary Management System add-category.php sql injectionVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3265549212
accepted
303329Tenda RX3 SetOnlineDevName formSetDeviceName stack-based overflowVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3259549199
accepted
303328PHPGurukul Old Age Home Management System search.php sql injectionVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3258549186
accepted
303327xujiangfei admintwo updateSet cross-site request forgeryVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3257549011
accepted
303326xujiangfei admintwo updateSet access controlVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3256549009
accepted
303325xujiangfei admintwo home access controlVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3255548986
accepted
303324xujiangfei admintwo add server-side request forgeryVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3254548979
accepted
303323xujiangfei admintwo insertTree cross site scriptingVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3253548978
accepted
303322xujiangfei admintwo add cross site scriptingVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3252548976
accepted
303321xujiangfei admintwo updateSet cross site scriptingVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3251548971
accepted
303320elunez eladmin Maintenance Management Module testConnect deserializationVulDBVulDB03/30/202504/04/202504/04/2025CVE-2025-3250546132
accepted
303319TOTOLINK A6000R mtkwifi.lua apcli_cancel_wps command injectionVulDBVulDB03/26/202504/04/202504/04/2025CVE-2025-3249543214
accepted
303272itsourcecode Library Management System Forgot.java search sql injectionVulDBVulDB04/01/202504/03/202504/03/2025CVE-2025-3245548087
accepted
303271SourceCodester Web-based Pharmacy Product Management System Create User Page add-admin.php unrestricted uploadVulDBVulDB04/01/202504/03/202505/15/2025CVE-2025-3244547916
accepted
303269code-projects Patient Record Management System dental_form.php sql injectionVulDBVulDB04/01/202504/03/202505/01/2025CVE-2025-3243547882
accepted
303268PHPGurukul e-Diary Management System search-result.php sql injectionVulDBVulDB04/01/202504/03/202505/15/2025CVE-2025-3242547719
accepted
303267zhangyanbo2007 youkefu XML Document CallCenterRouterController.java xml external entity referenceVulDBVulDB04/01/202504/03/202504/03/2025CVE-2025-3241547585
accepted
303266PHPGurukul Online Fire Reporting System search.php sql injectionVulDBVulDB03/31/202504/03/202504/03/2025CVE-2025-3240546615
accepted
303265PHPGurukul Online Fire Reporting System edit-guard-detail.php sql injectionVulDBVulDB03/31/202504/03/202504/03/2025CVE-2025-3239546598
accepted
303264PHPGurukul Online Fire Reporting System search-request.php sql injectionVulDBVulDB03/31/202504/03/202504/03/2025CVE-2025-3238546415
accepted
303263Tenda FH1202 wrlwpsset access controlVulDBVulDB03/31/202504/03/202504/03/2025CVE-2025-3237546368
accepted
303262Tenda FH1202 Web Management Interface VirSerDMZ access controlVulDBVulDB03/31/202504/03/202504/03/2025CVE-2025-3236546367
accepted
303261PHPGurukul Old Age Home Management System profile.php sql injectionVulDBVulDB03/30/202504/03/202504/27/2025CVE-2025-3235546223
accepted
303245PHPGurukul Zoo Management System aboutus.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3231546180
accepted
303244PHPGurukul Restaurant Table Booking System edit-subadmin.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3229546178
accepted
303181PHPGurukul e-Diary Management System dashboard.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3220546176
accepted
303180CodeCanyon Perfex CRM Project Discussions Module 2 cross site scriptingVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3219546171
accepted
303172PHPGurukul e-Diary Management System registration.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3217546168
accepted
303171PHPGurukul e-Diary Management System password-recovery.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3216546166
accepted
303170PHPGurukul Restaurant Table Booking System add-subadmin.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3215546164
accepted
303169JFinal CMS readTemplate engine.getTemplate path traversal [Disputed]VulDBVulDB04/02/202504/03/202504/04/2025CVE-2025-3214548985
accepted
303166PHPGurukul e-Diary Management System view-note.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3213546128
accepted
303165code-projects Patient Record Management System birthing_print.php sql injectionVulDBVulDB03/29/202504/03/202505/01/2025CVE-2025-3211545964
accepted
303164code-projects Patient Record Management System birthing_pending.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3210545962
accepted
303163code-projects Patient Record Management System add_patient.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3209545961
accepted
303162code-projects Patient Record Management System xray_print.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3208545960
accepted
303161code-projects Patient Record Management System birthing_form.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3207545934
accepted
303160code-projects Hospital Management System doctor-specilization.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3206545895
accepted
303159CodeAstro Student Grading System studentsubject.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3205545894
accepted
303158CodeAstro Car Rental System returncar.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3204545893
accepted
303157Tenda W18E setModules formSetAccountList stack-based overflowVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3203545883
accepted
303156ageerle ruoyi-ai SysNoticeController.java improper authorizationVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3202545866
accepted
303152ageerle ruoyi-ai API Interface SysModelController.java improper authorizationVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3199545830
accepted
303151GNU Binutils objdump bucomm.c display_info memory leakVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3198545773
accepted
303150Open Asset Import Library Assimp Malformed File MD2Loader.cpp InternReadFile stack-based overflowVulDBVulDB03/28/202504/03/202505/14/2025CVE-2025-3196545368
accepted
303149itsourcecode Online Blood Bank Management System bbms.php sql injectionVulDBVulDB03/27/202504/03/202504/04/2025CVE-2025-3195544147
accepted
303147PHPGurukul e-Diary Management System add-notes.php sql injectionVulDBVulDB03/27/202504/03/202504/04/2025CVE-2025-3188544110
accepted
303146PHPGurukul e-Diary Management System login.php sql injectionVulDBVulDB03/27/202504/03/202504/04/2025CVE-2025-3187544098
accepted
303145projectworlds Online Doctor Appointment Booking System invoice.php sql injectionVulDBVulDB03/27/202504/03/202504/04/2025CVE-2025-3186543846
accepted
303144projectworlds Online Doctor Appointment Booking System patientupdateprofile.php sql injectionVulDBVulDB03/27/202504/03/202504/15/2025CVE-2025-3185543845
accepted
303143projectworlds Online Doctor Appointment Booking System profile.php sql injectionVulDBVulDB03/27/202504/03/202504/15/2025CVE-2025-3184543844
accepted
303142projectworlds Online Doctor Appointment Booking System patientupdateprofile.php sql injectionVulDBVulDB03/27/202504/03/202504/15/2025CVE-2025-3183543843
accepted
303141projectworlds Online Doctor Appointment Booking System getschedule.php sql injectionVulDBVulDB03/27/202504/03/202504/15/2025CVE-2025-3182543842
accepted
303140projectworlds Online Doctor Appointment Booking System appointment.php sql injectionVulDBVulDB03/27/202504/03/202504/15/2025CVE-2025-3181543841
accepted
303139projectworlds Online Doctor Appointment Booking System deleteschedule.php sql injectionVulDBVulDB03/27/202504/03/202504/03/2025CVE-2025-3180543840
accepted
303138projectworlds Online Doctor Appointment Booking System deletepatient.php sql injectionVulDBVulDB03/27/202504/03/202504/03/2025CVE-2025-3179543839
accepted
303137projectworlds Online Doctor Appointment Booking System deleteappointment.php sql injectionVulDBVulDB03/27/202504/03/202504/03/2025CVE-2025-3178543838
accepted
303136FastCMS JWT hard-coded keyVulDBVulDB03/27/202504/03/202504/03/2025CVE-2025-3177543673
accepted
303135Project Worlds Online Lawyer Management System single_lawyer.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3176543278
accepted
303134Project Worlds Online Lawyer Management System save_user_edit_profile.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3175543277
accepted
303133Project Worlds Online Lawyer Management System searchLawyer.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3174543276
accepted
303132Project Worlds Online Lawyer Management System save_booking.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3173543275
accepted
303131Project Worlds Online Lawyer Management System lawyer_booking.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3172543274
accepted
303130Project Worlds Online Lawyer Management System approve_lawyer.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3171543273
accepted
303129Project Worlds Online Lawyer Management System admin_user.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3170543271
accepted
303128Projeqtor saveAttachment.php unrestricted uploadVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3169543250
accepted
303127PHPGurukul Time Table Generator System edit-class.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3168543172
accepted
303113Tenda AC23 API Interface VerAPIMant denial of serviceVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3167543150
accepted
303112code-projects Product Management System Search Product Menu search_item stack-based overflowVulDBVulDB03/25/202504/03/202504/03/2025CVE-2025-3166542668
accepted
303111thu-pacman chitu backend.py torch.load deserializationVulDBVulDB03/25/202504/03/202504/21/2025CVE-2025-3165542529
accepted
303110Tencent Music Entertainment SuperSonic H2 Database Connection testConnect code injectionVulDBVulDB03/25/202504/03/202504/03/2025CVE-2025-3164542528
accepted
303109InternLM LMDeploy conf.py open code injectionVulDBVulDB03/25/202504/03/202504/21/2025CVE-2025-3163542527
accepted
303108InternLM LMDeploy PT File utils.py load_weight_ckpt deserializationVulDBVulDB03/25/202504/03/202504/24/2025CVE-2025-3162542520
accepted
303107Tenda AC10 ShutdownSetAdd stack-based overflowVulDBVulDB03/25/202504/03/202504/03/2025CVE-2025-3161542437
accepted
303106Open Asset Import Library Assimp File SceneCombiner.cpp AddNodeHashes out-of-boundsVulDBVulDB03/25/202504/03/202505/14/2025CVE-2025-3160542248
accepted
303105Open Asset Import Library Assimp ASE File ASEParser.cpp ParseLV4MeshBonesVertices heap-based overflowVulDBVulDB03/25/202504/03/202505/14/2025CVE-2025-3159542247
accepted
303104Open Asset Import Library Assimp LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflowVulDBVulDB03/25/202504/03/202504/03/2025CVE-2025-3158542246
accepted
303101Intelbras WRN 150 Wireless Menu cross site scriptingVulDBVulDB02/15/202504/03/202504/03/2025CVE-2025-3157501902
accepted
303057caipeichao ThinkOX Search search.html cross site scriptingVulDBVulDB03/24/202504/02/202504/02/2025CVE-2025-3152525767
accepted
303056SourceCodester Gym Management System signup.php sql injectionVulDBVulDB03/24/202504/02/202505/15/2025CVE-2025-3151525633
accepted
303055itning Student Homework Management System cross-site request forgeryVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3150525408
accepted
303054itning Student Homework Management System Edit Job Page fileupload cross site scriptingVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3149525403
accepted
303053codeprojects Product Management System Login buffer overflowVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3148525395
accepted
303052PHPGurukul Boat Booking System add-subadmin.php sql injectionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3147525388
accepted
303051PHPGurukul Bus Pass Management System view-pass-detail.php sql injectionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3146525340
accepted
303050MindSpore mindspore.numpy.fft.rfft2 memory corruptionVulDBVulDB04/02/202504/02/2025CVE-2025-3145
 
accepted
303049MindSpore mindspore.numpy.fft.hfftn memory corruptionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3144525333
accepted
303048SourceCodester Apartment Visitor Management System visitor-entry.php sql injectionVulDBVulDB03/23/202504/02/202505/15/2025CVE-2025-3143525321
accepted
303047SourceCodester Apartment Visitor Management System add-apartment.php sql injectionVulDBVulDB03/23/202504/02/202505/15/2025CVE-2025-3142525320
accepted
303046SourceCodester Online Medicine Ordering System manage_category.php sql injectionVulDBVulDB03/23/202504/02/202504/06/2025CVE-2025-3141525309
accepted
303045SourceCodester Online Medicine Ordering System view_category.php sql injectionVulDBVulDB03/23/202504/02/202504/06/2025CVE-2025-3140525308
accepted
303044code-projects Bus Reservation System Login Form login buffer overflowVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3139525305
accepted
303043PHPGurukul Online Security Guards Hiring System edit-guard-detail.php sql injectionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3138525265
accepted
303042PHPGurukul Online Security Guards Hiring System changeimage.php sql injectionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3137525264
accepted
303041PyTorch CUDACachingAllocator.cpp torch.cuda.memory.caching_allocator_delete memory corruptionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3136525252
accepted
303040fcba_zzm ics-park Smart Park Management System update sql injectionVulDBVulDB03/22/202504/02/202504/02/2025CVE-2025-3135525136
accepted
303039code-projects Payroll Management System add_overtime.php sql injectionVulDBVulDB03/22/202504/02/202505/15/2025CVE-2025-3134525102
accepted
303014WonderCMS Theme Installation/Plugin Installation installUpdateModuleAction unrestricted upload [Disputed]VulDBVulDB03/22/202504/02/202504/02/2025CVE-2025-3123525101
accepted
303013WebAssembly wabt binary-reader-interp.cc BeginFunctionBody null pointer dereferenceVulDBVulDB03/22/202504/02/202504/02/2025CVE-2025-3122525091
accepted
303012PyTorch torch.jit.jit_module_from_flatbuffer memory corruptionVulDBVulDB03/22/202504/02/202504/02/2025CVE-2025-3121525049
accepted
303011SourceCodester Apartment Visitors Management System add-apartment.php sql injectionVulDBVulDB03/22/202504/02/202504/06/2025CVE-2025-3120524991
accepted
303010SourceCodester Online Tutor Portal manage_course.php sql injectionVulDBVulDB03/22/202504/02/202504/06/2025CVE-2025-3119524990
accepted
303009SourceCodester Online Tutor Portal view_course.php sql injectionVulDBVulDB03/22/202504/02/202504/06/2025CVE-2025-3118524985
accepted
302106oretnom23/SourceCodester Apartment Visitor Management System remove-apartment.php sql injectionVulDBVulDB03/22/202503/31/202504/06/2025CVE-2025-3045524983
accepted
302105GuoMinJim PersonManage login preHandle path traversalVulDBVulDB03/22/202503/31/202504/01/2025CVE-2025-3043524949
accepted
302104Project Worlds Online Time Table Generator updateprofile.php unrestricted uploadVulDBVulDB03/22/202503/31/202504/01/2025CVE-2025-3042524936
accepted
302103Project Worlds Online Time Table Generator updatestudent.php unrestricted uploadVulDBVulDB03/22/202503/31/202504/01/2025CVE-2025-3041524935
accepted
302102Project Worlds Online Time Table Generator add_student.php unrestricted uploadVulDBVulDB03/22/202503/31/202504/01/2025CVE-2025-3040524934
accepted
302100code-projects Payroll Management System add_employee.php sql injectionVulDBVulDB03/21/202503/31/202505/15/2025CVE-2025-3039524676
accepted
302099code-projects Payroll Management System view_account.php sql injectionVulDBVulDB03/21/202503/31/202505/15/2025CVE-2025-3038524636
accepted
302098yzk2356911358 StudentServlet-JSP cross-site request forgeryVulDBVulDB03/21/202503/31/202504/01/2025CVE-2025-3037524631
accepted
302097yzk2356911358 StudentServlet-JSP Student Management cross site scriptingVulDBVulDB03/21/202503/31/202504/01/2025CVE-2025-3036524630
accepted
302070SourceCodester Online Eyewear Shop Users.php sql injectionVulDBVulDB03/21/202503/31/202504/07/2025CVE-2025-3018524623
accepted
302069TA-Lib ta_regtest test_minmax.c setInputBuffer out-of-bounds writeVulDBVulDB03/21/202503/31/202504/01/2025CVE-2025-3017524603
accepted
302068Open Asset Import Library Assimp MDL File MDLMaterialLoader.cpp ParseTextureColorData resource consumptionVulDBVulDB03/21/202503/31/202504/17/2025CVE-2025-3016524593
accepted
302067Open Asset Import Library Assimp ASE File ASELoader.cpp BuildUniqueRepresentation out-of-boundsVulDBVulDB03/21/202503/31/202504/17/2025CVE-2025-3015524589
accepted
302060Khronos Group glslang Intermediate.cpp isConversionAllowed null pointer dereferenceVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3010524561
accepted
302059Jinher Network OA NetDiskProperty.aspx sql injectionVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3009524554
accepted
302058Novastar CX40 NetFilter Utility netconfig popen command injectionVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3008524869
accepted
302057Novastar CX40 NetFilter Utility netconfig getopt stack-based overflowVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3007524867
accepted
302056PHPGurukul e-Diary Management System edit-category.php sql injectionVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3006524553
accepted
302054Sayski ForestBlog Friend Link cross site scriptingVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3005524485
accepted
302053Sayski ForestBlog search cross site scriptingVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3004524484
accepted
302052ESAFENET CDG UserAjax sql injectionVulDBVulDB03/20/202503/30/202504/01/2025CVE-2025-3003524230
accepted
302051Digital China DCME-520 mon_merge_stat_hist.php os command injectionVulDBVulDB03/20/202503/30/202504/01/2025CVE-2025-3002524225
accepted
302050PyTorch torch.lstm_cell memory corruptionVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-3001524212
accepted
302049PyTorch torch.jit.script memory corruptionVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-3000524197
accepted
302048PyTorch torch.nn.utils.rnn.unpack_sequence memory corruptionVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-2999524198
accepted
302047PyTorch torch.nn.utils.rnn.pad_packed_sequence memory corruptionVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-2998524151
accepted
302046zhangyanbo2007 youkefu url server-side request forgeryVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-2997524009
accepted
302045Tenda FH1202 Web Management Interface SysToolDDNS access controlVulDBVulDB03/20/202503/30/202504/08/2025CVE-2025-2996523419
accepted
302044Tenda FH1202 Web Management Interface SysToolChangePwd access controlVulDBVulDB03/20/202503/30/202504/08/2025CVE-2025-2995523418
accepted
302043Tenda FH1202 Web Management Interface qossetting access controlVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-2994523417
accepted
302042Tenda FH1202 default.cfg access controlVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-2993523416
accepted
302041Tenda FH1202 Web Management Interface AdvSetWrlsafeset access controlVulDBVulDB03/20/202503/30/202503/31/2025CVE-2025-2992523413
accepted
302040Tenda FH1202 Web Management Interface AdvSetWrlmacfilter access controlVulDBVulDB03/20/202503/30/202504/07/2025CVE-2025-2991523412
accepted
302039Tenda FH1202 Web Management Interface AdvSetWrlGstset access controlVulDBVulDB03/20/202503/30/202504/07/2025CVE-2025-2990523404
accepted
302038Tenda FH1202 Web Management Interface AdvSetWrl access controlVulDBVulDB03/20/202503/30/202504/07/2025CVE-2025-2989523402
accepted
302037code-projects Payroll Management System update_account.php sql injectionVulDBVulDB03/20/202503/30/202505/15/2025CVE-2025-2985523344
accepted
302036code-projects Payroll Management System delete.php sql injectionVulDBVulDB03/20/202503/30/202505/15/2025CVE-2025-2984523343
accepted
302035Legrand SMS PowerView os command injectionVulDBVulDB03/30/202503/31/2025CVE-2025-2983
 
accepted
302034Legrand SMS PowerView file inclusionVulDBVulDB03/30/202503/31/2025CVE-2025-2982
 
accepted
302033Legrand SMS PowerView cross site scriptingVulDBVulDB03/30/202503/31/2025CVE-2025-2981
 
accepted
302032Legrand SMS PowerView redirectVulDBVulDB03/19/202503/30/202504/03/2025CVE-2025-2980523212
accepted
302031WCMS Registration setregister cross site scriptingVulDBVulDB03/20/202503/30/202503/31/2025CVE-2025-2979523896
accepted
302030WCMS Article Publishing Page CKEditor unrestricted uploadVulDBVulDB03/19/202503/30/202503/31/2025CVE-2025-2978523093
accepted
302029GFI KerioConnect PDF File cross site scriptingVulDBVulDB03/19/202503/30/202503/31/2025CVE-2025-2977523016
accepted
302028GFI KerioConnect File Upload cross site scriptingVulDBVulDB03/30/202503/31/2025CVE-2025-2976
 
accepted
302027GFI KerioConnect Signature EditHtmlSource cross site scriptingVulDBVulDB03/19/202503/30/202503/31/2025CVE-2025-2975523009
accepted
302026CodeCanyon Perfex CRM Contracts contract cross site scriptingVulDBVulDB03/18/202503/30/202504/03/2025CVE-2025-2974522737
accepted
302025code-projects College Management System student.php unrestricted uploadVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2973522478
accepted
302024ConcreteCMS Page Attribute Display Block cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2972522423
accepted
302023ConcreteCMS List Block cross site scripting [False-Positive]VulDBVulDB03/18/202503/30/202504/08/2025CVE-2025-2971522421revoked
302022ConcreteCMS Switch Language Block cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2970522420
accepted
302021ConcreteCMS Feature Link Block save cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2969522419
accepted
302020ConcreteCMS Feature Block save cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2968522418
accepted
302019ConcreteCMS HTML Block save HTML injectionVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2967522417
accepted
302018ConcreteCMS Content Block save cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2966522416
accepted
302017ConcreteCMS Accordion Block save cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2965522415
accepted
302016ConcreteCMS FAQ Block save cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2964522414
accepted
302015ConcreteCMS Legacy Form Block addEditQuestion cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2963522413
accepted
302014opensolon org.noear.solon.core.handle.RenderManager aa render_mav path traversalVulDBVulDB03/18/202503/29/202503/31/2025CVE-2025-2961522380
accepted
302013TRENDnet TEW-637AP/TEW-638APB HTTP Request goahead sub_41DED0 null pointer dereferenceVulDBVulDB03/17/202503/29/202503/31/2025CVE-2025-2960521727
accepted
302012TRENDnet TEW-410APB HTTP Request httpd sub_4019A0 null pointer dereferenceVulDBVulDB03/17/202503/29/202503/31/2025CVE-2025-2959521725
accepted
302011TRENDnet TEW-818DRU HTTP Request httpd denial of serviceVulDBVulDB03/17/202503/29/202503/30/2025CVE-2025-2958521723
accepted
302010TRENDnet TEW-411BRP+ HTTP Request httpd sub_401DB0 null pointer dereferenceVulDBVulDB03/17/202503/29/202503/30/2025CVE-2025-2957521719
accepted
302009TRENDnet TI-G102i HTTP Request lighttpd plugins_call_handle_uri_raw null pointer dereferenceVulDBVulDB03/17/202503/29/202503/30/2025CVE-2025-2956521717
accepted
302008TOTOLINK A3000RU IBMS Configuration File ExportIbmsConfig.sh access controlVulDBVulDB03/17/202503/29/202503/30/2025CVE-2025-2955521567
accepted
302007mannaandpoem OpenManus File file_saver.py execute access controlVulDBVulDB03/17/202503/29/202503/30/2025CVE-2025-2954521545
accepted
302006PyTorch torch.mkldnn_max_pool2d denial of service [Disputed]VulDBVulDB03/16/202503/29/202504/22/2025CVE-2025-2953521279
accepted
302005Bluestar Micro Mall api.php unrestricted uploadVulDBVulDB03/29/202503/30/2025CVE-2025-2952
 
accepted
302004Bluestar Micro Mall data.php sql injectionVulDBVulDB03/16/202503/29/202503/30/2025CVE-2025-2951521162
accepted
301902ESAFENET CDG getFileTypeList.jsp sql injectionVulDBVulDB03/16/202503/28/202503/28/2025CVE-2025-2927521263
accepted
301901HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereferenceVulDBVulDB03/16/202503/28/202503/28/2025CVE-2025-2926521246
accepted
301900HDF5 H5MM.c H5MM_realloc double freeVulDBVulDB03/16/202503/28/202504/17/2025CVE-2025-2925521193
accepted
301899HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflowVulDBVulDB03/16/202503/28/202504/17/2025CVE-2025-2924521170
accepted
301898HDF5 H5Fint.c H5F_addr_encode_len heap-based overflowVulDBVulDB03/16/202503/28/202503/28/2025CVE-2025-2923521151
accepted
301897Netis WF-2404 BusyBox Shell cleartext storageVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2922521039
accepted
301896Netis WF-2404 passwd default passwordVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2921521038
accepted
301895Netis WF-2404 passwd weak hashVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2920521037
accepted
301894Netis WF-2404 UART hardware allows activation of test or debug logic at runtimeVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2919521036
accepted
301890ChestnutCMS read readFile path traversalVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2917520933
accepted
301889Aishida Call Center System amr2mp3 command injectionVulDBVulDB03/14/202503/28/202503/28/2025CVE-2025-2916520604
accepted
301888HDF5 H5Faccum.c H5F__accum_free heap-based overflowVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2915520899
accepted
301887HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflowVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2914520880
accepted
301886HDF5 H5FL.c H5FL__blk_gc_list use after freeVulDBVulDB03/14/202503/28/202503/28/2025CVE-2025-2913520404
accepted
301885HDF5 H5Omessage.c H5O_msg_flush heap-based overflowVulDBVulDB03/13/202503/28/202503/28/2025CVE-2025-2912519966
accepted
301813Kentico CMS Additional Database Installation Wizard install.aspx cross site scriptingVulDBVulDB02/18/202503/27/202503/28/2025CVE-2025-2878503058
accepted
301502elunez eladmin upload checkFile deserializationVulDBVulDB03/18/202503/27/202503/27/2025CVE-2025-2855522504
accepted
301501code-projects Payroll Management System update_employee.php sql injectionVulDBVulDB03/18/202503/27/202505/15/2025CVE-2025-2854522479
accepted
301495SourceCodester Food Ordering Management System view_menu.php sql injectionVulDBVulDB03/18/202503/27/202503/27/2025CVE-2025-2852522402
accepted
301494UPX p_lx_elf.cpp un_DT_INIT heap-based overflowVulDBVulDB03/18/202503/27/202503/27/2025CVE-2025-2849522371
accepted
301493Codezips Gym Management System over_month.php sql injectionVulDBVulDB03/18/202503/27/202503/27/2025CVE-2025-2847522330
accepted
301492SourceCodester Online Eyewear Shop Registration Users.php registration sql injectionVulDBVulDB03/18/202503/27/202505/15/2025CVE-2025-2846522326
accepted
301471zhangyd-c OneBlog RestApiController.java autoLink server-side request forgeryVulDBVulDB03/17/202503/26/202503/27/2025CVE-2025-2835521815
accepted
301470zhangyd-c OneBlog HTTP Header redosVulDBVulDB03/17/202503/26/202503/27/2025CVE-2025-2833521813
accepted
301469mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 cross-site request forgeryVulDBVulDB03/17/202503/26/202503/27/2025CVE-2025-2832521460
accepted
301468mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 bookList getBookList sql injectionVulDBVulDB03/17/202503/26/202503/27/2025CVE-2025-2831521458
accepted
300862Open Asset Import Library Assimp MD5 File MD5Parser.cpp AI_MD5_PARSE_STRING_IN_QUOTATION heap-based overflowVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2757517817
accepted
300861Open Asset Import Library Assimp AC3D File ACLoader.cpp ConvertObjectSection heap-based overflowVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2756517790
accepted
300860Open Asset Import Library Assimp AC3D File ACLoader.cpp ConvertObjectSection out-of-boundsVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2755517789
accepted
300859Open Asset Import Library Assimp AC3D File ACLoader.cpp ConvertObjectSection heap-based overflowVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2754517788
accepted
300858Open Asset Import Library Assimp LWS File LWSLoader.cpp MergeScenes out-of-boundsVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2753517787
accepted
300857Open Asset Import Library Assimp CSM File fast_atof.h fast_atoreal_move out-of-boundsVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2752517786
accepted
300856Open Asset Import Library Assimp CSM File CSMLoader.cpp InternReadFile out-of-boundsVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2751517785
accepted
300855Open Asset Import Library Assimp CSM File CSMLoader.cpp InternReadFile out-of-bounds writeVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2750517783
accepted
300846zhijiantianya ruoyi-vue-pro Material Upload Interface upload-news-image path traversalVulDBVulDB03/13/202503/24/202503/24/2025CVE-2025-2744519694
accepted
300845zhijiantianya ruoyi-vue-pro Material Upload Interface upload-temporary path traversalVulDBVulDB03/13/202503/24/202503/24/2025CVE-2025-2743519692
accepted
300844zhijiantianya ruoyi-vue-pro Material Upload Interface upload-permanent path traversalVulDBVulDB03/13/202503/24/202503/24/2025CVE-2025-2742519691
accepted
300762PHPGurukul Old Age Home Management System eligibility.php sql injectionVulDBVulDB03/21/202503/24/202503/24/2025CVE-2025-2740524733
accepted
300761PHPGurukul Old Age Home Management System manage-services.php sql injectionVulDBVulDB03/20/202503/24/202503/24/2025CVE-2025-2739523400
accepted
300760PHPGurukul Old Age Home Management System manage-scdetails.php sql injectionVulDBVulDB03/19/202503/24/202503/24/2025CVE-2025-2738522931
accepted
300759PHPGurukul Old Age Home Management System contactus.php sql injectionVulDBVulDB03/19/202503/24/202503/24/2025CVE-2025-2737522898
accepted
300758PHPGurukul Old Age Home Management System bwdates-report-details.php sql injectionVulDBVulDB03/19/202503/24/202503/24/2025CVE-2025-2736522881
accepted
300757PHPGurukul Old Age Home Management System add-services.php sql injectionVulDBVulDB03/18/202503/24/202503/24/2025CVE-2025-2735522266
accepted
300756PHPGurukul Old Age Home Management System aboutus.php sql injectionVulDBVulDB03/18/202503/24/202503/24/2025CVE-2025-2734522265
accepted
300753mannaandpoem OpenManus Prompt python_execute.py os command injectionVulDBVulDB03/14/202503/24/202503/24/2025CVE-2025-2733520426
accepted
300752H3C Magic BE18000 HTTP POST Request getWifiNeighbour command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2732520499
accepted
300751H3C Magic BE18000 HTTP POST Request getDualbandSync command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2731520497
accepted
300750H3C Magic BE18000 HTTP POST Request getssidname command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2730520495
accepted
300749H3C Magic BE18000 HTTP POST Request networkSetup command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2729520494
accepted
300748H3C Magic NX30 Pro/Magic NX400 getNetworkConf command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2728520462
accepted
300747H3C Magic NX30 Pro HTTP POST Request getNetworkStatus command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2727520394
accepted
300746H3C Magic BE18000 HTTP POST Request esps command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2726520393
accepted
300745H3C Magic BE18000 HTTP POST Request auth command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2725520390
accepted
300744GNOME libgsf sorting_key_copy out-of-bounds [False-Positive]VulDBVulDB03/13/202503/24/202504/22/2025CVE-2025-2724520184revoked
300743GNOME libgsf gsf_property_settings_collec heap-based overflow [False-Positive]VulDBVulDB03/13/202503/24/202504/22/2025CVE-2025-2723520183revoked
300742GNOME libgsf gsf_prop_settings_collect_va heap-based overflow [False-Positive]VulDBVulDB03/13/202503/24/202504/22/2025CVE-2025-2722520182revoked
300741GNOME libgsf gsf_base64_encode_simple heap-based overflow [False-Positive]VulDBVulDB03/13/202503/24/202504/22/2025CVE-2025-2721520181revoked
300740GNOME libgsf gsf_base64_encode_simple uninitialized variable [False-Positive]VulDBVulDB03/13/202503/24/202503/27/2025CVE-2025-2720520180revoked
300737D-Link DIR-823X HTTP POST Request diag_nslookup sub_41710C os command injectionVulDBVulDB03/11/202503/24/202503/25/2025CVE-2025-2717517958
accepted
300736China Mobile P22g-CIac Samba Path path traversalVulDBVulDB03/13/202503/24/202503/25/2025CVE-2025-2716519900
accepted
300735timschofield webERP Confirm Dispatch and Invoice Page ConfirmDispatch_Invoice.php cross site scriptingVulDBVulDB03/13/202503/24/202503/25/2025CVE-2025-2715519791
accepted
300734JoomlaUX JUX Real Estate addagent cross site scriptingVulDBVulDB03/10/202503/24/202503/25/2025CVE-2025-2714517638
accepted
300733Yonyou UFIDA ERP-NC top.jsp cross site scriptingVulDBVulDB03/24/202503/25/2025CVE-2025-2712
 
accepted
300732Yonyou UFIDA ERP-NC systop.jsp cross site scriptingVulDBVulDB03/10/202503/24/202503/25/2025CVE-2025-2711517309
accepted
300731Yonyou UFIDA ERP-NC menu.jsp cross site scriptingVulDBVulDB03/10/202503/24/202503/25/2025CVE-2025-2710517306
accepted
300730Yonyou UFIDA ERP-NC login.jsp cross site scriptingVulDBVulDB03/10/202503/24/202503/25/2025CVE-2025-2709517305
accepted
300729zhijiantianya ruoyi-vue-pro Backend File Upload Interface upload path traversalVulDBVulDB03/09/202503/24/202503/25/2025CVE-2025-2708517030
accepted
300728zhijiantianya ruoyi-vue-pro Front-End Store Interface upload path traversalVulDBVulDB03/09/202503/24/202503/25/2025CVE-2025-2707517029
accepted
300727Digiwin ERP UploadAjaxAPI.ashx unrestricted uploadVulDBVulDB03/07/202503/24/202503/25/2025CVE-2025-2706516293
accepted
300726Digiwin ERP FileUploadApi.ashx DoWebUpload unrestricted uploadVulDBVulDB03/07/202503/24/202503/24/2025CVE-2025-2705516291
accepted
300719Softwin WMX3 ImageAdd.ashx ImageAdd unrestricted uploadVulDBVulDB03/07/202503/23/202503/23/2025CVE-2025-2702516289
accepted
300718AMTT Hotel Broadband Operation System port_setup.php popen os command injectionVulDBVulDB03/07/202503/23/202503/24/2025CVE-2025-2701516089
accepted
300717michelson Dante Editor Insert Link cross site scriptingVulDBVulDB03/07/202503/23/202503/24/2025CVE-2025-2700515869
accepted
300716GetmeUK ContentTools Image cross site scriptingVulDBVulDB03/07/202503/23/202503/24/2025CVE-2025-2699515864
accepted
300711yiisoft Yii2 MockClass.php generate deserializationVulDBVulDB03/17/202503/23/202503/24/2025CVE-2025-2690521718
accepted
300710yiisoft Yii2 SortableIterator.php getIterator deserializationVulDBVulDB03/17/202503/23/202503/24/2025CVE-2025-2689521709
accepted
300709TOTOLINK A3000RU Syslog Configuration File ExportSyslog.sh access controlVulDBVulDB03/17/202503/23/202503/24/2025CVE-2025-2688521570
accepted
300708PHPGurukul eLearning System Image index.php unrestricted uploadVulDBVulDB03/17/202503/23/202503/24/2025CVE-2025-2687521454
accepted
300703mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 Backend admin doFilter access controlVulDBVulDB03/17/202503/23/202503/24/2025CVE-2025-2686521449
accepted
300701PHPGurukul Bank Locker Management System search-report-details.php sql injectionVulDBVulDB03/17/202503/22/202503/24/2025CVE-2025-2684521453
accepted
300700PHPGurukul Bank Locker Management System profile.php sql injectionVulDBVulDB03/17/202503/22/202503/24/2025CVE-2025-2683521452
accepted
300699PHPGurukul Bank Locker Management System edit-subadmin.php sql injectionVulDBVulDB03/17/202503/22/202503/24/2025CVE-2025-2682521451
accepted
300698PHPGurukul Bank Locker Management System edit-locker.php sql injectionVulDBVulDB03/17/202503/22/202503/24/2025CVE-2025-2681521450
accepted
300697PHPGurukul Bank Locker Management System edit-assign-locker.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2680521448
accepted
300696PHPGurukul Bank Locker Management System contact-us.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2679521447
accepted
300695PHPGurukul Bank Locker Management System changeimage1.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2678521445
accepted
300694PHPGurukul Bank Locker Management System changeidproof.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2677521444
accepted
300693PHPGurukul Bank Locker Management System add-subadmin.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2676521443
accepted
300692PHPGurukul Bank Locker Management System add-lockertype.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2675521442
accepted
300691PHPGurukul Bank Locker Management System aboutus.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2674521441
accepted
300690code-projects Payroll Management System home_employee.php cross site scriptingVulDBVulDB03/16/202503/22/202503/27/2025CVE-2025-2673521244
accepted
300689code-projects Payroll Management System add_deductions.php sql injectionVulDBVulDB03/16/202503/22/202503/27/2025CVE-2025-2672521243
accepted
300688Yue Lao Blind Box 月老盲盒 Upload.php base64image unrestricted uploadVulDBVulDB03/16/202503/22/202503/24/2025CVE-2025-2671521169
accepted
300687PHPGurukul Online Security Guards Hiring System bwdates-reports-details.php sql injectionVulDBVulDB03/16/202503/22/202503/24/2025CVE-2025-2665521167
accepted
300686CodeZips Hospital Management System suadpeted.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2664520780
accepted
300685PHPGurukul Bank Locker Management System search-locker-details.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2663520436
accepted
300678Project Worlds Online Time Table Generator studentdashboard.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2662520503
accepted
300677Project Worlds Online Time Table Generator index.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2661520484
accepted
300676Project Worlds Online Time Table Generator index.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2660520483
accepted
300675Project Worlds Online Time Table Generator index.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2659520482
accepted
300674PHPGurukul Online Security Guards Hiring System search-request.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2658520250
accepted
300673projectworlds Apartment Visitors Management System front.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2657520237
accepted
300672PHPGurukul Zoo Management System login.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2656520234
accepted
300670SourceCodester AC Repair and Services System Users.php save_users sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2655520017
accepted
300669SourceCodester AC Repair and Services System manage_service.php sql injectionVulDBVulDB03/13/202503/22/202503/27/2025CVE-2025-2654520013
accepted
300668FoxCMS improper authorizationVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2653519927
accepted
300667SourceCodester Employee and Visitor Gate Pass Logging System exposure of information through directory listingVulDBVulDB03/13/202503/22/202503/27/2025CVE-2025-2652519876
accepted
300666SourceCodester Online Eyewear Shop admin exposure of information through directory listingVulDBVulDB03/13/202503/22/202505/15/2025CVE-2025-2651519873
accepted
300665PHPGurukul Medical Card Generation System download-medical-cards.php cross site scriptingVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2650519781
accepted
300664PHPGurukul Doctor Appointment Management System check-appointment.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2649519780
accepted
300663PHPGurukul Art Gallery Management System view-enquiry-detail.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2648519779
accepted
300662PHPGurukul Art Gallery Management System search.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2647519777
accepted
300661PHPGurukul Art Gallery Management System admin-profile.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2646519776
accepted
300660PHPGurukul Art Gallery Management System product.php cross site scriptingVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2645519775
accepted
300659PHPGurukul Art Gallery Management System add-art-product.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2644519773
accepted
300658PHPGurukul Art Gallery Management System edit-art-type-detail.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2643519772
accepted
300657PHPGurukul Art Gallery Management System edit-art-product-detail.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2642519769
accepted
300656PHPGurukul Art Gallery Management System edit-artist-detail.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2641519768
accepted
300641PHPGurukul Doctor Appointment Management System appointment-bwdates-reports-details.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2640519644
accepted
300640JIZHICMS Article release.html improper authorizationVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2639519634
accepted
300639JIZHICMS Article release.html improper authorizationVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2638519633
accepted
300638JIZHICMS Account Profile Page userinfo.html improper authorizationVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2637519632
accepted
300630PHPGurukul Art Gallery Management System art-enquiry.php sql injectionVulDBVulDB03/13/202503/21/202503/22/2025CVE-2025-2628519615
accepted
300629PHPGurukul Art Gallery Management System contactus.php sql injectionVulDBVulDB03/12/202503/21/202503/22/2025CVE-2025-2627519335
accepted
300628SourceCodester Kortex Lite Advocate Office Management System edit_case.php sql injectionVulDBVulDB03/12/202503/21/202503/22/2025CVE-2025-2626519307
accepted
300627westboy CicadasCMS page sql injectionVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2625519296
accepted
300626westboy CicadasCMS save sql injectionVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2624519295
accepted
300625westboy CicadasCMS save cross site scriptingVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2623519294
accepted
300624aizuda snail-job Workflow-Task Management Module check-node-expression getRuntime deserializationVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2622518999
accepted
300623D-Link DAP-1620 storage check_dws_cookie stack-based overflowVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2621518980
accepted
300622D-Link DAP-1620 Authentication storage mod_graph_auth_uri_handler stack-based overflowVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2620518969
accepted
300621D-Link DAP-1620 Cookie storage check_dws_cookie stack-based overflowVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2619518968
accepted
300620D-Link DAP-1620 Path api set_ws_action heap-based overflowVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2618518963
accepted
300619yangyouwang 杨有旺 crud 简约后台管理系统 Department Page cross site scriptingVulDBVulDB03/21/202503/22/2025CVE-2025-2617
 
accepted
300618yangyouwang 杨有旺 crud 简约后台管理系统 Role Management Page cross site scriptingVulDBVulDB03/12/202503/21/202503/22/2025CVE-2025-2616518962
accepted
300591PHPGurukul Banquet Booking System view-user-queries.php sql injectionVulDBVulDB03/11/202503/21/202503/22/2025CVE-2025-2608518587
accepted
300590phplaozhang LzCMS-LaoZhangBoKeXiTong HTTP POST Request upimage.html unrestricted uploadVulDBVulDB03/11/202503/21/202503/22/2025CVE-2025-2607518021
accepted
300589SourceCodester Best Church Management Software soulwinning_crud.php unrestricted uploadVulDBVulDB03/11/202503/21/202503/22/2025CVE-2025-2606517974
accepted
300588SourceCodester Kortex Lite Advocate Office Management System edit_act.php sql injectionVulDBVulDB03/11/202503/21/202503/22/2025CVE-2025-2604517965
accepted
300587SourceCodester Kortex Lite Advocate Office Management System deactivate.php sql injectionVulDBVulDB03/11/202503/21/202503/22/2025CVE-2025-2603517963
accepted
300586SourceCodester Kortex Lite Advocate Office Management System deactivate_reg.php sql injectionVulDBVulDB03/11/202503/21/202505/15/2025CVE-2025-2602517960
accepted
300585SourceCodester Kortex Lite Advocate Office Management System activate_reg.php sql injectionVulDBVulDB03/11/202503/21/202505/15/2025CVE-2025-2601517959
accepted
300577FastCMS list sql injectionVulDBVulDB03/11/202503/21/202503/22/2025CVE-2025-2593517926
accepted
300575Open Asset Import Library Assimp CSMLoader.cpp InternReadFile heap-based overflowVulDBVulDB03/11/202503/21/202504/04/2025CVE-2025-2592517782
accepted
300574Open Asset Import Library Assimp MDLLoader.cpp InternReadFile_Quake1 divide by zeroVulDBVulDB03/11/202503/21/202504/04/2025CVE-2025-2591517781
accepted
300570code-projects Human Resource Management System recruitment.go UpdateRecruitmentById cross site scriptingVulDBVulDB03/10/202503/21/202503/21/2025CVE-2025-2590517344
accepted
300569code-projects Human Resource Management System Account.go Index improper authorizationVulDBVulDB03/10/202503/21/202503/22/2025CVE-2025-2589517343
accepted
300568Hercules Augeas fa.c re_case_expand null pointer dereferenceVulDBVulDB03/10/202503/21/202503/29/2025CVE-2025-2588517281
accepted
300567Jinher OA C6 IncentivePlanFulfillAppprove.aspx sql injectionVulDBVulDB03/07/202503/21/202503/22/2025CVE-2025-2587516025
accepted
300544WebAssembly wabt binary-reader-interp.cc GetReturnCallDropKeepCount heap-based overflowVulDBVulDB03/06/202503/21/202503/21/2025CVE-2025-2584515406
accepted
300543SimpleMachines SMF ManageNews.php cross site scripting [Disputed]VulDBVulDB03/01/202503/21/202504/21/2025CVE-2025-2583512001
accepted
300542SimpleMachines SMF ManageAttachments.php cross site scripting [Disputed]VulDBVulDB03/01/202503/21/202504/21/2025CVE-2025-2582511999
accepted
300541xmedcon DICOM File malloc integer underflowVulDBVulDB03/18/202503/20/202503/21/2025CVE-2025-2581522216
accepted
300170Audi UTR Dashcam Command API access controlVulDBVulDB03/03/202503/20/202503/21/2025CVE-2025-2557513393
accepted
300169Audi UTR Dashcam Video Stream hard-coded credentialsVulDBVulDB03/03/202503/20/202503/21/2025CVE-2025-2556513392
accepted
300168Audi Universal Traffic Recorder App FTP Credentials hard-coded passwordVulDBVulDB03/03/202503/20/202503/21/2025CVE-2025-2555513391
accepted
300167D-Link DIR-618/DIR-605L formVirtualServ access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2553516795
accepted
300166D-Link DIR-618/DIR-605L formTcpipSetup access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2552516794
accepted
300165D-Link DIR-618/DIR-605L formSetPortTr access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2551516793
accepted
300164D-Link DIR-618/DIR-605L DDNS Service formSetDDNS access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2550516792
accepted
300163D-Link DIR-618/DIR-605L formSetPassword access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2549516791
accepted
300162D-Link DIR-618/DIR-605L formSetDomainFilter access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2548516790
accepted
300161D-Link DIR-618/DIR-605L formAdvNetwork access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2547516789
accepted
300160D-Link DIR-618/DIR-605L Firewall Service formAdvFirewall access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2546516788
accepted
299997Dromara ujcms Edit Template File Page WebFileTemplateController.java update cross site scriptingVulDBVulDB03/10/202503/18/202503/18/2025CVE-2025-2491517269
accepted
299996Dromara ujcms File Upload WebFileUploadController.java upload cross site scriptingVulDBVulDB03/10/202503/18/202503/18/2025CVE-2025-2490517267
accepted
299966PHPGurukul Company Visitor Management System Sign In index.php sql injectionVulDBVulDB03/10/202503/17/202503/18/2025CVE-2025-2473517266
accepted
299965PHPGurukul Apartment Visitors Management System Sign In index.php sql injectionVulDBVulDB03/10/202503/17/202503/18/2025CVE-2025-2472517264
accepted
299964PHPGurukul Boat Booking System boat-details.php sql injectionVulDBVulDB03/09/202503/17/202503/18/2025CVE-2025-2471517113
accepted
299917猫宁i Morning cross-site request forgeryVulDBVulDB03/09/202503/17/202503/18/2025CVE-2025-2420517009
accepted
299916code-projects Real Estate Property Management System InsertFeedback.php sql injectionVulDBVulDB03/09/202503/17/202504/08/2025CVE-2025-2419516999
accepted
299897China Mobile P22g-CIac CLI su Command default credentialsVulDBVulDB03/17/202503/17/2025CVE-2025-2398
 
accepted
299896China Mobile P22g-CIac Telnet Service improper authorizationVulDBVulDB03/05/202503/17/202503/18/2025CVE-2025-2397514957
accepted
299892code-projects Online Class and Exam Scheduling System salut_del.php sql injectionVulDBVulDB03/08/202503/16/202503/18/2025CVE-2025-2393516917
accepted
299891code-projects Online Class and Exam Scheduling System activate.php sql injectionVulDBVulDB03/08/202503/16/202503/18/2025CVE-2025-2392516912
accepted
299890code-projects Blood Bank Management System Admin Login Page admin_login.php sql injectionVulDBVulDB03/08/202503/16/202503/18/2025CVE-2025-2391516910
accepted
299889code-projects Blood Bank Management System add_donor.php sql injectionVulDBVulDB03/08/202503/16/202503/16/2025CVE-2025-2390516908
accepted
299888code-projects Blood Bank Management System add_city.php sql injectionVulDBVulDB03/08/202503/16/202503/16/2025CVE-2025-2389516906
accepted
299887Keytop 路内停车收费系统 API getParks improper authenticationVulDBVulDB03/08/202503/16/202503/16/2025CVE-2025-2388516710
accepted
299886SourceCodester Online Food Ordering System ajax.php sql injectionVulDBVulDB03/08/202503/16/202503/16/2025CVE-2025-2387516681
accepted
299885PHPGurukul Local Services Search Engine Management System serviceman-search.php sql injectionVulDBVulDB03/08/202503/16/202503/26/2025CVE-2025-2386516546
accepted
299884code-projects Modern Bag login.php sql injectionVulDBVulDB03/08/202503/16/202504/08/2025CVE-2025-2385516544
accepted
299883code-projects Real Estate Property Management System Parameter InsertCustomer.php sql injectionVulDBVulDB03/07/202503/16/202503/26/2025CVE-2025-2384516282
accepted
299882PHPGurukul Doctor Appointment Management System search.php sql injectionVulDBVulDB03/07/202503/16/202503/26/2025CVE-2025-2383515913
accepted
299881PHPGurukul Online Banquet Booking System booking-search.php sql injectionVulDBVulDB03/07/202503/16/202503/16/2025CVE-2025-2382515911
accepted
299880PHPGurukul Curfew e-Pass Management System search-pass.php sql injectionVulDBVulDB03/07/202503/16/202503/16/2025CVE-2025-2381515896
accepted
299879PHPGurukul Apartment Visitors Management System admin-profile.php sql injectionVulDBVulDB03/07/202503/16/202503/16/2025CVE-2025-2380515873
accepted
299878PHPGurukul Apartment Visitors Management System create-pass.php sql injectionVulDBVulDB03/07/202503/16/202503/16/2025CVE-2025-2379515872
accepted
299877PHPGurukul Medical Card Generation System download-medical-cards.php sql injectionVulDBVulDB03/07/202503/16/202503/17/2025CVE-2025-2378515822
accepted
299876SourceCodester Vehicle Management System confirmbooking.php cross site scriptingVulDBVulDB03/07/202503/16/202505/15/2025CVE-2025-2377515797
accepted
299875viames Pair Framework PHP Object UserRemember.php getCookieContent deserializationVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2376515735
accepted
299874PHPGurukul Human Metapneumovirus Testing Management System Admin Profile Page profile.php cross site scriptingVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2375515444
accepted
299873PHPGurukul Human Metapneumovirus Testing Management System profile.php sql injectionVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2374515429
accepted
299872PHPGurukul Human Metapneumovirus Testing Management System check_availability.php sql injectionVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2373515408
accepted
299871PHPGurukul Human Metapneumovirus Testing Management System Password Recovery Page password-recovery.php sql injectionVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2372515389
accepted
299870PHPGurukul Human Metapneumovirus Testing Management System Registered Mobile Number Search registered-user-testing.php cross site scriptingVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2371515347
accepted
299869TOTOLINK EX1800T cstecgi.cgi setWiFiExtenderConfig stack-based overflowVulDBVulDB03/06/202503/16/202504/08/2025CVE-2025-2370515329
accepted
299868TOTOLINK EX1800T cstecgi.cgi setPasswordCfg stack-based overflowVulDBVulDB03/06/202503/16/202504/08/2025CVE-2025-2369515328
accepted
299867WebAssembly wabt Malformed File binary-reader-interp.cc OnExport heap-based overflowVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2368515327
accepted
299866Oiwtech OIW-2431APGN-HP Personal Script Submenu formScript os command injectionVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2367515126
accepted
299865gougucms Add Department Page add cross site scriptingVulDBVulDB03/05/202503/16/202503/17/2025CVE-2025-2366515044
accepted
299864crmeb_java WeChatMessageController.java webHook xml external entity referenceVulDBVulDB03/03/202503/16/202503/17/2025CVE-2025-2365513285
accepted
299863lenve VBlog ArticleService.java addNewArticle cross site scriptingVulDBVulDB03/05/202503/16/202503/17/2025CVE-2025-2364514763
accepted
299862lenve VBlog ArticleController.java uploadImg path traversalVulDBVulDB03/05/202503/16/202503/17/2025CVE-2025-2363514721
accepted
299861PHPGurukul Pre-School Enrollment System contact-us.php sql injectionVulDBVulDB03/05/202503/16/202503/17/2025CVE-2025-2362514464
accepted
299860Mercurial SCM Web Interface cross site scriptingVulDBVulDB03/04/202503/16/202503/22/2025CVE-2025-2361514024
accepted
299827D-Link DIR-823G UPnP Service HNAP1 SetUpnpSettings improper authorizationVulDBVulDB03/04/202503/15/202503/17/2025CVE-2025-2360513751
accepted
299826D-Link DIR-823G DDNS Service HNAP1 SetDDNSSettings improper authorizationVulDBVulDB03/04/202503/15/202503/17/2025CVE-2025-2359513750
accepted
299825Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System HTTP Header Service.asmx sql injectionVulDBVulDB03/04/202503/15/202503/17/2025CVE-2025-2358513708
accepted
299824DCMTK dcmjpls JPEG-LS Decoder memory corruptionVulDBVulDB03/04/202503/15/202503/17/2025CVE-2025-2357513692
accepted
299823BlackVue App API deviceDelete get request method with sensitive query stringsVulDBVulDB03/15/202503/17/2025CVE-2025-2356
 
accepted
299822BlackVue App API Endpoint credentials storageVulDBVulDB03/03/202503/15/202503/17/2025CVE-2025-2355513351
accepted
299821VAM Virtual Airlines Manager index.php cross site scriptingVulDBVulDB03/03/202503/15/202503/17/2025CVE-2025-2354513287
accepted
299820VAM Virtual Airlines Manager HTTP GET Parameter index.php sql injectionVulDBVulDB03/03/202503/15/202503/17/2025CVE-2025-2353513284
accepted
299819StarSea99 starsea-mall Backend save cross site scriptingVulDBVulDB03/03/202503/15/202503/17/2025CVE-2025-2352513137
accepted
299818DayCloud StudentManage Login Endpoint adminScoreUrl sql injectionVulDBVulDB03/03/202503/15/202503/17/2025CVE-2025-2351512793
accepted
299816IROAD Dash Cam FX2 upload_file unrestricted uploadVulDBVulDB03/15/202503/17/2025CVE-2025-2350
 
accepted
299815IROAD Dash Cam FX2 Password Hash passwd weak password hashVulDBVulDB03/15/202503/17/2025CVE-2025-2349
 
accepted
299814IROAD Dash Cam FX2 HTTP/RTSP event information disclosureVulDBVulDB03/15/202503/17/2025CVE-2025-2348
 
accepted
299813IROAD Dash Cam FX2 Device Registration default passwordVulDBVulDB03/15/202503/17/2025CVE-2025-2347
 
accepted
299812IROAD Dash Cam X5/Dash Cam X6 Domain origin validationVulDBVulDB03/15/202503/18/2025CVE-2025-2346
 
accepted
299811IROAD Dash Cam X5/Dash Cam X6 improper authorizationVulDBVulDB03/08/202503/15/202503/18/2025CVE-2025-2345516883
accepted
299810IROAD Dash Cam X5/Dash Cam X6 API Endpoint missing authenticationVulDBVulDB03/08/202503/15/202503/18/2025CVE-2025-2344516882
accepted
299809IROAD Dash Cam X5/Dash Cam X6 Device Pairing hard-coded credentialsVulDBVulDB03/08/202503/15/202503/18/2025CVE-2025-2343516881
accepted
299808IROAD X5 Mobile App API Endpoint hard-coded credentialsVulDBVulDB03/02/202503/15/202503/18/2025CVE-2025-2342512419
accepted
299807IROAD Dash Cam X5 SSID default credentialsVulDBVulDB03/02/202503/15/202503/18/2025CVE-2025-2341512418
accepted
299806otale Tale Blog Site Settings save saveOptions cross site scriptingVulDBVulDB03/05/202503/15/202503/16/2025CVE-2025-2340514793
accepted
299805otale Tale Blog logs improper authenticationVulDBVulDB02/28/202503/15/202503/16/2025CVE-2025-2339511578
accepted
299802tbeu matio io.c strdup_vprintf heap-based overflowVulDBVulDB02/27/202503/15/202503/16/2025CVE-2025-2338510781
accepted
299801tbeu matio mat.c Mat_VarPrint heap-based overflowVulDBVulDB02/27/202503/15/202503/16/2025CVE-2025-2337510779
accepted
299800Drivin Soluções API registerSchool cross site scriptingVulDBVulDB02/26/202503/15/202503/16/2025CVE-2025-2335509834
accepted
299799274056675 springboot-openai-chatgpt Chat History chat deleteChat access controlVulDBVulDB02/23/202503/15/202503/16/2025CVE-2025-2334505688
accepted
299752274056675 springboot-openai-chatgpt Number of Question questionCou updateQuestionCou behavioral workflowVulDBVulDB02/23/202503/14/202503/15/2025CVE-2025-2323505695
accepted
299751274056675 springboot-openai-chatgpt OpenController.java hard-coded credentialsVulDBVulDB02/23/202503/14/202503/15/2025CVE-2025-2322505694
accepted
299750274056675 springboot-openai-chatgpt addData logic errorVulDBVulDB02/23/202503/14/202503/15/2025CVE-2025-2321505690
accepted
299749274056675 springboot-openai-chatgpt User submit improper authorizationVulDBVulDB02/23/202503/14/202503/15/2025CVE-2025-2320505689
accepted
299723HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflowVulDBVulDB03/05/202503/14/202505/08/2025CVE-2025-2310514533
accepted
299722HDF5 Type Conversion Logic H5T__bit_copy heap-based overflowVulDBVulDB03/05/202503/14/202505/08/2025CVE-2025-2309514532
accepted
299721HDF5 Scale-Offset Filter H5Z__scaleoffset_decompress_one_byte heap-based overflowVulDBVulDB03/05/202503/14/202505/08/2025CVE-2025-2308514531
accepted
299292Odyssey CMS reCAPTCHA odyssey_contact_form.php key managementVulDBVulDB03/02/202503/11/202503/12/2025CVE-2025-2220512367
accepted
299291LoveCards LoveCardsV2 image unrestricted uploadVulDBVulDB03/11/202503/12/2025CVE-2025-2219
 
accepted
299290LoveCards LoveCardsV2 Setting other access controlVulDBVulDB03/02/202503/11/202503/12/2025CVE-2025-2218512351
accepted
299289zzskzy Warehouse Refinement Management System getAdyData.ashx ProcessRequest sql injectionVulDBVulDB03/02/202503/11/202503/12/2025CVE-2025-2217512333
accepted
299288zzskzy Warehouse Refinement Management System SaveCrash.ashx UploadCrash unrestricted uploadVulDBVulDB03/02/202503/11/202503/12/2025CVE-2025-2216512330
accepted
299287Doufox s=doudou path traversalVulDBVulDB03/02/202503/11/202503/12/2025CVE-2025-2215512316
accepted
299285Microweber Settings index.php cross site scriptingVulDBVulDB03/01/202503/11/202503/12/2025CVE-2025-2214512032
accepted
299284Castlenet CBW383G2N Wireless Menu wlanPrimaryNetwork.asp cross site scriptingVulDBVulDB03/01/202503/11/202503/12/2025CVE-2025-2213511882
accepted
299283Castlenet CBW383G2N RgSwInfo.asp cross site scriptingVulDBVulDB03/01/202503/11/202503/12/2025CVE-2025-2212511873
accepted
299282aitangbao springboot-manager add cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2211511741
accepted
299281aitangbao springboot-manager add cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2210511740
accepted
299280aitangbao springboot-manager add cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2209511739
accepted
299279aitangbao springboot-manager Filename upload cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2208511738
accepted
299278aitangbao springboot-manager dept cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2207511737
accepted
299277aitangbao springboot-manager permission cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2206511736
accepted
299221MRCMS org.marker.mushroom.controller.FileController upload.do upload cross site scriptingVulDBVulDB02/28/202503/11/202504/10/2025CVE-2025-2196511735
accepted
299220MRCMS org.marker.mushroom.controller.FileController rename.do rename cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2195511733
accepted
299219MRCMS org.marker.mushroom.controller.FileController list.do list cross site scriptingVulDBVulDB02/28/202503/11/202504/10/2025CVE-2025-2194511732
accepted
299218MRCMS org.marker.mushroom.controller.FileController delete.do delete path traversalVulDBVulDB02/28/202503/11/202504/10/2025CVE-2025-2193511724
accepted
299217Stoque Zeev.it Login Page server-side request forgeryVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2192511708
accepted
299216Claro A7600-A1 Ping6 Diagnóstico form2pingv6.cgi cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2191511700
accepted
299206libzvbi search.c vbi_search_new integer overflowVulDBVulDB03/03/202503/11/202503/22/2025CVE-2025-2177512803
accepted
299205libzvbi io-sim.c vbi_capture_sim_load_caption integer overflowVulDBVulDB03/03/202503/11/202503/22/2025CVE-2025-2176512802
accepted
299204libzvbi _vbi_strndup_iconv integer overflowVulDBVulDB03/03/202503/11/202503/22/2025CVE-2025-2175512801
accepted
299203libzvbi conv.c vbi_strndup_iconv_ucs2 integer overflowVulDBVulDB03/03/202503/11/202503/22/2025CVE-2025-2174512800
accepted
299202libzvbi conv.c vbi_strndup_iconv_ucs2 uninitialized pointerVulDBVulDB03/03/202503/11/202503/22/2025CVE-2025-2173512798
accepted
299064HDF5 h5 File H5SM.c H5SM_delete heap-based overflowVulDBVulDB02/27/202503/10/202503/21/2025CVE-2025-2153510819
accepted
299063Open Asset Import Library Assimp File BaseImporter.cpp ConvertToUTF8 heap-based overflowVulDBVulDB02/27/202503/10/202505/14/2025CVE-2025-2152510818
accepted
299062Open Asset Import Library Assimp File ParsingUtils.h GetNextLine stack-based overflowVulDBVulDB02/27/202503/10/202504/04/2025CVE-2025-2151510582
accepted
299060PyTorch Quantized Sigmoid Module nnq_Sigmoid initializationVulDBVulDB02/25/202503/10/202503/10/2025CVE-2025-2149506563
accepted
299059PyTorch Tuple torch.ops.profiler._call_end_callbacks_on_jit_fut memory corruptionVulDBVulDB02/24/202503/10/202503/10/2025CVE-2025-2148505959
accepted
299058Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System file accessVulDBVulDB02/25/202503/10/202503/10/2025CVE-2025-2147506593
accepted
299053ftcms edit cross site scriptingVulDBVulDB02/28/202503/09/202503/10/2025CVE-2025-2133511627
accepted
299052ftcms Search ajax_all_lists sql injectionVulDBVulDB02/28/202503/09/202503/10/2025CVE-2025-2132511614
accepted
299051dayrui XunRuiCMS Friendly Links cross site scriptingVulDBVulDB02/28/202503/09/202503/10/2025CVE-2025-2131511411
accepted
299050OpenXE Ticket Bearbeiten Page cross site scriptingVulDBVulDB02/28/202503/09/202503/10/2025CVE-2025-2130511529
accepted
299049Mage AI insecure default initialization of resource [Disputed]VulDBVulDB02/27/202503/09/202503/09/2025CVE-2025-2129510690
accepted
299040JoomlaUX JUX Real Estate realties cross site scriptingVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2127509891
accepted
299039JoomlaUX JUX Real Estate GET Parameter realties sql injectionVulDBVulDB02/26/202503/08/202503/21/2025CVE-2025-2126509884
accepted
299038Control iD RH iD PDF Document companyId resource injectionVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2125509856
accepted
299037Control iD RH iD API change_password cross site scriptingVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2124509845
accepted
299036GeSHi CSS cssgen.php get_var cross site scriptingVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2123507418
accepted
299035Thinkware Car Dashcam F800 Pro Connection denial of serviceVulDBVulDB03/08/202503/09/2025CVE-2025-2122
 
accepted
299034Thinkware Car Dashcam F800 Pro File Storage access controlVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2121507328
accepted
299033Thinkware Car Dashcam F800 Pro Configuration File hostapd.conf cleartext storage in a file or on diskVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2120507327
accepted
299032Thinkware Car Dashcam F800 Pro Device Registration default credentialsVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2119507326
accepted
299013Quantico Tecnologia PRMV Login Endpoint login.php sql injectionVulDBVulDB02/25/202503/08/202503/09/2025CVE-2025-2118506948
accepted
299012Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System reportCenter.do electricDocList sql injectionVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2117508302
accepted
299011Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do server-side request forgeryVulDBVulDB02/19/202503/08/202503/09/2025CVE-2025-2116503719
accepted
299010zzskzy Warehouse Refinement Management System AcceptZip.ashx ProcessRequest unrestricted uploadVulDBVulDB02/25/202503/08/202503/09/2025CVE-2025-2115506655
accepted
299009Shenzhen Sixun Software Sixun Shanghui Group Business Management System Reset Password Interface OperatorStop.asp improper authorizationVulDBVulDB02/25/202503/08/202503/09/2025CVE-2025-2114506591
accepted
299006AT Software Solutions ATSVD Esqueceu a senha sql injectionVulDBVulDB02/24/202503/08/202503/09/2025CVE-2025-2113506341
accepted
299005user-xiangpeng yaoqishan MediaInfoService.java getMediaLisByFilter sql injectionVulDBVulDB02/24/202503/08/202503/08/2025CVE-2025-2112506085
accepted
298955TOTOLINK EX1800T cstecgi.cgi setRptWizardCfg stack-based overflowVulDBVulDB03/06/202503/07/202503/08/2025CVE-2025-2097515326
accepted
298954TOTOLINK EX1800T cstecgi.cgi setRebootScheCfg os command injectionVulDBVulDB03/06/202503/07/202503/08/2025CVE-2025-2096515322
accepted
298953TOTOLINK EX1800T cstecgi.cgi setDmzCfg os command injectionVulDBVulDB03/06/202503/07/202503/08/2025CVE-2025-2095515321
accepted
298952TOTOLINK EX1800T cstecgi.cgi setWiFiExtenderConfig os command injectionVulDBVulDB03/06/202503/07/202503/08/2025CVE-2025-2094515319
accepted
298951PHPGurukul Online Library Management System change-password.php password recoveryVulDBVulDB03/06/202503/07/202503/08/2025CVE-2025-2093515207
accepted
298904PHPGurukul Pre-School Enrollment System Sub Admin add-subadmin.php access controlVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2090515017
accepted
298903StarSea99 starsea-mall com.siro.mall.controller.mall.UserController updateInfo updateUserInfo access controlVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2089514977
accepted
298902PHPGurukul Pre-School Enrollment System profile.php sql injectionVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2088514974
accepted
298901StarSea99 starsea-mall update cross site scriptingVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2087514960
accepted
298900StarSea99 starsea-mall update cross site scriptingVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2086514959
accepted
298899StarSea99 starsea-mall save cross site scriptingVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2085514958
accepted
298896PHPGurukul Human Metapneumovirus Testing Management System Search Report Page search-report.php cross site scriptingVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2084514804
accepted
298823projectworlds Life Insurance Management System search.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2067514762
accepted
298822projectworlds Life Insurance Management System updateAgent.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2066514759
accepted
298821projectworlds Life Insurance Management System editAgent.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2065514758
accepted
298820projectworlds Life Insurance Management System deletePayment.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2064514751
accepted
298819projectworlds Life Insurance Management System deleteNominee.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2063514749
accepted
298818projectworlds Life Insurance Management System clientStatus.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2062514722
accepted
298816code-projects Online Ticket Reservation System passenger.php cross site scriptingVulDBVulDB03/05/202503/06/202503/06/2025CVE-2025-2061514529
accepted
298815PHPGurukul Emergency Ambulance Hiring Portal admin-profile.php sql injectionVulDBVulDB03/05/202503/06/202503/06/2025CVE-2025-2060514523
accepted
298814PHPGurukul Emergency Ambulance Hiring Portal booking-details.php sql injectionVulDBVulDB03/05/202503/06/202503/06/2025CVE-2025-2059514522
accepted
298813PHPGurukul Emergency Ambulance Hiring Portal search.php sql injectionVulDBVulDB03/05/202503/06/202503/06/2025CVE-2025-2058514462
accepted
298812PHPGurukul Emergency Ambulance Hiring Portal about-us.php sql injectionVulDBVulDB03/05/202503/06/202503/06/2025CVE-2025-2057514461
accepted
298807code-projects Blood Bank Management System edit_state.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2054514346
accepted
298806PHPGurukul Apartment Visitors Management System visitor-detail.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2053514234
accepted
298805PHPGurukul Apartment Visitors Management System forgot-password.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2052514218
accepted
298804PHPGurukul Apartment Visitors Management System search-visitor.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2051514191
accepted
298801PHPGurukul User Registration & Login and User Management System login.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2050514115
accepted
298800code-projects Blood Bank System AB+.php cross site scriptingVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2049514089
accepted
298797PHPGurukul Art Gallery Management System search.php cross site scriptingVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2047514015
accepted
298796SourceCodester Best Employee Management System print1.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2046513971
accepted
298789code-projects Blood Bank Management System delete_bloodGroup.php sql injectionVulDBVulDB03/04/202503/06/202505/14/2025CVE-2025-2044513653
accepted
298787LinZhaoguan pb-cms Add New Topic admin#themes deserializationVulDBVulDB03/03/202503/06/202503/06/2025CVE-2025-2043513243
accepted
298786huang-yk student-manage cross-site request forgeryVulDBVulDB03/03/202503/06/202503/06/2025CVE-2025-2042512940
accepted
298784s-a-zhd Ecommerce-Website-using-PHP shop.php sql injectionVulDBVulDB03/03/202503/06/202503/06/2025CVE-2025-2041512709
accepted
298783zhijiantianya ruoyi-vue-pro deploy special elements used in a template engineVulDBVulDB03/03/202503/06/202503/06/2025CVE-2025-2040512574
accepted
298782code-projects Blood Bank Management System delete_members.php sql injectionVulDBVulDB03/03/202503/06/202505/14/2025CVE-2025-2039512564
accepted
298781code-projects Blood Bank Management System upload exposure of information through directory listingVulDBVulDB03/03/202503/06/202505/14/2025CVE-2025-2038512558
accepted
298780code-projects Blood Bank Management System delete_requester.php sql injectionVulDBVulDB03/03/202503/06/202505/14/2025CVE-2025-2037512550
accepted
298779s-a-zhd Ecommerce-Website-using-PHP details.php sql injectionVulDBVulDB03/02/202503/06/202503/06/2025CVE-2025-2036512405
accepted
298778s-a-zhd Ecommerce-Website-using-PHP customer_register.php unrestricted uploadVulDBVulDB03/02/202503/06/202503/06/2025CVE-2025-2035512404
accepted
298777PHPGurukul Pre-School Enrollment System edit-class.php sql injectionVulDBVulDB03/02/202503/06/202503/22/2025CVE-2025-2034512292
accepted
298776code-projects Blood Bank Management System view_donor.php sql injectionVulDBVulDB03/01/202503/06/202505/14/2025CVE-2025-2033512164
accepted
298774ChestnutCMS rename renameFile path traversalVulDBVulDB03/01/202503/06/202505/13/2025CVE-2025-2032512030
accepted
298773ChestnutCMS upload uploadFile unrestricted uploadVulDBVulDB03/01/202503/06/202505/13/2025CVE-2025-2031512029
accepted
298772Seeyon Zhiyuan Interconnect FE Collaborative Office Platform addUser.jsp sql injectionVulDBVulDB02/23/202503/06/202503/10/2025CVE-2025-2030505638
accepted
298770MicroDicom DICOM Viewer mDicom.exe memory corruptionVulDBVulDB02/25/202503/06/202503/06/2025CVE-2025-2029506579
accepted
298568code-projects Blood Bank Management System donor.php cross site scriptingVulDBVulDB03/01/202503/04/202503/05/2025CVE-2025-1967512163
accepted
298567PHPGurukul Pre-School Enrollment System index.php sql injectionVulDBVulDB03/01/202503/04/202503/05/2025CVE-2025-1966512039
accepted
298566projectworlds Online Hotel Booking login.php sql injectionVulDBVulDB02/28/202503/04/202503/05/2025CVE-2025-1965511473
accepted
298565projectworlds Online Hotel Booking booknow.php sql injectionVulDBVulDB02/28/202503/04/202503/05/2025CVE-2025-1964511471
accepted
298564projectworlds Online Hotel Booking reservation.php sql injectionVulDBVulDB02/28/202503/04/202503/05/2025CVE-2025-1963511466
accepted
298563projectworlds Online Hotel Booking addroom.php sql injectionVulDBVulDB02/28/202503/04/202503/05/2025CVE-2025-1962511426
accepted
298561SourceCodester Best Church Management Software web_crud.php sql injectionVulDBVulDB02/27/202503/04/202503/05/2025CVE-2025-1961510865
accepted
298560Codezips Gym Management System change_s_pwd.php sql injectionVulDBVulDB02/27/202503/04/202504/02/2025CVE-2025-1959510782
accepted
298559aaluoxiang oa_system address-mapper.xml sql injectionVulDBVulDB02/27/202503/04/202503/05/2025CVE-2025-1958510750
accepted
298558code-projects Blood Bank System o+.php cross site scriptingVulDBVulDB02/27/202503/04/202503/08/2025CVE-2025-1957510705
accepted
298557code-projects Shopping Portal Login index.php sql injectionVulDBVulDB02/27/202503/04/202503/05/2025CVE-2025-1956510696
accepted
298556code-projects Online Class and Exam Scheduling System profile.php cross site scriptingVulDBVulDB02/27/202503/04/202503/04/2025CVE-2025-1955510689
accepted
298555PHPGurukul Human Metapneumovirus Testing Management System login.php sql injectionVulDBVulDB02/27/202503/04/202503/04/2025CVE-2025-1954510360
accepted
298543vLLM AIBrix Prefix Caching hash.go random valuesVulDBVulDB02/27/202503/04/202503/04/2025CVE-2025-1953509958
accepted
298542PHPGurukul Restaurant Table Booking System password-recovery.php sql injectionVulDBVulDB02/27/202503/04/202503/04/2025CVE-2025-1952509955
accepted
298541ZZCMS URL register_nodb.php cross site scriptingVulDBVulDB02/26/202503/04/202503/04/2025CVE-2025-1949508909
accepted
298521hzmanyun Education and Training System UploadImageController.java scorm command injectionVulDBVulDB02/25/202503/04/202503/04/2025CVE-2025-1947506659
accepted
298520hzmanyun Education and Training System exportPDF command injectionVulDBVulDB02/25/202503/04/202503/04/2025CVE-2025-1946506657
accepted
298513Open5GS AMF nsmf-handler.c amf_nsmf_pdusession_handle_update_sm_context denial of serviceVulDBVulDB02/24/202503/04/202503/04/2025CVE-2025-1925506038
accepted
298426PHPGurukul Restaurant Table Booking System profile.php sql injectionVulDBVulDB02/26/202503/03/202503/04/2025CVE-2025-1906508915
accepted
298425SourceCodester Employee Management System employee.php cross site scriptingVulDBVulDB02/26/202503/03/202503/04/2025CVE-2025-1905508301
accepted
298424code-projects Blood Bank System A+.php cross site scriptingVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1904506868
accepted
298421Codezips Online Shopping Website cart_add.php sql injectionVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1903506667
accepted
298420PHPGurukul Student Record System password-recovery.php sql injectionVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1902506623
accepted
298419PHPGurukul Restaurant Table Booking System check_availability.php sql injectionVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1901506612
accepted
298418PHPGurukul Restaurant Table Booking System add-table.php sql injectionVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1900506609
accepted
298417Tenda TX3 setPptpUserList buffer overflowVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1899506607
accepted
298416Tenda TX3 openSchedWifi buffer overflowVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1898506606
accepted
298415Tenda TX3 SetNetControlList buffer overflowVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1897506604
accepted
298414Tenda TX3 SetStaticRouteCfg buffer overflowVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1896506602
accepted
298413Tenda TX3 setMacFilterCfg buffer overflowVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1895506601
accepted
298412PHPGurukul Restaurant Table Booking System search-result.php sql injectionVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1894506592
accepted
298411Open5GS AMF gmm-sm.c gmm_state_authentication denial of serviceVulDBVulDB02/24/202503/03/202503/04/2025CVE-2025-1893505952
accepted
298410shishuocms Directory Deletion Page add.json cross site scriptingVulDBVulDB02/23/202503/03/202503/06/2025CVE-2025-1892505754
accepted
298409shishuocms cross-site request forgeryVulDBVulDB02/23/202503/03/202503/06/2025CVE-2025-1891505741
accepted
298408shishuocms ManageUpLoadAction.java handleRequest unrestricted uploadVulDBVulDB02/23/202503/03/202503/05/2025CVE-2025-1890505736
accepted
298196i-Drive i11/i12 Device Setting improper access control for register interfaceVulDBVulDB02/27/202503/03/202503/03/2025CVE-2025-1882510955
accepted
298195i-Drive i11/i12 Video Footage/Live Video Stream access controlVulDBVulDB02/27/202503/03/202503/03/2025CVE-2025-1881510952
accepted
298194i-Drive i11/i12 Device Pairing authentication bypassVulDBVulDB02/27/202503/03/202503/03/2025CVE-2025-1880510951
accepted
298193i-Drive i11/i12 APK hard-coded credentialsVulDBVulDB02/27/202503/03/202503/03/2025CVE-2025-1879510950
accepted
298192i-Drive i11/i12 WiFi default passwordVulDBVulDB02/27/202503/03/202503/03/2025CVE-2025-1878510949
accepted
298191D-Link DAP-1562 HTTP POST Request pure_auth_check null pointer dereferenceVulDBVulDB02/25/202503/03/202503/03/2025CVE-2025-1877506526
accepted
298190D-Link DAP-1562 HTTP Header http_request_parse stack-based overflowVulDBVulDB02/24/202503/03/202503/03/2025CVE-2025-1876506106
accepted
298127PHPGurukul News Portal login.php sql injectionVulDBVulDB02/24/202503/02/202503/03/2025CVE-2025-1859506350
accepted
298126Codezips Online Shopping Website success.php sql injectionVulDBVulDB02/24/202503/02/202503/03/2025CVE-2025-1858506315
accepted
298125PHPGurukul Nipah Virus Testing Management System check_availability.php sql injectionVulDBVulDB02/24/202503/02/202503/03/2025CVE-2025-1857506120
accepted
298124Codezips Gym Management System gen_invoice.php sql injectionVulDBVulDB02/24/202503/02/202503/03/2025CVE-2025-1856506107
accepted
298123PHPGurukul Online Shopping Portal product-details.php sql injectionVulDBVulDB02/24/202503/02/202503/03/2025CVE-2025-1855506066
accepted
298122Codezips Gym Management System del_member.php sql injectionVulDBVulDB02/24/202503/02/202503/03/2025CVE-2025-1854506053
accepted
298121Tenda AC8 Parameter SetIpMacBind sub_49E098 stack-based overflowVulDBVulDB02/22/202503/02/202503/03/2025CVE-2025-1853505374
accepted
298120Totolink EX1800T cstecgi.cgi loginAuth buffer overflowVulDBVulDB02/22/202503/02/202503/03/2025CVE-2025-1852505362
accepted
298119Tenda AC7 SetFirewallCfg formSetFirewallCfg stack-based overflowVulDBVulDB02/22/202503/02/202503/03/2025CVE-2025-1851505271
accepted
298118Codezips College Management System university.php sql injectionVulDBVulDB02/28/202503/02/202503/03/2025CVE-2025-1850511626
accepted
298117zj1983 zz import_data_todb server-side request forgeryVulDBVulDB02/22/202503/02/202503/03/2025CVE-2025-1849505346
accepted
298116zj1983 zz import_data_check server-side request forgeryVulDBVulDB02/22/202503/02/202503/03/2025CVE-2025-1848505345
accepted
298115zj1983 zz improper authorizationVulDBVulDB02/22/202503/02/202503/03/2025CVE-2025-1847505303
accepted
298114zj1983 zz File ZfileAction.java deleteLocalFile denial of serviceVulDBVulDB02/21/202503/02/202503/03/2025CVE-2025-1846505097
accepted
298111ESAFENET DSM examExportPDF command injectionVulDBVulDB02/21/202503/02/202503/03/2025CVE-2025-1845505009
accepted
298110ESAFENET CDG backupLogDetail.jsp sql injectionVulDBVulDB02/21/202503/02/202503/03/2025CVE-2025-1844505008
accepted
298109Mini-Tmall ProductMapper.java select sql injectionVulDBVulDB02/21/202503/02/202503/03/2025CVE-2025-1843504958
accepted
298108FITSTATS Technologies AthleteMonitoring login.php cross site scriptingVulDBVulDB02/20/202503/02/202503/03/2025CVE-2025-1842504603
accepted
298107ESAFENET CDG ClientSortLog.jsp sql injectionVulDBVulDB02/20/202503/02/202503/03/2025CVE-2025-1841504385
accepted
298106ESAFENET CDG updateorg.jsp sql injectionVulDBVulDB02/20/202503/02/202503/03/2025CVE-2025-1840504384
accepted
298104Incorta Edit Insight csv injectionVulDBVulDB02/18/202503/02/202503/03/2025CVE-2025-1836503070
accepted
298102osuuu LightPicture Api.php upload unrestricted uploadVulDBVulDB02/21/202503/01/202503/03/2025CVE-2025-1835505007
accepted
298101zj1983 zz resolve unrestricted uploadVulDBVulDB02/21/202503/01/202503/02/2025CVE-2025-1834504842
accepted
298100zj1983 zz HTTP Request Customer_noticeAction.java sendNotice server-side request forgeryVulDBVulDB02/21/202503/01/202503/02/2025CVE-2025-1833504833
accepted
298099zj1983 zz ZroleAction.java getUserList sql injectionVulDBVulDB02/21/202503/01/202503/02/2025CVE-2025-1832504814
accepted
298098zj1983 zz ZorgAction.java GetDBUser sql injectionVulDBVulDB02/21/202503/01/202503/02/2025CVE-2025-1831504806
accepted
298097zj1983 zz Customer Information cross site scriptingVulDBVulDB02/21/202503/01/202503/04/2025CVE-2025-1830504790
accepted
298096TOTOLINK X18 cstecgi.cgi setMtknatCfg os command injectionVulDBVulDB02/21/202503/01/202503/02/2025CVE-2025-1829504983
accepted
298094zj1983 zz ZorgAction.java getUserOrgForUserId sql injectionVulDBVulDB02/20/202503/01/202503/02/2025CVE-2025-1821504537
accepted
298093zj1983 zz ZworkflowAction.java getOaWid sql injectionVulDBVulDB02/20/202503/01/202503/02/2025CVE-2025-1820504478
accepted
298092Tenda AC7 1200M telnet TendaTelnet os command injectionVulDBVulDB02/20/202503/01/202503/02/2025CVE-2025-1819504429
accepted
298091zj1983 zz ZfileAction.upload unrestricted uploadVulDBVulDB02/20/202503/01/202503/02/2025CVE-2025-1818504304
accepted
298090Mini-Tmall Admin Name admin cross site scriptingVulDBVulDB02/20/202503/01/202503/04/2025CVE-2025-1817504302
accepted
298089FFmpeg IAMF File iamf_parse.c audio_element_obu memory leakVulDBVulDB02/25/202503/01/202503/02/2025CVE-2025-1816506575
accepted
298083pbrong hrms resource.go HrmsDB improper authorizationVulDBVulDB02/25/202503/01/202503/04/2025CVE-2025-1815506544
accepted
298082Tenda AC6 WifiExtraSet stack-based overflowVulDBVulDB02/25/202503/01/202503/02/2025CVE-2025-1814506532
accepted
298081zj1983 zz cross-site request forgeryVulDBVulDB02/20/202503/01/202503/04/2025CVE-2025-1813504281
accepted
298080zj1983 zz SuperZ.java GetUserOrg sql injectionVulDBVulDB02/20/202503/01/202503/04/2025CVE-2025-1812504273
accepted
298069AT Software Solutions ATSVD Login Endpoint login.aspx sql injectionVulDBVulDB02/20/202503/01/202503/04/2025CVE-2025-1811504099
accepted
298068Pixsoft Vivaz Login Endpoint servlet cross site scriptingVulDBVulDB02/18/202503/01/202503/04/2025CVE-2025-1810503323
accepted
298067Pixsoft Sol Login Endpoint servlet sql injectionVulDBVulDB02/18/202503/01/202503/04/2025CVE-2025-1809503275
accepted
298066Pixsoft E-Saphira Login Endpoint servlet sql injectionVulDBVulDB02/18/202503/01/202503/04/2025CVE-2025-1808503260
accepted
298065Eastnets PaymentSafe Edit Manual Reply directRouter.rfc cross site scriptingVulDBVulDB02/17/202503/01/202504/09/2025CVE-2025-1807502668
accepted
298064Eastnets PaymentSafe URL Default.aspx improper authorizationVulDBVulDB02/17/202503/01/202504/09/2025CVE-2025-1806502539
accepted
298040Blizzard Battle.Net profapi.dll uncontrolled search pathVulDBVulDB01/18/202503/01/202503/07/2025CVE-2025-1804485034
accepted
298030D-Link DAR-7000 HTTP POST Request sxh_vpnlic.php get_ip_addr_details command injectionVulDBVulDB02/18/202502/28/202503/04/2025CVE-2025-1800502971
accepted
298029Zorlan SkyCaiji Tool.php previewAction server-side request forgeryVulDBVulDB02/17/202502/28/202503/04/2025CVE-2025-1799502650
accepted
298028Hunan Zhonghe Baiyi Information Technology Baiyiyun Asset Management and Operations System anyUserBoundHouse.php sql injectionVulDBVulDB02/17/202502/28/202503/04/2025CVE-2025-1797502649
accepted
298012Zorlan SkyCaiji Tool.php fileAction unrestricted uploadVulDBVulDB02/17/202502/28/202503/04/2025CVE-2025-1791502648
accepted
298011rizinorg rizin utf8.c rz_utf8_encode heap-based overflowVulDBVulDB02/17/202502/28/202503/04/2025CVE-2025-1788502345
accepted
298007rizinorg rizin pdb.c msf_stream_directory_free buffer overflowVulDBVulDB02/17/202502/28/202503/04/2025CVE-2025-1786502317
accepted
297832LinZhaoguan pb-cms Logout cross-site request forgeryVulDBVulDB02/17/202502/27/202502/27/2025CVE-2025-1745502342
accepted
297831zyx0814 Pichome index.php path traversalVulDBVulDB02/16/202502/27/202502/27/2025CVE-2025-1743502168
accepted
297830pihome-shc PiHome home.php cross site scriptingVulDBVulDB02/17/202502/27/202503/24/2025CVE-2025-1742502501
accepted
297829b1gMail Admin Page users.php deserializationVulDBVulDB02/23/202502/27/202502/27/2025CVE-2025-1741505838
accepted
296731hzmanyun Education and Training System pdf2swf os command injectionVulDBVulDB02/13/202502/25/202502/25/2025CVE-2025-1676500507
accepted
296696Lumsoft ERP ASPX File UploadAjaxAPI.ashx unrestricted uploadVulDBVulDB02/13/202502/24/202502/25/2025CVE-2025-1646500501
accepted
296695Benner Connecta EditarLogado resource injectionVulDBVulDB02/14/202502/24/202502/25/2025CVE-2025-1645501406
accepted
296694Benner ModernaNet SG_Gravar cross-site request forgeryVulDBVulDB02/13/202502/24/202502/25/2025CVE-2025-1644500575
accepted
296693Benner ModernaNet SG_AlterarSenha cross-site request forgeryVulDBVulDB02/13/202502/24/202502/25/2025CVE-2025-1643500574
accepted
296692Benner ModernaNet GetImageMedico resource injectionVulDBVulDB02/12/202502/24/202502/25/2025CVE-2025-1642499877
accepted
296691Benner ModernaNet GetHorariosDoDia sql injectionVulDBVulDB02/12/202502/24/202502/24/2025CVE-2025-1641499875
accepted
296690Benner ModernaNet JS_CarregaCombo sql injectionVulDBVulDB02/12/202502/24/202502/24/2025CVE-2025-1640499115
accepted
296619libarchive bsdunzip.c list null pointer dereferenceVulDBVulDB02/07/202502/24/202503/22/2025CVE-2025-1632496460
accepted
296610Excitel Broadband Private my Excitel App One-Time Password excessive authenticationVulDBVulDB02/15/202502/23/202502/24/2025CVE-2025-1629501868
accepted
296608vTiger CRM index.php cross site scriptingVulDBVulDB02/15/202502/23/202503/03/2025CVE-2025-1618501840
accepted
296607Netis WF2780 Wireless 2.4G Menu cross site scriptingVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1617501472
accepted
296606FiberHome AN5506-01A ONU GPON Diagnosis os command injectionVulDBVulDB02/14/202502/23/202502/28/2025CVE-2025-1616501483
accepted
296605FiberHome AN5506-01A ONU GPON NAT Submenu cross site scriptingVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1615501408
accepted
296604FiberHome AN5506-01A ONU GPON Port Forwarding Submenu portForwardingCfg cross site scriptingVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1614501365
accepted
296603FiberHome AN5506-01A ONU GPON URL Filtering Submenu URL_filterCfg cross site scriptingVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1613501349
accepted
296602Edimax BR-6288ACL wireless5g_basic.asp cross site scriptingVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1612501309
accepted
296601ShopXO Template ThemeAdminService.php injectionVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1611501211
accepted
296600LB-LINK AC1900 Router set_blacklist websGetVar os command injectionVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1610501024
accepted
296599LB-LINK AC1900 Router set_cmd websGetVar os command injectionVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1609501023
accepted
296598LB-LINK AC1900 Router set_manpwd websGetVar os command injectionVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1608501022
accepted
296597SourceCodester Best Employee Management System salary_slip.php authorizationVulDBVulDB02/11/202502/23/202505/15/2025CVE-2025-1607498432
accepted
296596SourceCodester Best Employee Management System backups.php information disclosureVulDBVulDB02/11/202502/23/202502/24/2025CVE-2025-1606498421
accepted
296594SourceCodester Best Church Management Software profile_crud.php path traversalVulDBVulDB02/11/202502/22/202502/24/2025CVE-2025-1599498188
accepted
296593SourceCodester Best Church Management Software asset_crud.php unrestricted uploadVulDBVulDB02/11/202502/22/202502/24/2025CVE-2025-1598497891
accepted
296592SourceCodester Best Church Management Software redirect.php cross site scriptingVulDBVulDB02/11/202502/22/202502/28/2025CVE-2025-1597497883
accepted
296591SourceCodester Best Church Management Software fpassword.php sql injectionVulDBVulDB02/11/202502/22/202502/28/2025CVE-2025-1596497868
accepted
296590Anhui Xufan Information Technology EasyCVR getbaseconfig information disclosureVulDBVulDB02/10/202502/22/202502/24/2025CVE-2025-1595497485
accepted
296589FFmpeg AAC Encoder aacenc_tns.c ff_aac_search_for_tns stack-based overflowVulDBVulDB02/08/202502/22/202502/23/2025CVE-2025-1594496929
accepted
296577SourceCodester Best Employee Management System Profile Picture unrestricted uploadVulDBVulDB02/21/202502/22/202502/28/2025CVE-2025-1593505212
accepted
296576SourceCodester Best Employee Management System Add Role Page Role.php cross site scriptingVulDBVulDB02/21/202502/22/202502/28/2025CVE-2025-1592505210
accepted
296575SourceCodester Employee Management System Department Page department.php cross site scriptingVulDBVulDB02/19/202502/22/202502/23/2025CVE-2025-1591504048
accepted
296574SourceCodester E-Learning System List of Lessons Page index.php unrestricted uploadVulDBVulDB02/19/202502/22/202502/23/2025CVE-2025-1590504045
accepted
296573SourceCodester E-Learning System User Registration register.php cross site scriptingVulDBVulDB02/19/202502/22/202502/23/2025CVE-2025-1589504039
accepted
296572PHPGurukul Online Nurse Hiring System manage-nurse.php path traversalVulDBVulDB02/22/202502/22/202502/23/2025CVE-2025-1588505441
accepted
296567SourceCodester Telecom Billing Management System Add New Record main.cpp addrecords buffer overflowVulDBVulDB02/22/202502/22/202505/15/2025CVE-2025-1587505363
accepted
296566code-projects Blood Bank System A-.php cross site scriptingVulDBVulDB02/21/202502/22/202502/25/2025CVE-2025-1586505124
accepted
296561otale header.html OptionsService cross site scriptingVulDBVulDB02/21/202502/22/202502/23/2025CVE-2025-1585504937
accepted
296560opensolon Solon StaticMappings.java path traversalVulDBVulDB02/20/202502/22/202502/23/2025CVE-2025-1584504454
accepted
296559PHPGurukul Online Nurse Hiring System search-report-details.php sql injectionVulDBVulDB02/20/202502/22/202502/23/2025CVE-2025-1583504452
accepted
296558PHPGurukul Online Nurse Hiring System all-request.php sql injectionVulDBVulDB02/20/202502/22/202502/23/2025CVE-2025-1582504451
accepted
296557PHPGurukul Online Nurse Hiring System book-nurse.php sql injectionVulDBVulDB02/20/202502/22/202502/23/2025CVE-2025-1581504450
accepted
296556PHPGurukul Nipah Virus Testing Management System search-report-result.php sql injectionVulDBVulDB02/20/202502/22/202502/23/2025CVE-2025-1580504234
accepted
296555code-projects Blood Bank System user.php cross site scriptingVulDBVulDB02/18/202502/22/202502/23/2025CVE-2025-1579502876
accepted
296553PHPGurukul/Campcodes Online Shopping Portal search-result.php sql injectionVulDBVulDB02/17/202502/22/202505/16/2025CVE-2025-1578502391
accepted
296552code-projects Blood Bank System prostatus.php cross site scriptingVulDBVulDB02/16/202502/22/202502/23/2025CVE-2025-1577502087
accepted
296551code-projects Real Estate Property Management System ajax_state.php sql injectionVulDBVulDB02/16/202502/22/202502/23/2025CVE-2025-1576502071
accepted
296550Harpia DiagSystem atualatendimento_jpeg.php resource injectionVulDBVulDB02/08/202502/22/202502/23/2025CVE-2025-1575497083
accepted
296508OFCMS cross-site request forgeryVulDBVulDB02/13/202502/21/202502/22/2025CVE-2025-1557500269
accepted
296507westboy CicadasCMS Template Management system deserializationVulDBVulDB02/12/202502/21/202502/22/2025CVE-2025-1556499520
accepted
296506hzmanyun Education and Training System saveImage unrestricted uploadVulDBVulDB02/08/202502/21/202502/22/2025CVE-2025-1555496932
accepted
296502pankajindevops scale project cross site scriptingVulDBVulDB01/28/202502/21/202502/22/2025CVE-2025-1553491216
accepted
296494iteachyou Dreamer CMS edit cross site scriptingVulDBVulDB02/10/202502/21/202502/21/2025CVE-2025-1548497602
accepted
296491BDCOM Behavior Management and Auditing System operate.mds log_operate_clear os command injectionVulDBVulDB02/10/202502/21/202502/21/2025CVE-2025-1546497558
accepted
296490dingfanzu CMS loadShopInfo.php sql injectionVulDBVulDB02/10/202502/21/202502/21/2025CVE-2025-1544497477
accepted
296489iteachyou Dreamer CMS ueditor-1.4.3.3 path traversalVulDBVulDB02/09/202502/21/202502/21/2025CVE-2025-1543497329
accepted
296480D-Link DAP-1320 storagein.pd-XXXXXX replace_special_char stack-based overflowVulDBVulDB02/10/202502/21/202502/21/2025CVE-2025-1539497496
accepted
296479D-Link DAP-1320 api set_ws_action heap-based overflowVulDBVulDB02/09/202502/21/202502/21/2025CVE-2025-1538497301
accepted
296477Harpia DiagSystem atualatendimento_jpeg.php sql injectionVulDBVulDB02/09/202502/21/202502/21/2025CVE-2025-1537497125
accepted
296476Raisecom Multi-Service Intelligent Gateway Request Parameter vpn_template_style.php os command injectionVulDBVulDB02/08/202502/21/202502/21/2025CVE-2025-1536497021
accepted
296475Baiyi Cloud Asset Management System admin.ticket.close.php sql injectionVulDBVulDB02/08/202502/21/202502/21/2025CVE-2025-1535496969
accepted
296238lmxcms Maintenance db.inc.php code injectionVulDBVulDB02/08/202502/19/202502/19/2025CVE-2025-1465496877
accepted
296237Baiyi Cloud Asset Management System admin.house.collect.php sql injectionVulDBVulDB02/04/202502/19/202502/19/2025CVE-2025-1464494807
accepted
296135Synway SMG Gateway Management Software 9-12ping.php command injectionVulDBVulDB02/04/202502/18/202502/19/2025CVE-2025-1448494788
accepted
296134kasuganosoras Pigeon index.php server-side request forgeryVulDBVulDB02/16/202502/18/202502/19/2025CVE-2025-1447501978
accepted
296023D-Link DIR-816 index.html cross site scriptingVulDBVulDB02/14/202502/17/202502/17/2025CVE-2025-1392501351
accepted
295989code-projects Real Estate Property Management System ajax_city.php sql injectionVulDBVulDB02/16/202502/16/202502/18/2025CVE-2025-1381502070
accepted
295988Codezips Gym Management System del_plan.php sql injectionVulDBVulDB02/16/202502/16/202502/17/2025CVE-2025-1380501980
accepted
295987code-projects Real Estate Property Management System CustomerReport.php sql injectionVulDBVulDB02/14/202502/16/202502/17/2025CVE-2025-1379501070
accepted
295986radare2 rasm2 rasm2.c memory corruptionVulDBVulDB02/11/202502/16/202502/22/2025CVE-2025-1378498499
accepted
295985GNU elfutils eu-strip strip.c gelf_getsymshndx denial of serviceVulDBVulDB02/10/202502/16/202503/25/2025CVE-2025-1377497539
accepted
295984GNU elfutils eu-strip elf_strptr.c elf_strptr denial of serviceVulDBVulDB02/10/202502/16/202505/07/2025CVE-2025-1376497538
accepted
295983code-projects Real Estate Property Management System search.php sql injectionVulDBVulDB02/12/202502/16/202502/17/2025CVE-2025-1374499767
accepted
295982FFmpeg MOV Parser mov.c mov_read_trak null pointer dereferenceVulDBVulDB02/08/202502/16/202502/17/2025CVE-2025-1373496930
accepted
295981GNU elfutils eu-readelf readelf.c print_string_section buffer overflowVulDBVulDB02/07/202502/16/202503/25/2025CVE-2025-1372496485
accepted
295978GNU elfutils eu-read readelf.c handle_dynamic_symtab null pointer dereferenceVulDBVulDB02/07/202502/16/202503/25/2025CVE-2025-1371496484
accepted
295977GNU elfutils eu-readelf readelf.c process_symtab buffer overflowVulDBVulDB02/07/202502/16/202503/25/2025CVE-2025-1365496483
accepted
295976MicroWorld eScan Antivirus Autoscan USB epsdaemon sprintf os command injectionVulDBVulDB02/16/202502/17/2025CVE-2025-1370
 
accepted
295975MicroWord eScan Antivirus USB Password os command injectionVulDBVulDB02/07/202502/16/202502/17/2025CVE-2025-1369496482
accepted
295972MicroWord eScan Antivirus mwav.conf ReadConfiguration buffer overflowVulDBVulDB02/16/202502/17/2025CVE-2025-1368
 
accepted
295971MicroWord eScan Antivirus USB Password sprintf buffer overflowVulDBVulDB02/16/202502/17/2025CVE-2025-1367
 
accepted
295970MicroWord eScan Antivirus VirusPopUp strcpy stack-based overflowVulDBVulDB02/16/202502/17/2025CVE-2025-1366
 
accepted
295969MicroWord eScan Antivirus USB Protection Service passPrompt stack-based overflowVulDBVulDB02/07/202502/16/202502/17/2025CVE-2025-1364496481
accepted
295968Internet Web Solutions Sublime CRM HTTP POST Request inicio.php cross site scriptingVulDBVulDB02/07/202502/15/202502/17/2025CVE-2025-1360496469
accepted
295967SIAM Industria de Automação e Monitoramento qrcode.jsp cross site scriptingVulDBVulDB02/06/202502/15/202502/17/2025CVE-2025-1359496171
accepted
295966Pix Software Vivaz cross-site request forgeryVulDBVulDB02/06/202502/15/202502/17/2025CVE-2025-1358496141
accepted
295965Seventh D-Guard HTTP GET Request path traversalVulDBVulDB02/06/202502/15/202502/16/2025CVE-2025-1357496137
accepted
295964needyamin Library Card System card.php sql injectionVulDBVulDB02/06/202502/15/202502/25/2025CVE-2025-1356496087
accepted
295963needyamin Library Card System Add Picture signup.php unrestricted uploadVulDBVulDB02/06/202502/15/202502/25/2025CVE-2025-1355496075
accepted
295961Kong Insomnia profapi.dll untrusted search path [Disputed]VulDBVulDB02/06/202502/15/202502/26/2025CVE-2025-1353496010
accepted
295960GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruptionVulDBVulDB02/06/202502/15/202504/11/2025CVE-2025-1352495965
accepted
295959PMWeb Setting weak passwordVulDBVulDB02/05/202502/15/202502/16/2025CVE-2025-1341495635
accepted
295956TOTOLINK X18 cstecgi.cgi setPasswordCfg stack-based overflowVulDBVulDB02/05/202502/15/202502/16/2025CVE-2025-1340495368
accepted
295955TOTOLINK X18 cstecgi.cgi setL2tpdConfig os command injectionVulDBVulDB02/05/202502/15/202502/16/2025CVE-2025-1339495367
accepted
295954NUUO Camera handle_config.php print_file command injectionVulDBVulDB02/03/202502/15/202502/16/2025CVE-2025-1338493912
accepted
295953Eastnets PaymentSafe BIC Search cross site scriptingVulDBVulDB02/02/202502/15/202504/09/2025CVE-2025-1337493686
accepted
295951CmsEasy image_admin.php deleteimg_action path traversalVulDBVulDB02/02/202502/15/202502/28/2025CVE-2025-1336493685
accepted
295950CmsEasy file_admin.php deleteimg_action path traversalVulDBVulDB02/02/202502/15/202502/28/2025CVE-2025-1335493682
accepted
295942FastCMS Template Menu menu cross site scriptingVulDBVulDB02/15/202502/16/2025CVE-2025-1332
 
accepted
295219olajowon Loggrove page os command injectionVulDBVulDB02/11/202502/21/2025CVE-2025-1229
 
accepted
295218olajowon Loggrove Logfile Update page path traversalVulDBVulDB02/11/202502/21/2025CVE-2025-1228
 
accepted
295217ywoa AddressDao.xml selectList sql injectionVulDBVulDB02/11/202502/11/2025CVE-2025-1227
 
accepted
295216ywoa setup.jsp improper authorizationVulDBVulDB02/11/202502/13/2025CVE-2025-1226
 
accepted
295211ywoa WXCallBack Interface XMLParse.java extract xml external entity referenceVulDBVulDB02/11/202502/13/2025CVE-2025-1225
 
accepted
295210ywoa UserMapper.xml listNameBySql sql injectionVulDBVulDB02/11/202502/13/2025CVE-2025-1224
 
accepted
295175ywoa OaNoticeMapper.xml selectNoticeList sql injectionVulDBVulDB02/11/202502/13/2025CVE-2025-1216
 
accepted
295174vim main.c memory corruptionVulDBVulDB02/10/202502/11/202503/21/2025CVE-2025-1215497546
accepted
295173pihome-shc PiHome Role-Based Access Control user_accounts.php authorizationVulDBVulDB02/10/202502/10/202502/13/2025CVE-2025-1214497533
accepted
295172pihome-shc PiHome index.php cross site scriptingVulDBVulDB02/10/202502/10/202502/13/2025CVE-2025-1213497521
accepted
295147code-projects Wazifa System control.php sql injectionVulDBVulDB02/09/202502/10/202502/11/2025CVE-2025-1210497357
accepted
295146code-projects Wazifa System search_resualts.php searchuser cross site scriptingVulDBVulDB02/09/202502/10/202502/11/2025CVE-2025-1209497356
accepted
295145code-projects Wazifa System Profile.php cross site scriptingVulDBVulDB02/09/202502/10/202502/21/2025CVE-2025-1208497355
accepted
295144phjounin TFTPD64 DNS denial of serviceVulDBVulDB02/09/202502/10/202502/10/2025CVE-2025-1207497249
accepted
295143Codezips Gym Management System viewdetailroutine.php sql injectionVulDBVulDB02/08/202502/10/202502/21/2025CVE-2025-1206496961
accepted
295110SourceCodester Best Church Management Software edit_slider.php sql injectionVulDBVulDB02/08/202502/10/202502/10/2025CVE-2025-1202496954
accepted
295109SourceCodester Best Church Management Software profile_crud.php sql injectionVulDBVulDB02/08/202502/10/202502/10/2025CVE-2025-1201496951
accepted
295108SourceCodester Best Church Management Software slider_crud.php sql injectionVulDBVulDB02/08/202502/10/202502/10/2025CVE-2025-1200496950
accepted
295107SourceCodester Best Church Management Software role_crud.php sql injectionVulDBVulDB02/08/202502/10/202502/10/2025CVE-2025-1199496946
accepted
295105code-projects Real Estate Property Management System load_user-profile.php sql injectionVulDBVulDB02/08/202502/10/202502/25/2025CVE-2025-1197496856
accepted
295104code-projects Real Estate Property Management System search.php cross site scriptingVulDBVulDB02/08/202502/10/202502/21/2025CVE-2025-1196496855
accepted
295103code-projects Real Estate Property Management System EditCategory cross site scriptingVulDBVulDB02/08/202502/10/202502/21/2025CVE-2025-1195496854
accepted
295098SourceCodester Multi Restaurant Table Reservation System select-menu.php sql injectionVulDBVulDB02/07/202502/10/202502/12/2025CVE-2025-1192496730
accepted
295097SourceCodester Multi Restaurant Table Reservation System approve-reject.php sql injectionVulDBVulDB02/07/202502/10/202502/12/2025CVE-2025-1191496729
accepted
295096code-projects Job Recruitment load_user-profile.php cross site scriptingVulDBVulDB02/07/202502/10/202502/14/2025CVE-2025-1190496670
accepted
2950951000 Projects Attendance Tracking Management System chart1.php sql injectionVulDBVulDB02/07/202502/10/202502/12/2025CVE-2025-1189496452
accepted
295094Codezips Gym Management System updateroutine.php sql injectionVulDBVulDB02/07/202502/10/202502/12/2025CVE-2025-1188496409
accepted
295093code-projects Police FIR Record Management System Delete Record stack-based overflowVulDBVulDB02/06/202502/10/202503/03/2025CVE-2025-1187495921
accepted
295090dayrui XunRuiCMS Api.php deserializationVulDBVulDB02/06/202502/10/202502/12/2025CVE-2025-1186495820
accepted
295089pihome-shc PiHome ajax.php sql injectionVulDBVulDB02/05/202502/10/202502/12/2025CVE-2025-1185495548
accepted
295088pihome-shc PiHome ajax.php sql injectionVulDBVulDB02/05/202502/10/202502/12/2025CVE-2025-1184495413
accepted
295087CodeZips Gym Management System more-userprofile.php sql injectionVulDBVulDB02/05/202502/10/202502/12/2025CVE-2025-1183495410
accepted
295086GNU Binutils ld elflink.c bfd_elf_reloc_symbol_deleted_p memory corruptionVulDBVulDB02/05/202502/10/202502/17/2025CVE-2025-1182495407
accepted
295084GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory corruptionVulDBVulDB02/05/202502/10/202504/26/2025CVE-2025-1181495402
accepted
295083GNU Binutils ld elf-eh-frame.c _bfd_elf_write_section_eh_frame memory corruptionVulDBVulDB02/05/202502/10/202503/06/2025CVE-2025-1180495381
accepted
295082GNU Binutils ld libbfd.c bfd_putl64 memory corruptionVulDBVulDB02/05/202502/10/202503/04/2025CVE-2025-1179495376
accepted
295081GNU Binutils ld libbfd.c bfd_putl64 memory corruptionVulDBVulDB02/05/202502/10/202504/12/2025CVE-2025-1178495369
accepted
295080dayrui XunRuiCMS Linkage.php import_add deserializationVulDBVulDB02/05/202502/10/202502/10/2025CVE-2025-1177495366
accepted
295079GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflowVulDBVulDB02/05/202502/10/202504/12/2025CVE-2025-1176495329
accepted
2950781000 Projects Bookstore Management System Add Book Page process_book_add.php cross site scriptingVulDBVulDB02/05/202502/10/202502/28/2025CVE-2025-1174495318
accepted
2950771000 Projects Bookstore Management System process_users_del.php sql injectionVulDBVulDB02/05/202502/10/202502/28/2025CVE-2025-1173495309
accepted
2950761000 Projects Bookstore Management System addtocart.php sql injectionVulDBVulDB02/05/202502/10/202502/28/2025CVE-2025-1172495183
accepted
295075code-projects Real Estate Property Management System CustomerReport.php cross site scriptingVulDBVulDB02/04/202502/10/202502/28/2025CVE-2025-1171494830
accepted
295074code-projects Real Estate Property Management System Category.php cross site scriptingVulDBVulDB02/04/202502/10/202502/10/2025CVE-2025-1170494829
accepted
295073SourceCodester Image Compressor Tool compressor.php cross site scriptingVulDBVulDB02/04/202502/10/202503/04/2025CVE-2025-1169494775
accepted
295072SourceCodester Contact Manager with Export to VCF delete-contact.php sql injectionVulDBVulDB02/04/202502/10/202503/04/2025CVE-2025-1168494766
accepted
295070Mayuri K Employee Management System Update_User.php sql injectionVulDBVulDB02/04/202502/10/202502/10/2025CVE-2025-1167494725
accepted
295069SourceCodester Food Menu Manager update.php unrestricted uploadVulDBVulDB02/04/202502/10/202505/15/2025CVE-2025-1166494567
accepted
295068Lumsoft ERP FileUploadApi.ashx DoWebUpload unrestricted uploadVulDBVulDB02/04/202502/10/202502/10/2025CVE-2025-1165494516
accepted
295067code-projects Police FIR Record Management System Add Record stack-based overflowVulDBVulDB02/03/202502/10/202502/10/2025CVE-2025-1164494009
accepted
295066code-projects Vehicle Parking Management System Authentication login stack-based overflowVulDBVulDB02/03/202502/10/202502/10/2025CVE-2025-1163494008
accepted
295065code-projects Job Recruitment load\_user-profile.php sql injectionVulDBVulDB02/03/202502/10/202502/10/2025CVE-2025-1162494007
accepted
295064SourceCodester Employee Management System index.php default credentialsVulDBVulDB02/03/202502/10/202503/03/2025CVE-2025-1160493860
accepted
295063CampCodes School Management Software academic-calendar cross site scriptingVulDBVulDB02/02/202502/10/202502/10/2025CVE-2025-1159493687
accepted
295062ESAFENET CDG addPolicyToSafetyGroup.jsp sql injectionVulDBVulDB02/02/202502/10/202502/10/2025CVE-2025-1158493644
accepted
295061Allims lab.online model_recuperar_senha.php sql injectionVulDBVulDB02/01/202502/10/202502/10/2025CVE-2025-1157493492
accepted
295060Pix Software Vivaz servlet sql injectionVulDBVulDB02/01/202502/10/202502/10/2025CVE-2025-1156493482
accepted
295059Webkul QloApps Your Location Search stores cross site scriptingVulDBVulDB01/31/202502/10/202502/10/2025CVE-2025-1155492777
accepted
295058xxyopen Novel books sql injectionVulDBVulDB01/31/202502/10/202502/10/2025CVE-2025-1154492531
accepted
295057GNU Binutils format.c bfd_set_format memory corruptionVulDBVulDB01/27/202502/10/202503/06/2025CVE-2025-1153489991
accepted
295056GNU Binutils ld xstrdup.c xstrdup memory leakVulDBVulDB02/10/202503/06/2025CVE-2025-1152
 
accepted
295055GNU Binutils ld xmemdup.c xmemdup memory leakVulDBVulDB02/10/202503/06/2025CVE-2025-1151
 
accepted
295054GNU Binutils ld libbfd.c bfd_malloc memory leakVulDBVulDB02/10/202503/12/2025CVE-2025-1150
 
accepted
295053GNU Binutils ld xmalloc.c xstrdup memory leakVulDBVulDB02/10/202503/06/2025CVE-2025-1149
 
accepted
295052GNU Binutils ld ldelfgen.c link_order_scan memory leakVulDBVulDB01/20/202502/10/202504/05/2025CVE-2025-1148485747
accepted
295051GNU Binutils nm nm.c internal_strlen buffer overflowVulDBVulDB01/19/202502/10/202504/05/2025CVE-2025-1147485254
accepted
295023CoinRemitter sql injectionVulDBVulDB01/31/202502/07/202502/08/2025CVE-2025-1117492685
accepted
295022Dreamvention Live AJAX Search Free live_search.searchresults search sql injectionVulDBVulDB01/30/202502/07/202502/08/2025CVE-2025-1116492051
accepted
295021RT-Thread lwp_syscall.c sys_timer_settime information disclosureVulDBVulDB01/27/202502/07/202502/16/2025CVE-2025-1115489903
accepted
295020newbee-mall Add Category Page save cross site scriptingVulDBVulDB01/26/202502/07/202502/08/2025CVE-2025-1114489744
accepted
295019taisan tarzan-cms Add Theme admin#themes upload deserializationVulDBVulDB02/07/202502/08/2025CVE-2025-1113
 
accepted
294939CmsEasy database_admin.php restore_action path traversalVulDBVulDB01/29/202502/07/202502/07/2025CVE-2025-1106491518
accepted
294938SiberianCMS HTTP GET Request flat cross site scriptingVulDBVulDB01/28/202502/07/202502/07/2025CVE-2025-1105491207
accepted
294934D-Link DHP-W310AV authentication spoofingVulDBVulDB01/27/202502/07/202502/07/2025CVE-2025-1104489958
accepted
294933D-Link DIR-823X HTTP POST Request set_wifi_blacklists null pointer dereferenceVulDBVulDB01/26/202502/07/202502/07/2025CVE-2025-1103489603
accepted
294862Safetytest Cloud-Master Server static path traversalVulDBVulDB01/28/202502/06/202502/07/2025CVE-2025-1086491021
accepted
294861Animati PACS login cross site scriptingVulDBVulDB01/27/202502/06/202502/07/2025CVE-2025-1085489857
accepted
294860Mindskip xzs-mysql 学之思开源考试系统 cross-site request forgeryVulDBVulDB01/26/202502/06/202502/07/2025CVE-2025-1084489644
accepted
294859Mindskip xzs-mysql 学之思开源考试系统 CORS cross-domain policyVulDBVulDB01/26/202502/06/202502/07/2025CVE-2025-1083489634
accepted
294858Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scriptingVulDBVulDB01/26/202502/06/202502/07/2025CVE-2025-1082489633
accepted
294857Bharti Airtel Xstream Fiber WiFi Password weak credentialsVulDBVulDB01/24/202502/06/202502/06/2025CVE-2025-1081488582
accepted
294844AppHouseKitchen AlDente Charge Limiter XPC Service com.apphousekitchen.aldente-pro.helper shouldAcceptNewConnection improper authorizationVulDBVulDB01/31/202502/06/202502/06/2025CVE-2025-1078492529
accepted
294834Webkul QloApps URL mylogout cross-site request forgeryVulDBVulDB01/29/202502/06/202502/06/2025CVE-2025-1074491600
accepted
294365MaxD Lightning Module deserializationVulDBVulDB01/26/202502/02/202502/03/2025CVE-2025-0974489672
accepted
294364CmsEasy index.php backAll_action path traversalVulDBVulDB01/22/202502/02/202503/01/2025CVE-2025-0973487649
accepted
294363Zenvia Movidesk New Ticket cross site scriptingVulDBVulDB01/23/202502/02/202502/06/2025CVE-2025-0972488106
accepted
294362Zenvia Movidesk Profile Editing EditProfile cross site scriptingVulDBVulDB01/21/202502/02/202502/06/2025CVE-2025-0971486023
accepted
294361Zenvia Movidesk Login Yago Martins redirectVulDBVulDB01/20/202502/02/202502/06/2025CVE-2025-0970485985
accepted
294359code-projects Chat System add_chatroom.php sql injectionVulDBVulDB01/31/202502/01/202502/02/2025CVE-2025-0967492911
accepted
294356code-projects Job Recruitment load_job-details.php cross site scriptingVulDBVulDB01/30/202502/01/202502/10/2025CVE-2025-0961491789
accepted
294305itsourcecode Tailoring Management System staffview.php sql injectionVulDBVulDB01/31/202502/01/2025CVE-2025-0950
 
accepted
294304itsourcecode Tailoring Management System partview.php sql injectionVulDBVulDB01/31/202502/01/2025CVE-2025-0949
 
accepted
294303itsourcecode Tailoring Management System incview.php sql injectionVulDBVulDB01/31/202502/01/2025CVE-2025-0948
 
accepted
294302itsourcecode Tailoring Management System expview.php sql injectionVulDBVulDB01/31/202505/14/2025CVE-2025-0947
 
accepted
294301itsourcecode Tailoring Management System templatedelete.php sql injectionVulDBVulDB01/31/202502/07/2025CVE-2025-0946
 
accepted
294300itsourcecode Tailoring Management System typedelete.php sql injectionVulDBVulDB01/31/202502/07/2025CVE-2025-0945
 
accepted
294299itsourcecode Tailoring Management System customerview.php sql injectionVulDBVulDB01/31/202502/07/2025CVE-2025-0944
 
accepted
294298itsourcecode Tailoring Management System deldoc.php sql injectionVulDBVulDB01/24/202501/31/202502/07/2025CVE-2025-0943488498
accepted
294243code-projects Job Recruitment _call_job_search_ajax.php sql injectionVulDBVulDB01/30/202501/31/202501/31/2025CVE-2025-0934491802
accepted
294127code-projects Chat System addnewmember.php sql injectionVulDBVulDB01/29/202501/30/202501/31/2025CVE-2025-0882491463
accepted
294126Codezips Gym Management System saveroutine.php sql injectionVulDBVulDB01/25/202501/30/202504/24/2025CVE-2025-0881489192
accepted
294125Codezips Gym Management System updateplan.php sql injectionVulDBVulDB01/24/202501/30/202502/26/2025CVE-2025-0880488716
accepted
294068code-projects Simple Plugins Car Rental Management approve.php sql injectionVulDBVulDB01/24/202501/30/202502/22/2025CVE-2025-0874488538
accepted
294067itsourcecode Tailoring Management System customeredit.php sql injectionVulDBVulDB01/23/202501/30/202502/07/2025CVE-2025-0873487984
accepted
294066itsourcecode Tailoring Management System addpayment.php sql injectionVulDBVulDB01/23/202501/30/202502/07/2025CVE-2025-0872487953
accepted
294057Maybecms Add Article index.php cross site scriptingVulDBVulDB01/23/202501/30/202502/07/2025CVE-2025-0871487930
accepted
294056Axiomatic Bento4 Ap4DataBuffer.h GetData heap-based overflowVulDBVulDB01/30/202503/01/2025CVE-2025-0870
 
accepted
294055Cianet ONU GW24AC Login cross site scriptingVulDBVulDB01/27/202501/30/202502/07/2025CVE-2025-0869489867
accepted
294012CampCodes School Management Software Staff edit-staff improper authorizationVulDBVulDB01/22/202501/29/202501/30/2025CVE-2025-0849487618
accepted
294011Tenda A18 HTTP POST Request SetCmdlineRun stack-based overflowVulDBVulDB01/20/202501/29/202501/30/2025CVE-2025-0848485802
accepted
2940101000 Projects Employee Task Management System Login index.php sql injectionVulDBVulDB01/20/202501/29/202501/30/2025CVE-2025-0847485762
accepted
2940091000 Projects Employee Task Management System AdminLogin.php sql injectionVulDBVulDB01/20/202501/29/202501/30/2025CVE-2025-0846485756
accepted
294001needyamin Library Card System Registration Page signup.php cross site scriptingVulDBVulDB01/20/202501/29/202502/07/2025CVE-2025-0844485558
accepted
294000needyamin Library Card System Admin Panel admindashboard.php sql injectionVulDBVulDB01/20/202501/29/202504/16/2025CVE-2025-0843485553
accepted
293999needyamin Library Card System Login admin.php sql injectionVulDBVulDB01/20/202501/29/202502/26/2025CVE-2025-0842485540
accepted
293998Aridius XYZ News loadMore deserializationVulDBVulDB01/19/202501/29/202501/29/2025CVE-2025-0841485445
accepted
293997GNU Binutils objdump.c disassemble_bytes stack-based overflowVulDBVulDB01/19/202501/29/202502/16/2025CVE-2025-0840485255
accepted
293924Codezips Gym Management System submit_plan_new.php sql injectionVulDBVulDB01/19/202501/28/202501/29/2025CVE-2025-0803485218
accepted
293923SourceCodester Best Employee Management System Administrative Endpoint View_user.php access controlVulDBVulDB01/18/202501/28/202501/29/2025CVE-2025-0802485005
accepted
293922SourceCodester Online Courseware Edit Teacher saveeditt.php cross site scriptingVulDBVulDB01/18/202501/28/202502/07/2025CVE-2025-0800484935
accepted
293921MicroWorld eScan Antivirus Quarantine rtscanner os command injectionVulDBVulDB01/18/202501/28/202501/29/2025CVE-2025-0798484718
accepted
293920MicroWorld eScan Antivirus Quarantine Microworld default permissionVulDBVulDB01/17/202501/28/202501/29/2025CVE-2025-0797484329
accepted
293919ESAFENET CDG todolistjump.jsp cross site scriptingVulDBVulDB01/16/202501/28/202505/14/2025CVE-2025-0795483349
accepted
293918ESAFENET CDG todoDetail.jsp cross site scriptingVulDBVulDB01/16/202501/28/202505/14/2025CVE-2025-0794483347
accepted
293917ESAFENET CDG todoDetail.jsp sql injectionVulDBVulDB01/16/202501/28/202505/14/2025CVE-2025-0793483346
accepted
293916ESAFENET CDG sdTodoDetail.jsp sql injectionVulDBVulDB01/16/202501/28/202501/29/2025CVE-2025-0792483345
accepted
293915ESAFENET CDG sdDoneDetail.jsp sql injectionVulDBVulDB01/16/202501/28/202501/29/2025CVE-2025-0791483344
accepted
293914ESAFENET CDG doneDetail.jsp cross site scriptingVulDBVulDB01/16/202501/28/202502/07/2025CVE-2025-0790483343
accepted
293913ESAFENET CDG doneDetail.jsp sql injectionVulDBVulDB01/16/202501/28/202501/28/2025CVE-2025-0789483342
accepted
293912ESAFENET CDG content_top.jsp sql injectionVulDBVulDB01/16/202501/28/202505/16/2025CVE-2025-0788483341
accepted
293911ESAFENET CDG appDetail.jsp cross site scriptingVulDBVulDB01/16/202501/28/202505/16/2025CVE-2025-0787483340
accepted
293910ESAFENET CDG appDetail.jsp sql injectionVulDBVulDB01/16/202501/28/202505/16/2025CVE-2025-0786483339
accepted
293909ESAFENET CDG SysConfig.jsp cross site scriptingVulDBVulDB01/16/202501/28/202505/16/2025CVE-2025-0785483338
accepted
293908Intelbras InControl Registered User usuario cleartext transmissionVulDBVulDB01/16/202501/28/202501/28/2025CVE-2025-0784483835
accepted
293907pankajindevops scale API Endpoint access controlVulDBVulDB01/13/202501/28/202501/28/2025CVE-2025-0783480350
accepted
293903code-projects Job Recruitment _call_job_search_ajax.php cross site scriptingVulDBVulDB01/27/202501/28/202502/07/2025CVE-2025-0806490056
accepted
293518Axiomatic Bento4 mp42aac ReadPartial heap-based overflowVulDBVulDB01/16/202501/27/202503/01/2025CVE-2025-0753483326
accepted
293517Axiomatic Bento4 mp42aac ReadBits heap-based overflowVulDBVulDB01/16/202501/27/202503/01/2025CVE-2025-0751483315
accepted
293512y_project RuoYi Whitelist getBeanName deserializationVulDBVulDB01/15/202501/27/202505/14/2025CVE-2025-0734482823
accepted
293511Postman profapi.dll untrusted search pathVulDBVulDB01/14/202501/27/202501/27/2025CVE-2025-0733481185
accepted
293510Discord profapi.dll untrusted search pathVulDBVulDB01/14/202501/27/202501/27/2025CVE-2025-0732481209
accepted
293508TP-Link TL-SG108E HTTP GET Request usr_account_set.cgi get request method with sensitive query stringsVulDBVulDB01/10/202501/27/202501/27/2025CVE-2025-0730478465
accepted
293507TP-Link TL-SG108E clickjackingVulDBVulDB01/09/202501/27/202502/08/2025CVE-2025-0729478451
accepted
293482needyamin image_gallery Cover Image gallery.php unrestricted uploadVulDBVulDB01/15/202501/26/202504/16/2025CVE-2025-0722482822
accepted
293481needyamin image_gallery view.php cross site scriptingVulDBVulDB01/15/202501/26/202504/16/2025CVE-2025-0721482812
accepted
293480Microword eScan Antivirus Folder Watch List rtscanner removeExtraSlashes stack-based overflowVulDBVulDB01/15/202501/26/202501/27/2025CVE-2025-0720482371
accepted
293238CampCodes School Management Software Notice Board Page notice-list cross site scriptingVulDBVulDB01/18/202501/24/202502/09/2025CVE-2025-0710484934
accepted
293237Dcat-Admin Roles Page roles cross site scriptingVulDBVulDB01/16/202501/24/202505/08/2025CVE-2025-0709483364
accepted
293236fumiao opencms Add Model Management Page addOrUpdate cross site scriptingVulDBVulDB01/15/202501/24/202502/09/2025CVE-2025-0708482662
accepted
293235Rise Group Rise Mode Temp CPU Startup CRYPTBASE.dll untrusted search pathVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0707481088
accepted
293234JoeyBling bootplus admin.html cross site scriptingVulDBVulDB01/14/202501/24/202502/09/2025CVE-2025-0706480845
accepted
293233JoeyBling bootplus QrCodeController.java qrCode redirectVulDBVulDB01/14/202501/24/202502/09/2025CVE-2025-0705480844
accepted
293232JoeyBling bootplus QrCodeController.java qrCode resource consumptionVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0704480843
accepted
293231JoeyBling bootplus SysFileController.java path traversalVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0703480842
accepted
293230JoeyBling bootplus SysFileController.java unrestricted uploadVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0702480841
accepted
293229JoeyBling bootplus list sql injectionVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0701480839
accepted
293228JoeyBling bootplus list sql injectionVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0700480838
accepted
293227JoeyBling bootplus list sql injectionVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0699480836
accepted
293226JoeyBling bootplus list sql injectionVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0698480827
accepted
293223Telstra Smart Modem Gen 2 HTTP Header injectionVulDBVulDB01/13/202501/24/202501/24/2025CVE-2025-0697480045
accepted
292737CampCodes School Management Software Attachment resource injectionVulDBVulDB01/18/202501/21/202501/22/2025CVE-2025-0625484917
accepted
292600itsourcecode Farm Management System add-pig.php unrestricted uploadVulDBVulDB01/18/202501/19/202501/20/2025CVE-2025-0582484909
accepted
292599CampCodes School Management Software Chat History send cross site scriptingVulDBVulDB01/18/202501/19/202502/09/2025CVE-2025-0581484895
accepted
292598Shiprocket Module REST API Module rest_api authorizationVulDBVulDB01/07/202501/19/202501/20/2025CVE-2025-0580476832
accepted
292597Shiprocket Module REST API Module restapi sql injectionVulDBVulDB01/07/202501/19/202501/20/2025CVE-2025-0579476831
accepted
292596Facile Sistemas Cloud Apps Password Reset forgotpassword cross site scriptingVulDBVulDB01/07/202501/19/202502/09/2025CVE-2025-0578476305
accepted
292541Mobotix M15 player cross site scriptingVulDBVulDB01/06/202501/19/202502/09/2025CVE-2025-0576475602
accepted
292540Union Bank of India Vyom Rooting Detection protection mechanismVulDBVulDB01/07/202501/19/202501/20/2025CVE-2025-0575475733
accepted
292528Epic Games Launcher Installer profapi.dll untrusted search pathVulDBVulDB01/14/202501/18/202501/19/2025CVE-2025-0567481104
accepted
292527Tenda AC15 SetDevNetName formSetDevNetName stack-based overflowVulDBVulDB01/17/202501/18/202501/19/2025CVE-2025-0566484418
accepted
292526ZZCMS index.php sql injectionVulDBVulDB01/17/202501/18/202501/19/2025CVE-2025-0565484333
accepted
292525code-projects Fantasy-Cricket authenticate.php sql injectionVulDBVulDB01/17/202501/18/202502/28/2025CVE-2025-0564484186
accepted
292524code-projects Fantasy-Cricket update.php sql injectionVulDBVulDB01/17/202501/18/202502/28/2025CVE-2025-0563484185
accepted
292523Codezips Gym Management System health_status_entry.php sql injectionVulDBVulDB01/17/202501/18/202502/28/2025CVE-2025-0562484184
accepted
292522itsourcecode Farm Management System add-pig.php sql injectionVulDBVulDB01/16/202501/18/202501/19/2025CVE-2025-0561483396
accepted
292494CampCodes School Management Software Photo Gallery Page photo-gallery cross site scriptingVulDBVulDB01/14/202501/17/202502/28/2025CVE-2025-0560480688
accepted
292493Campcodes School Management Software Create Id Card Page create-id-card cross site scriptingVulDBVulDB01/13/202501/17/202502/28/2025CVE-2025-0559480306
accepted
292492TDuckCloud tduck-platform QueryProThemeRequest.java QueryProThemeRequest sql injectionVulDBVulDB01/04/202501/17/202501/18/2025CVE-2025-0558474613
accepted
292491Hyland Alfresco Community Edition URL s cross site scriptingVulDBVulDB01/03/202501/17/202502/09/2025CVE-2025-0557474306
accepted
292433Codezips Gym Management System edit_member.php sql injectionVulDBVulDB01/13/202501/17/202502/26/2025CVE-2025-0541480220
accepted
292432itsourcecode Tailoring Management System expadd.php sql injectionVulDBVulDB01/13/202501/17/202501/18/2025CVE-2025-0540480063
accepted
292422code-projects Tourism Management System manage-pages.php cross site scriptingVulDBVulDB01/12/202501/17/202502/22/2025CVE-2025-0538479895
accepted
292421code-projects Car Rental Management System manage-pages.php cross site scriptingVulDBVulDB01/12/202501/17/202502/22/2025CVE-2025-0537479864
accepted
2924201000 Projects Attendance Tracking Management System edit_action.php sql injectionVulDBVulDB01/11/202501/17/202502/26/2025CVE-2025-0536479251
accepted
292419Codezips Gym Management System edit_mem_submit.php sql injectionVulDBVulDB01/11/202501/17/202501/18/2025CVE-2025-0535479159
accepted
2924181000 Projects Campaign Management System Platform for Women loginnew.php sql injectionVulDBVulDB01/11/202501/17/202501/18/2025CVE-2025-0534479128
accepted
2924171000 Projects Campaign Management System Platform for Women sc_login.php sql injectionVulDBVulDB01/11/202501/17/202501/18/2025CVE-2025-0533479119
accepted
292416Codezips Gym Management System new_submit.php sql injectionVulDBVulDB01/11/202501/17/202501/18/2025CVE-2025-0532479100
accepted
292415code-projects Chat System leaveroom.php sql injectionVulDBVulDB01/10/202501/17/202501/17/2025CVE-2025-0531478688
accepted
292414code-projects Job Recruitment _feedback_system.php cross site scriptingVulDBVulDB01/10/202501/17/202502/10/2025CVE-2025-0530478674
accepted
292413code-projects Train Ticket Reservation System Login Form stack-based overflowVulDBVulDB01/09/202501/17/202501/17/2025CVE-2025-0529478447
accepted
292412Tenda AC8/AC10/AC18 HTTP Request telnet command injectionVulDBVulDB01/09/202501/17/202501/17/2025CVE-2025-0528478175
accepted
292411code-projects Admission Management System signupconfirm.php sql injectionVulDBVulDB01/09/202501/17/202501/17/2025CVE-2025-0527477899
accepted
291937D-Link DIR-823X FUN_00412244 null pointer dereferenceVulDBVulDB01/06/202501/15/202501/16/2025CVE-2025-0492475301
accepted
291936Fanli2012 native-php-cms cat_dodel.php sql injectionVulDBVulDB01/06/202501/15/202502/27/2025CVE-2025-0491475260
accepted
291935Fanli2012 native-php-cms article_dodel.php sql injectionVulDBVulDB01/06/202501/15/202501/16/2025CVE-2025-0490475258
accepted
291934Fanli2012 native-php-cms friendlink_dodel.php sql injectionVulDBVulDB01/06/202501/15/202501/16/2025CVE-2025-0489475256
accepted
291933Fanli2012 native-php-cms product_list.php sql injectionVulDBVulDB01/06/202501/15/202501/15/2025CVE-2025-0488475255
accepted
291932Fanli2012 native-php-cms cat_edit.php sql injectionVulDBVulDB01/06/202501/15/202502/27/2025CVE-2025-0487475254
accepted
291931Fanli2012 native-php-cms login.php sql injectionVulDBVulDB01/06/202501/15/202502/27/2025CVE-2025-0486475249
accepted
291930Fanli2012 native-php-cms sysconfig_doedit.php cross site scriptingVulDBVulDB01/06/202501/15/202502/27/2025CVE-2025-0485475247
accepted
291929Fanli2012 native-php-cms Backend sysconfig_doedit.php improper authorizationVulDBVulDB01/06/202501/15/202502/27/2025CVE-2025-0484475245
accepted
291928Fanli2012 native-php-cms jump.php cross site scriptingVulDBVulDB01/06/202501/15/202505/13/2025CVE-2025-0483475240
accepted
291927Fanli2012 native-php-cms user_recoverpwd.php default credentialsVulDBVulDB01/06/202501/15/202501/15/2025CVE-2025-0482475237
accepted
291924D-Link DIR-878 HTTP POST Request dllog.cgi information disclosureVulDBVulDB01/05/202501/15/202501/15/2025CVE-2025-0481475011
accepted
291915wuzhicms config.php test server-side request forgeryVulDBVulDB01/05/202501/15/202505/13/2025CVE-2025-0480474965
accepted
291482AquilaCMS categories deserializationVulDBVulDB01/03/202501/14/202501/14/2025CVE-2025-0465474285
accepted
291481SourceCodester Task Reminder System Maintenance Section cross site scriptingVulDBVulDB01/03/202501/14/202502/13/2025CVE-2025-0464474280
accepted
291480Shanghai Lingdang Information Technology Lingdang CRM index.php unrestricted uploadVulDBVulDB01/03/202501/14/202501/14/2025CVE-2025-0463474255
accepted
291479Shanghai Lingdang Information Technology Lingdang CRM index.php sql injectionVulDBVulDB01/03/202501/14/202501/14/2025CVE-2025-0462474254
accepted
291478Shanghai Lingdang Information Technology Lingdang CRM index.php path traversalVulDBVulDB01/03/202501/14/202501/14/2025CVE-2025-0461474252
accepted
291477Blog Botz for Journal Theme blog_add unrestricted uploadVulDBVulDB01/03/202501/14/202501/14/2025CVE-2025-0460474089
accepted
291476libretro RetroArch Startup profapi.dll untrusted search pathVulDBVulDB01/02/202501/14/202501/14/2025CVE-2025-0459474011
accepted
291475Virtual Computer Vysual RH Solution Login Panel index.php cross site scriptingVulDBVulDB01/02/202501/14/202502/13/2025CVE-2025-0458473865
accepted
291286liujianview gymxmjpa MenberConntroller.java MenberDaoInpl sql injectionVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0410473426
accepted
291285liujianview gymxmjpa MembertypeController.java MembertypeDaoImpl sql injectionVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0409473425
accepted
291284liujianview gymxmjpa LoosController.java LoosDaoImpl sql injectionVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0408473423
accepted
291283liujianview gymxmjpa EquipmentController.java EquipmentDaoImpl sql injectionVulDBVulDB01/02/202501/12/202501/14/2025CVE-2025-0407473422
accepted
291282liujianview gymxmjpa SubjectController.java SubjectDaoImpl sql injectionVulDBVulDB01/02/202501/12/202501/14/2025CVE-2025-0406473417
accepted
291281liujianview gymxmjpa GoodsController.java GoodsDaoImpl sql injectionVulDBVulDB01/02/202501/12/202501/14/2025CVE-2025-0405473411
accepted
291280liujianview gymxmjpa CoachController.java CoachController sql injectionVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0404473385
accepted
2912781902756969 reggie Phone Number Validation sendMsg information disclosureVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0403473325
accepted
2912771902756969 reggie CommonController.java upload unrestricted uploadVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0402473324
accepted
2912761902756969 reggie CommonController.java download path traversalVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0401473322
accepted
291275StarSea99 starsea-mall update cross site scriptingVulDBVulDB01/02/202501/12/202502/13/2025CVE-2025-0400473321
accepted
291274StarSea99 starsea-mall uploadController.java UploadController unrestricted uploadVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0399473319
accepted
291271longpi1 warehouse Backend updateInport cross site scriptingVulDBVulDB01/02/202501/11/202502/13/2025CVE-2025-0398473316
accepted
291270reckcn SPPanAdmin edit cross site scriptingVulDBVulDB01/02/202501/11/202502/13/2025CVE-2025-0397473287
accepted
291269exelban stats XPC Service shouldAcceptNewConnection command injectionVulDBVulDB01/01/202501/11/202501/12/2025CVE-2025-0396473229
accepted
291126Guangzhou Huayi Intelligent Technology Jeewms graphReportController.do datagridGraph sql injectionVulDBVulDB01/10/202501/11/2025CVE-2025-0392
 
accepted
291125Guangzhou Huayi Intelligent Technology Jeewms CgFormBuildController. java saveOrUpdate sql injectionVulDBVulDB01/10/202501/11/2025CVE-2025-0391
 
accepted
291124Guangzhou Huayi Intelligent Technology Jeewms wmOmNoticeHController.do path traversalVulDBVulDB01/10/202501/11/2025CVE-2025-0390
 
accepted
290862Tenda AC6 GetParentControlInfo stack-based overflowVulDBVulDB01/08/202501/08/202503/22/2025CVE-2025-0349477048
accepted
290861CampCodes DepEd Equipment Inventory System add_employee.php cross site scriptingVulDBVulDB01/08/202501/08/202502/14/2025CVE-2025-0348476908
accepted
290860code-projects Admission Management System Login index.php sql injectionVulDBVulDB01/08/202501/08/202502/27/2025CVE-2025-0347476898
accepted
290859code-projects Content Management System Publish News Page publishnews.php unrestricted uploadVulDBVulDB01/07/202501/08/202502/27/2025CVE-2025-0346476728
accepted
290858leiyuxi cy-fast listData sql injectionVulDBVulDB01/07/202501/08/202501/08/2025CVE-2025-0345475748
accepted
290857leiyuxi cy-fast listData sql injectionVulDBVulDB01/07/202501/08/202501/08/2025CVE-2025-0344475747
accepted
290829CampCodes Computer Laboratory Management System edit cross site scriptingVulDBVulDB01/08/202501/08/202503/03/2025CVE-2025-0342476897
accepted
290828CampCodes Computer Laboratory Management System edit unrestricted uploadVulDBVulDB01/08/202501/08/202503/05/2025CVE-2025-0341476884
accepted
290827code-projects Cinema Seat Reservation System deleteBooking.php sql injectionVulDBVulDB01/07/202501/08/202502/27/2025CVE-2025-0340476707
accepted
290826code-projects Online Bike Rental HTTP GET Request vehical-details.php cross site scriptingVulDBVulDB01/07/202501/08/202503/03/2025CVE-2025-0339475731
accepted
290823Codezips Project Management System teacher.php sql injectionVulDBVulDB01/06/202501/08/202501/08/2025CVE-2025-0336475493
accepted
290822code-projects Online Bike Rental System Change Image unrestricted uploadVulDBVulDB01/06/202501/08/202501/08/2025CVE-2025-0335475365
accepted
290821leiyuxi cy-fast listData sql injectionVulDBVulDB01/06/202501/08/202501/09/2025CVE-2025-0334475302
accepted
290820leiyuxi cy-fast listData sql injectionVulDBVulDB01/06/202501/08/202501/09/2025CVE-2025-0333475297
accepted
290819YunzMall HTTP POST Request ResetpwdController.php changePwd password recoveryVulDBVulDB12/29/202401/08/202501/09/2025CVE-2025-0331471663
accepted
290792KaiYuanTong ECT Platform HTTP POST Request runCode.php command injectionVulDBVulDB12/28/202401/08/202501/09/2025CVE-2025-0328470601
accepted
290450code-projects Online Book Shop subcat.php cross site scriptingVulDBVulDB01/06/202501/07/202502/15/2025CVE-2025-0301475287
accepted
290449code-projects Online Book Shop subcat.php sql injectionVulDBVulDB01/06/202501/07/202501/07/2025CVE-2025-0300475286
accepted
290448code-projects Online Book Shop search_result.php sql injectionVulDBVulDB01/06/202501/07/202504/08/2025CVE-2025-0299475285
accepted
290447code-projects Online Book Shop process_login.php sql injectionVulDBVulDB01/06/202501/07/202504/08/2025CVE-2025-0298475159
accepted
290446code-projects Online Book Shop detail.php sql injectionVulDBVulDB01/06/202501/07/202504/17/2025CVE-2025-0297475138
accepted
290445code-projects Online Book Shop booklist.php sql injectionVulDBVulDB01/06/202501/07/202501/07/2025CVE-2025-0296475135
accepted
290444code-projects Online Book Shop booklist.php cross site scriptingVulDBVulDB01/06/202501/07/202502/15/2025CVE-2025-0295475134
accepted
290443SourceCodester Home Clean Services Management System process.php sql injectionVulDBVulDB01/05/202501/07/202501/07/2025CVE-2025-0294475076
accepted
290229Codezips Project Management System course.php sql injectionVulDBVulDB01/04/202501/04/202501/11/2025CVE-2025-0233474673
accepted
290228Codezips Blood Bank Management System successadmin.php sql injectionVulDBVulDB01/04/202501/04/202501/11/2025CVE-2025-0232474597
accepted
290227Codezips Gym Management System submit_payments.php sql injectionVulDBVulDB01/04/202501/04/202501/11/2025CVE-2025-0231474596
accepted
290226code-projects Responsive Hotel Site print.php sql injectionVulDBVulDB01/04/202501/04/202501/11/2025CVE-2025-0230474581
accepted
290225code-projects Travel Management System enquiry.php sql injectionVulDBVulDB01/04/202501/04/202501/11/2025CVE-2025-0229474572
accepted
290218code-projects Local Storage Todo App index.html cross site scriptingVulDBVulDB01/02/202501/04/202502/15/2025CVE-2025-0228474049
accepted
290217Tsinghua Unigroup Electronic Archives System downLoad.html information disclosureVulDBVulDB01/03/202501/04/202501/05/2025CVE-2025-0227474266
accepted
290216Tsinghua Unigroup Electronic Archives System downLoad.html download information disclosureVulDBVulDB01/03/202501/04/202501/05/2025CVE-2025-0226474265
accepted
290215Tsinghua Unigroup Electronic Archives System exampleDownload.html path traversalVulDBVulDB01/03/202501/04/202501/05/2025CVE-2025-0225474264
accepted
290203Provision-ISR SH-4050A-2 server.js information disclosureVulDBVulDB12/20/202401/04/202501/05/2025CVE-2025-0224467085
accepted
290202IObit Protected Folder IOCTL IURegistryFilter.sys 0x8001E010 null pointer dereferenceVulDBVulDB12/20/202401/04/202501/05/2025CVE-2025-0223466963
accepted
290201IObit Protected Folder IOCTL IUProcessFilter.sys 0x8001E004 null pointer dereferenceVulDBVulDB12/20/202401/04/202501/05/2025CVE-2025-0222466956
accepted
290200IOBit Protected Folder IOCTL pffilter.sys 0x22200c null pointer dereferenceVulDBVulDB12/20/202401/04/202501/05/2025CVE-2025-0221466955
accepted
290199Trimble SPS851 Ethernet Configuration Menu cross site scriptingVulDBVulDB12/17/202401/04/202502/15/2025CVE-2025-0220464943
accepted
290198Trimble SPS851 Receiver Status Identity Tab cross site scriptingVulDBVulDB12/17/202401/04/202502/15/2025CVE-2025-0219464906
accepted
290159TMD Custom Header Menu index.php sql injectionVulDBVulDB01/03/202501/03/202501/04/2025CVE-2025-0214474299
accepted
290158Campcodes Project Management System update_forms.php unrestricted uploadVulDBVulDB01/03/202501/03/202501/11/2025CVE-2025-0213474200
accepted
290157Campcodes Student Grading System view_students.php sql injectionVulDBVulDB01/03/202501/03/202501/11/2025CVE-2025-0212474168
accepted
290156Campcodes School Faculty Scheduling System index.php file inclusionVulDBVulDB01/03/202501/03/202501/11/2025CVE-2025-0211474115
accepted
290155Campcodes School Faculty Scheduling System ajax.php sql injectionVulDBVulDB01/03/202501/03/202501/11/2025CVE-2025-0210474112
accepted
290145code-projects Online Shoe Store summary.php sql injectionVulDBVulDB01/02/202501/03/202501/11/2025CVE-2025-0208474038
accepted
290144code-projects Online Shoe Store login.php sql injectionVulDBVulDB01/02/202501/03/202501/11/2025CVE-2025-0207474035
accepted
290143code-projects Online Shoe Store index.php access controlVulDBVulDB01/02/202501/03/202501/04/2025CVE-2025-0206474033
accepted
290142code-projects Online Shoe Store details2.php sql injectionVulDBVulDB01/02/202501/03/202501/04/2025CVE-2025-0205474032
accepted
290141code-projects Online Shoe Store details.php sql injectionVulDBVulDB01/02/202501/03/202501/04/2025CVE-2025-0204474031
accepted
290140code-projects Student Management System DbFunction.php showSubject1 sql injectionVulDBVulDB01/02/202501/03/202501/04/2025CVE-2025-0203473410
accepted
290139TCS BaNCS REPORTS_SHOW_FILE.jsp file inclusion [Disputed]VulDBVulDB12/27/202401/03/202501/22/2025CVE-2025-0202469455
accepted
290138code-projects Point of Sales and Inventory Management System update_account.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0201473418
accepted
290137code-projects Point of Sales and Inventory Management System search_num.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0200473386
accepted
290136code-projects Point of Sales and Inventory Management System minus_cart.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0199473384
accepted
290135code-projects Point of Sales and Inventory Management System search_result.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0198473383
accepted
290134code-projects Point of Sales and Inventory Management System search.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0197473362
accepted
290133code-projects Point of Sales and Inventory Management System plist.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0196473350
accepted
290132code-projects Point of Sales and Inventory Management System del_product.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0195473349
accepted
290105code-projects Point of Sales and Inventory Management System add_cart.php sql injectionVulDBVulDB01/02/202501/02/202501/03/2025CVE-2025-0176473347
accepted
290104code-projects Online Shop view.php cross site scriptingVulDBVulDB01/02/202501/02/202502/26/2025CVE-2025-0175473333
accepted
290103code-projects Point of Sales and Inventory Management System Parameter search_result2.php sql injectionVulDBVulDB01/02/202501/02/202502/26/2025CVE-2025-0174473330
accepted
289940SourceCodester Online Eyewear Shop view_order.php sql injectionVulDBVulDB01/01/202501/02/202501/02/2025CVE-2025-0173473163
accepted
289939code-projects Chat System deleteroom.php sql injectionVulDBVulDB01/01/202501/02/202501/02/2025CVE-2025-0172473153
accepted
289938code-projects Chat System deleteuser.php sql injectionVulDBVulDB01/01/202501/02/202501/02/2025CVE-2025-0171473143
accepted
289917code-projects Job Recruitment _feedback_system.php sql injectionVulDBVulDB01/01/202501/01/202502/26/2025CVE-2025-0168473107
accepted

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!