CNA 2025

VulDB is an officially certified CVE Numbering Authority (CNA) by MITRE and Authorized Data Publisher (ADP) by NIST NVD. We are authorized to handle new vulnerability submissions, assign unique CVEs and disclose them. CVE is an international program to discover vulnerabilities which are then assigned and published to the CVE list. Partners coordinate such CVE entries to communicate consistent descriptions. Information technology and cybersecurity professionals all around the world use CVE records to ensure they are discussing the same issues, and to coordinate their efforts to prioritize and address these properly.

Vendor

PHPGurukul371
code-projects298
Not Defined221
SourceCodester167
TOTOLINK136

Identifying all affected vendors is a good starting point for an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Product

PCMan FTP Server53
FreeFloat FTP Server47
Open Asset Import Library Assimp32
Campcodes Sales and Inventory System26
TOTOLINK A3002R25

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official fix185
Temporary fix5
Workaround84
Not available3
Not defined2507

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

Attacked1
Highly functional0
Functional0
Proof-of-Concept2632
Unproven1
Not defined150

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical10
Local200
Adjacent99
Network2475

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High208
Low1417
None1159

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required456
None2328

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

VulDB

≤10
≤24
≤3143
≤4307
≤5316
≤6236
≤7691
≤8845
≤9228
≤1014

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

Exploit 0-day

<1k518
<2k806
<5k1321
<10k21
<25k43
<50k75
<100k0
≥100k0

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

IDVulnerabilityScopeResponsibleSubmissionCreatedUpdatedCVESubmitCNA
314410code-projects Online Hotel Booking registration.php sql injectionVulDBVulDB06/29/202506/29/202506/29/2025CVE-2025-6917606285
accepted
314409TOTOLINK T6 formLoginAuth.htm Form_Login missing authenticationVulDBVulDB06/27/202506/29/202506/29/2025CVE-2025-6916605101
accepted
314408PHPGurukul Student Record System register.php sql injectionVulDBVulDB06/27/202506/29/202506/29/2025CVE-2025-6915605080
accepted
314407PHPGurukul Student Record System edit-student.php sql injectionVulDBVulDB06/27/202506/29/202506/29/2025CVE-2025-6914605079
accepted
314406PHPGurukul Student Record System admin-profile.php sql injectionVulDBVulDB06/27/202506/29/202506/29/2025CVE-2025-6913605078
accepted
314405PHPGurukul Student Record System manage-students.php sql injectionVulDBVulDB06/27/202506/29/202506/29/2025CVE-2025-6912605077
accepted
314404PHPGurukul Student Record System manage-subjects.php sql injectionVulDBVulDB06/27/202506/29/202506/29/2025CVE-2025-6911605076
accepted
314403PHPGurukul Student Record System session.php sql injectionVulDBVulDB06/27/202506/29/202506/29/2025CVE-2025-6910605075
accepted
314401PHPGurukul Old Age Home Management System add-scdetails.php sql injectionVulDBVulDB06/27/202506/29/202506/29/2025CVE-2025-6909604929
accepted
314400PHPGurukul Old Age Home Management System edit-services.php sql injectionVulDBVulDB06/27/202506/29/202506/29/2025CVE-2025-6908604928
accepted
314399code-projects Car Rental System signup.php sql injectionVulDBVulDB06/29/202506/29/202506/29/2025CVE-2025-6905606156
accepted
314398code-projects Car Rental System book_car.php sql injectionVulDBVulDB06/29/202506/29/202506/29/2025CVE-2025-6907606158
accepted
314397code-projects Car Rental System login.php sql injectionVulDBVulDB06/29/202506/29/202506/29/2025CVE-2025-6906606157
accepted
314396code-projects Car Rental System add_cars.php sql injectionVulDBVulDB06/26/202506/29/202506/29/2025CVE-2025-6904604569
accepted
314395code-projects Car Rental System approve.php sql injectionVulDBVulDB06/26/202506/29/202506/29/2025CVE-2025-6903604568
accepted
314394code-projects Inventory Management System editUser.php sql injectionVulDBVulDB06/26/202506/29/202506/29/2025CVE-2025-6902604509
accepted
314393code-projects Inventory Management System removeUser.php sql injectionVulDBVulDB06/26/202506/29/202506/29/2025CVE-2025-6901604508
accepted
314392code-projects Library System add-book.php unrestricted uploadVulDBVulDB06/26/202506/29/202506/29/2025CVE-2025-6900604504
accepted
314391D-Link DI-7300G+/DI-8200G msp_info.htm os command injectionVulDBVulDB06/26/202506/29/202506/29/2025CVE-2025-6899604444
accepted
314390D-Link DI-7300G+ in proxy_client.asp os command injectionVulDBVulDB06/26/202506/29/202506/29/2025CVE-2025-6898604443
accepted
314389D-Link DI-7300G+ httpd_debug.asp os command injectionVulDBVulDB06/26/202506/29/202506/29/2025CVE-2025-6897604442
accepted
314388D-Link DI-7300G+ wget_test.asp os command injectionVulDBVulDB06/26/202506/29/202506/30/2025CVE-2025-6896604441
accepted
314370code-projects Inventory Management System createUser.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6891603882
accepted
314369code-projects Movie Ticketing System ticketConfirmation.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6890603844
accepted
314368code-projects Movie Ticketing System logIn.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6889603831
accepted
314367PHPGurukul Teachers Record Management System changeimage.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6888603793
accepted
314366Tenda AC5 SetSysTimeCfg stack-based overflowVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6887603788
accepted
314365Tenda AC5 openSchedWifi stack-based overflowVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6886603774
accepted
314364PHPGurukul Teachers Record Management System edit-teacher-detail.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6885603766
accepted
314363code-projects Staff Audit System search_index.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6884603720
accepted
314362code-projects Staff Audit System update_index.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6883603719
accepted
314361D-Link DIR-513 formSetWanPPTP buffer overflowVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6882603693
accepted
314360D-Link DI-8100 jhttpd pppoe_base.asp buffer overflowVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6881603692
accepted
314352SourceCodester Best Salon Management System edit-tax.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6880603657
accepted
314351SourceCodester Best Salon Management System add-tax.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6879603656
accepted
314350SourceCodester Best Salon Management System search-appointment.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6878603655
accepted
314349SourceCodester Best Salon Management System edit-category.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6877603654
accepted
314348SourceCodester Best Salon Management System add-category.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6876603653
accepted
314347SourceCodester Best Salon Management System edit-subscription.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6875603652
accepted
314346SourceCodester Best Salon Management System add_subscribe.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6874603651
accepted
314345SourceCodester Simple Company Website Users.php unrestricted uploadVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6873603645
accepted
314344SourceCodester Simple Company Website SystemSettings.php unrestricted uploadVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6872603643
accepted
314343SourceCodester Simple Company Website Login.php sql injectionVulDBVulDB06/25/202506/28/202506/30/2025CVE-2025-6871603641
accepted
314342SourceCodester Simple Company Website Content.php unrestricted uploadVulDBVulDB06/25/202506/28/202506/29/2025CVE-2025-6870603640
accepted
314341SourceCodester Simple Company Website manage.php sql injectionVulDBVulDB06/25/202506/28/202506/29/2025CVE-2025-6869603639
accepted
314340SourceCodester Simple Company Website manage.php sql injectionVulDBVulDB06/25/202506/28/202506/29/2025CVE-2025-6868603638
accepted
314339SourceCodester Simple Company Website manage.php sql injectionVulDBVulDB06/25/202506/28/202506/29/2025CVE-2025-6867603637
accepted
314338code-projects Simple Forum forum_downloadfile.php path traversalVulDBVulDB06/25/202506/28/202506/29/2025CVE-2025-6866603581
accepted
314337DaiCuo index cross-site request forgeryVulDBVulDB06/25/202506/28/202506/29/2025CVE-2025-6865603563
accepted
314336SeaCMS admin_type.php cross-site request forgeryVulDBVulDB06/25/202506/28/202506/29/2025CVE-2025-6864603562
accepted
314335PHPGurukul Local Services Search Engine Management System edit-category-detail.php sql injectionVulDBVulDB06/24/202506/28/202506/29/2025CVE-2025-6863603386
accepted
314334SourceCodester Best Salon Management System edit_plan.php sql injectionVulDBVulDB06/24/202506/28/202506/29/2025CVE-2025-6862603378
accepted
314333SourceCodester Best Salon Management System add_plan.php sql injectionVulDBVulDB06/24/202506/28/202506/29/2025CVE-2025-6861603375
accepted
314332SourceCodester Best Salon Management System staff_commision.php sql injectionVulDBVulDB06/24/202506/28/202506/29/2025CVE-2025-6860603374
accepted
314331SourceCodester Best Salon Management System pro_sale.php sql injectionVulDBVulDB06/24/202506/28/202506/29/2025CVE-2025-6859603373
accepted
314330HDF5 H5Centry.c H5C__flush_single_entry null pointer dereferenceVulDBVulDB06/23/202506/28/202506/29/2025CVE-2025-6858602530
accepted
314329HDF5 H5Gnode.c H5G__node_cmp3 stack-based overflowVulDBVulDB06/23/202506/28/202506/29/2025CVE-2025-6857602529
accepted
314328HDF5 H5FL.c H5FL__reg_gc_list use after freeVulDBVulDB06/23/202506/28/202506/29/2025CVE-2025-6856602528
accepted
314327chatchat-space Langchain-Chatchat file path traversalVulDBVulDB06/20/202506/28/202506/29/2025CVE-2025-6855601162
accepted
314326chatchat-space Langchain-Chatchat files path traversalVulDBVulDB06/20/202506/28/202506/29/2025CVE-2025-6854601161
accepted
314325chatchat-space Langchain-Chatchat Backend upload_temp_docs path traversalVulDBVulDB06/20/202506/28/202506/29/2025CVE-2025-6853601155
accepted
314321ESAPI esapi-java-legacy SQL Injection Defense Encoder.encodeForSQL special elementVulDBVulDB06/04/202506/28/202506/29/2025CVE-2025-5878590149
accepted
314293code-projects Simple Forum forum1.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6850603352
accepted
314292code-projects Simple Forum forum_edit1.php cross site scriptingVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6849603351
accepted
314291code-projects Simple Forum forum1.php unrestricted uploadVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6848603349
accepted
314290code-projects Simple Forum forum_edit.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6847603347
accepted
314289code-projects Simple Forum forum_viewfile.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6846603346
accepted
314288code-projects Simple Forum register1.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6845603345
accepted
314287code-projects Simple Forum signin.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6844603344
accepted
314286code-projects Simple Photo Gallery upload-photo.php unrestricted uploadVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6843603263
accepted
314285code-projects Product Inventory System edit_user.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6842603208
accepted
314284code-projects Product Inventory System edit_product.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6841603207
accepted
314283code-projects Product Inventory System Login index.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6840603200
accepted
314282Conjure Position Department Service Quality Evaluation System head.php eval backdoorVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6839603176
accepted
314281code-projects Library System profile.php unrestricted uploadVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6837603154
accepted
314280code-projects Library System profile.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6836603145
accepted
314279code-projects Library System student-issue-book.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6835603142
accepted
314278code-projects Inventory Management System editPayment.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6834603127
accepted
314267aaluoxiang oa_system External Address Book outAddress sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6829603033
accepted
314266code-projects Inventory Management System orders.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6828603000
accepted
314265code-projects Inventory Management System editOrder.php sql injectionVulDBVulDB06/24/202506/27/202506/29/2025CVE-2025-6827602999
accepted
314264code-projects Payroll Management System ajax.php sql injectionVulDBVulDB06/23/202506/27/202506/29/2025CVE-2025-6826602674
accepted
314263TOTOLINK A702R HTTP POST Request formWlSiteSurvey buffer overflowVulDBVulDB06/23/202506/27/202506/29/2025CVE-2025-6825602655
accepted
314262TOTOLINK X15 HTTP POST Request formParentControl buffer overflowVulDBVulDB06/23/202506/27/202506/28/2025CVE-2025-6824602643
accepted
314261code-projects Inventory Management System editProduct.php sql injectionVulDBVulDB06/23/202506/27/202506/28/2025CVE-2025-6823602642
accepted
314260code-projects Inventory Management System removeProduct.php sql injectionVulDBVulDB06/23/202506/27/202506/28/2025CVE-2025-6822602641
accepted
314259code-projects Inventory Management System createOrder.php sql injectionVulDBVulDB06/23/202506/27/202506/28/2025CVE-2025-6821602640
accepted
314258code-projects Inventory Management System createProduct.php sql injectionVulDBVulDB06/23/202506/27/202506/28/2025CVE-2025-6820602617
accepted
314257code-projects Inventory Management System removeBrand.php sql injectionVulDBVulDB06/23/202506/27/202506/28/2025CVE-2025-6819602609
accepted
314256HDF5 H5Ochunk.c H5O__chunk_protect heap-based overflowVulDBVulDB06/22/202506/27/202506/28/2025CVE-2025-6818602326
accepted
314255HDF5 H5Centry.c H5C__load_entry resource consumptionVulDBVulDB06/22/202506/27/202506/28/2025CVE-2025-6817602294
accepted
314254HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflowVulDBVulDB06/22/202506/27/202506/28/2025CVE-2025-6816602291
accepted
314094code-projects Food Distributor Site save_settings.php cross site scriptingVulDBVulDB06/23/202506/27/202506/28/2025CVE-2025-6778602600
accepted
314093code-projects Food Distributor Site process_login.php sql injectionVulDBVulDB06/23/202506/27/202506/28/2025CVE-2025-6777602598
accepted
314092xiaoyunjie openvpn-cms-flask File Upload controller.py upload path traversalVulDBVulDB06/22/202506/27/202506/28/2025CVE-2025-6776602374
accepted
314091xiaoyunjie openvpn-cms-flask User Creation Endpoint openvpn.py create_user command injectionVulDBVulDB06/22/202506/27/202506/28/2025CVE-2025-6775602373
accepted
314090gooaclok819 sublinkX template.go AddTemp path traversalVulDBVulDB06/22/202506/27/202506/28/2025CVE-2025-6774602369
accepted
314089HKUDS LightRAG File Upload document_routes.py upload_to_input_dir path traversalVulDBVulDB06/20/202506/27/202506/28/2025CVE-2025-6773601276
accepted
314088eosphoros-ai db-gpt import import_flow path traversalVulDBVulDB06/20/202506/27/202506/28/2025CVE-2025-6772601028
accepted
314082sfturing hosp_order HospitalServiceImpl.java findAllHosByCondition sql injectionVulDBVulDB06/20/202506/27/202506/27/2025CVE-2025-6768601081
accepted
314081sfturing hosp_order DoctorServiceImpl.java findDoctorByCondition sql injectionVulDBVulDB06/19/202506/27/202506/27/2025CVE-2025-6767600547
accepted
314080sfturing hosp_order OfficeServiceImpl.java getOfficeName sql injectionVulDBVulDB06/19/202506/27/202506/27/2025CVE-2025-6766600529
accepted
314075Intelbras InControl HTTP PUT Request operador permissionVulDBVulDB06/18/202506/27/202506/27/2025CVE-2025-6765599873
accepted
314074Comet System H3531 Web-based Management Interface setupA.cfg missing authenticationVulDBVulDB06/18/202506/27/202506/27/2025CVE-2025-6763599848
accepted
314073diyhi bbs HTTP Header login getUrl server-side request forgeryVulDBVulDB06/18/202506/27/202506/27/2025CVE-2025-6762598896
accepted
314072Kingdee Cloud-Starry-Sky Enterprise Edition Freemarker Engine DynamicForm 4 Action.class plugin.buildMobilePopHtml special elements used in a template engineVulDBVulDB06/20/202506/27/202506/27/2025CVE-2025-6761601207
accepted
314051huija bicycleSharingServer AdminController.java selectAdminByNameLike sql injectionVulDBVulDB06/17/202506/26/202506/26/2025CVE-2025-6753597982
accepted
314050Linksys WRT1900ACS/EA7200/EA7450/EA7500 IGD Layer3Forwarding SetDefaultConnectionService stack-based overflowVulDBVulDB06/19/202506/26/202506/27/2025CVE-2025-6752600638
accepted
314049Linksys E8450 HTTP POST Request portal.cgi set_device_language buffer overflowVulDBVulDB06/17/202506/26/202506/27/2025CVE-2025-6751598217
accepted
314048HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflowVulDBVulDB06/20/202506/26/202506/27/2025CVE-2025-6750601017
accepted
314047huija bicycleSharingServer AdminController.java searchAdminMessageShow sql injectionVulDBVulDB06/17/202506/26/202506/27/2025CVE-2025-6749598164
accepted
314046Bharti Airtel Thanks App files cleartext storage in a file or on diskVulDBVulDB06/17/202506/26/202506/27/2025CVE-2025-6748598122
accepted
314012huija bicycleSharingServer UserServiceImpl.java userDao.selectUserByUserNameLike sql injectionVulDBVulDB06/17/202506/26/202506/27/2025CVE-2025-6738597988
accepted
314011juzaweb CMS Add New Themes Page install improper authorizationVulDBVulDB06/16/202506/26/202506/27/2025CVE-2025-6736597779
accepted
314010juzaweb CMS Import Page imports improper authorizationVulDBVulDB06/16/202506/26/202506/27/2025CVE-2025-6735597778
accepted
314009UTT HiPER 840G API formP2PLimitConfig sub_484E40 buffer overflowVulDBVulDB06/16/202506/26/202506/27/2025CVE-2025-6734597679
accepted
314008UTT HiPER 840G API formConfigDnsFilterGlobal sub_416928 buffer overflowVulDBVulDB06/16/202506/26/202506/27/2025CVE-2025-6733597678
accepted
314007UTT HiPER 840G API setSysAdm strcpy buffer overflowVulDBVulDB06/16/202506/26/202506/27/2025CVE-2025-6732597677
accepted
314006yzcheng90 X-SpringBoot APK File apk uploadApk path traversalVulDBVulDB06/16/202506/26/202506/27/2025CVE-2025-6731597524
accepted
313968linlinjava litemall post improper authorizationVulDBVulDB06/16/202506/26/202506/26/2025CVE-2025-6702597473
accepted
313967Xuxueli xxl-sso doLogin redirectVulDBVulDB06/16/202506/26/202506/26/2025CVE-2025-6701597472
accepted
313966Xuxueli xxl-sso login cross site scriptingVulDBVulDB06/16/202506/26/202506/26/2025CVE-2025-6700597456
accepted
313965LabRedesCefetRJ WeGIA Cadastro de Funcionário cadastro_funcionario.php cross site scriptingVulDBVulDB06/16/202506/26/202506/26/2025CVE-2025-6699597401
accepted
313964LabRedesCefetRJ WeGIA Adicionar tipo adicionar_tipoSaida.php cross site scriptingVulDBVulDB06/16/202506/26/202506/26/2025CVE-2025-6698597389
accepted
313963LabRedesCefetRJ WeGIA Adicionar tipo adicionar_tipoEntrada.php cross site scriptingVulDBVulDB06/16/202506/26/202506/26/2025CVE-2025-6697597386
accepted
313962LabRedesCefetRJ WeGIA Cadastro de Atendio Cadastro_Atendido.php cross site scriptingVulDBVulDB06/14/202506/26/202506/27/2025CVE-2025-6696597078
accepted
313961LabRedesCefetRJ WeGIA Additional Categoria adicionar_categoria.php cross site scriptingVulDBVulDB06/14/202506/26/202506/27/2025CVE-2025-6695597071
accepted
313960LabRedesCefetRJ WeGIA Adicionar Unidade adicionar_unidade.php cross site scriptingVulDBVulDB06/11/202506/26/202506/27/2025CVE-2025-6694595343
accepted
313959RT-Thread device.c sys_device_write memory corruptionVulDBVulDB06/12/202506/26/202506/26/2025CVE-2025-6693595813
accepted
313882gooaclok819 sublinkX jwt.go hard-coded keyVulDBVulDB06/22/202506/25/202506/27/2025CVE-2025-6669602368
accepted
313881code-projects Inventory Management System fetchSelectedBrand.php sql injectionVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6668602340
accepted
313880code-projects Car Rental System add_cars.php unrestricted uploadVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6667602325
accepted
313879code-projects Inventory Management System editBrand.php sql injectionVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6665602324
accepted
313878CodeAstro Patient Record Management System cross-site request forgeryVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6664602323
accepted
313852TOTOLINK A702R HTTP POST Request formIpv6Setup buffer overflowVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6627602292
accepted
313839TOTOLINK CA300-PoE ap.so QuickSetting os command injectionVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6621602266
accepted
313838TOTOLINK CA300-PoE upgrade.so setUpgradeUboot os command injectionVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6620602265
accepted
313837TOTOLINK CA300-PoE upgrade.so setUpgradeFW os command injectionVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6619602264
accepted
313836TOTOLINK CA300-PoE wps.so SetWLanApcliSettings os command injectionVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6618602263
accepted
313835D-Link DIR-619L formAdvanceSetup stack-based overflowVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6617602260
accepted
313834D-Link DIR-619L formSetWAN_Wizard51 stack-based overflowVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6616602259
accepted
313833D-Link DIR-619L formAutoDetecWAN_wizard4 stack-based overflowVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6615602258
accepted
313832D-Link DIR-619L formSetWANType_Wizard5 stack-based overflowVulDBVulDB06/22/202506/25/202506/26/2025CVE-2025-6614602257
accepted
313831PHPGurukul Hospital Management System manage-patient.php cross site scriptingVulDBVulDB06/21/202506/25/202506/25/2025CVE-2025-6613602005
accepted
313829code-projects Inventory Management System removeCategories.php sql injectionVulDBVulDB06/21/202506/25/202506/26/2025CVE-2025-6612601977
accepted
313828code-projects Inventory Management System createBrand.php sql injectionVulDBVulDB06/21/202506/25/202506/26/2025CVE-2025-6611601976
accepted
313827itsourcecode Employee Management System editempprofile.php sql injectionVulDBVulDB06/21/202506/25/202506/26/2025CVE-2025-6610601940
accepted
313826SourceCodester Best Salon Management System bwdates-reports-details.php sql injectionVulDBVulDB06/21/202506/25/202506/26/2025CVE-2025-6609601918
accepted
313825SourceCodester Best Salon Management System edit-services.php sql injectionVulDBVulDB06/21/202506/25/202506/26/2025CVE-2025-6608601917
accepted
313824SourceCodester Best Salon Management System stock.php sql injectionVulDBVulDB06/21/202506/25/202506/26/2025CVE-2025-6607601916
accepted
313823SourceCodester Best Salon Management System add-services.php sql injectionVulDBVulDB06/21/202506/25/202506/26/2025CVE-2025-6606601915
accepted
313822SourceCodester Best Salon Management System edit-staff.php sql injectionVulDBVulDB06/21/202506/25/202506/26/2025CVE-2025-6605601914
accepted
313821SourceCodester Best Salon Management System add-staff.php sql injectionVulDBVulDB06/21/202506/25/202506/25/2025CVE-2025-6604601913
accepted
313820coldfunction qCUDA qcow.c qcow_make_empty integer overflowVulDBVulDB06/20/202506/25/202506/25/2025CVE-2025-6603601029
accepted
313779SourceCodester Best Salon Management System view-appointment.php sql injectionVulDBVulDB06/21/202506/24/202506/26/2025CVE-2025-6583601911
accepted
313778SourceCodester Best Salon Management System edit-customer-detailed.php sql injectionVulDBVulDB06/21/202506/24/202506/26/2025CVE-2025-6582601910
accepted
313777SourceCodester Best Salon Management System add-customer.php sql injectionVulDBVulDB06/21/202506/24/202506/26/2025CVE-2025-6581601909
accepted
313776SourceCodester Best Salon Management System Login sql injectionVulDBVulDB06/21/202506/24/202506/26/2025CVE-2025-6580601908
accepted
313775code-projects Car Rental System message_admin.php sql injectionVulDBVulDB06/21/202506/24/202506/25/2025CVE-2025-6579601764
accepted
313774code-projects Simple Online Hotel Reservation System delete_account.php sql injectionVulDBVulDB06/21/202506/24/202506/25/2025CVE-2025-6578601763
accepted
313742PHPGurukul Hospital Management System search.php sql injectionVulDBVulDB06/20/202506/24/202506/26/2025CVE-2025-6570601698
accepted
313741code-projects School Fees Payment System student.php cross site scriptingVulDBVulDB06/20/202506/24/202506/24/2025CVE-2025-6569601612
accepted
313740TOTOLINK EX1200T HTTP POST Request formIpv6Setup buffer overflowVulDBVulDB06/20/202506/24/202506/24/2025CVE-2025-6568601344
accepted
313739Campcodes Online Recruitment Management System view_application.php sql injectionVulDBVulDB06/20/202506/24/202506/24/2025CVE-2025-6567601339
accepted
313738oatpp Oat++ Deserializer.cpp deserializeArray stack-based overflowVulDBVulDB06/16/202506/24/202506/25/2025CVE-2025-6566597453
accepted
313737Netgear WNCE3001 HTTP POST Request http_d stack-based overflowVulDBVulDB06/04/202506/24/202506/24/2025CVE-2025-6565590030
accepted
313692java-aodeng Hope-Boot Login WebController.java doLogin redirectVulDBVulDB06/13/202506/23/202506/27/2025CVE-2025-6552596681
accepted
313691java-aodeng Hope-Boot WebController.java login cross site scriptingVulDBVulDB06/13/202506/23/202506/27/2025CVE-2025-6551596615
accepted
313663Tarantool datetime.c tm_to_datetime assertionVulDBVulDB06/16/202506/23/202506/27/2025CVE-2025-6536597454
accepted
313654xxyopen/201206030 novel-plus User Management Module UserMapper.xml list sql injectionVulDBVulDB06/13/202506/23/202506/27/2025CVE-2025-6535596573
accepted
313653xxyopen/201206030 novel-plus File FileController.java remove resource injectionVulDBVulDB06/13/202506/23/202506/25/2025CVE-2025-6534596505
accepted
313652xxyopen/201206030 novel-plus CATCHA LoginController.java ajaxLogin authentication replayVulDBVulDB06/13/202506/23/202506/25/2025CVE-2025-6533596481
accepted
313651NOYAFA/Xiami LF9 Pro RTSP Live Video Stream Endpoint access controlVulDBVulDB06/11/202506/23/202506/25/2025CVE-2025-6532595453
accepted
313648SIFUSM/MZZYG BD S1 RTSP Live Video Stream Endpoint access controlVulDBVulDB06/11/202506/23/202506/27/2025CVE-2025-6531595452
accepted
31364770mai M300 Telnet Service demo.sh denial of serviceVulDBVulDB06/11/202506/23/202506/27/2025CVE-2025-6530595451
accepted
31364670mai M300 Telnet Service default credentialsVulDBVulDB06/11/202506/23/202506/27/2025CVE-2025-6529595450
accepted
31364570mai M300 RTSP Live Video Stream Endpoint 12 improper authenticationVulDBVulDB06/11/202506/23/202506/27/2025CVE-2025-6528595449
accepted
31364470mai M300 Web Server access controlVulDBVulDB06/11/202506/23/202506/27/2025CVE-2025-6527595448
accepted
31364370mai M300 HTTP Server insufficiently protected credentialsVulDBVulDB06/11/202506/23/202506/27/2025CVE-2025-6526595447
accepted
31364270mai 1S Configuration Config.cgi improper authorizationVulDBVulDB06/11/202506/23/202506/27/2025CVE-2025-6525595446
accepted
31364170mai 1S Video Services improper authenticationVulDBVulDB06/11/202506/23/202506/27/2025CVE-2025-6524595444
accepted
313638PySpur-Dev pyspur Jinja2 Template single_llm_call.py SingleLLMCallNode special elements used in a template engineVulDBVulDB06/10/202506/23/202506/23/2025CVE-2025-6518593612
accepted
313637Dromara MaxKey Meta URL SAML20DetailsController.java add server-side request forgeryVulDBVulDB06/09/202506/23/202506/24/2025CVE-2025-6517593111
accepted
313636HDF5 H5Fint.c H5F_addr_decode_len heap-based overflowVulDBVulDB06/08/202506/23/202506/26/2025CVE-2025-6516592589
accepted
313623Netgear EX6150 sub_410090 stack-based overflowVulDBVulDB06/12/202506/23/202506/23/2025CVE-2025-6511595999
accepted
313622Netgear EX6100 sub_415EF8 stack-based overflowVulDBVulDB06/10/202506/23/202506/24/2025CVE-2025-6510593678
accepted
313621seaswalker spring-analysis SimpleController.java echo cross site scriptingVulDBVulDB06/09/202506/23/202506/23/2025CVE-2025-6509592962
accepted
313619code-projects Inventory Management System fetchSelectedCategories.php sql injectionVulDBVulDB06/20/202506/22/202506/23/2025CVE-2025-6503601286
accepted
313618code-projects Inventory Management System changePassword.php sql injectionVulDBVulDB06/20/202506/22/202506/23/2025CVE-2025-6502601252
accepted
313617code-projects Inventory Management System createCategories.php sql injectionVulDBVulDB06/20/202506/22/202506/23/2025CVE-2025-6501601251
accepted
313616code-projects Inventory Management System editCategories.php sql injectionVulDBVulDB06/20/202506/22/202506/23/2025CVE-2025-6500601250
accepted
313615vstakhov libucl ucl_parser.c ucl_parse_multiline_string heap-based overflowVulDBVulDB06/20/202506/22/202506/23/2025CVE-2025-6499601011
accepted
313614HTACG tidy-html5 alloc.c defaultAlloc memory leakVulDBVulDB06/20/202506/22/202506/23/2025CVE-2025-6498601009
accepted
313613HTACG tidy-html5 parser.c prvTidyParseNamespace assertionVulDBVulDB06/20/202506/22/202506/23/2025CVE-2025-6497601008
accepted
313612HTACG tidy-html5 parser.c InsertNodeAsParent null pointer dereferenceVulDBVulDB06/20/202506/22/202506/23/2025CVE-2025-6496601007
accepted
313611sparklemotion nokogiri hashmap.c hashmap_get_with_hash heap-based overflowVulDBVulDB06/20/202506/22/202506/23/2025CVE-2025-6494601006
accepted
313610CodeMirror Markdown Mode markdown.js redosVulDBVulDB06/18/202506/22/202506/23/2025CVE-2025-6493598875
accepted
313609MarkText index.js getRecommendTitleFromMarkdownString redosVulDBVulDB06/17/202506/22/202506/22/2025CVE-2025-6492598208
accepted
313601sparklemotion nokogiri hashmap.c hashmap_set_with_hash heap-based overflowVulDBVulDB06/20/202506/21/202506/23/2025CVE-2025-6490601005
accepted
313600itsourcecode Agri-Trading Online Shopping System transactionsave.php sql injectionVulDBVulDB06/20/202506/21/202506/26/2025CVE-2025-6489601190
accepted
313595TOTOLINK A3002R formRoute stack-based overflowVulDBVulDB06/19/202506/21/202506/26/2025CVE-2025-6487600729
accepted
313594TOTOLINK A3002R formWlanMultipleAP stack-based overflowVulDBVulDB06/19/202506/21/202506/25/2025CVE-2025-6486600728
accepted
313593TOTOLINK A3002R formWlSiteSurvey os command injectionVulDBVulDB06/19/202506/21/202506/25/2025CVE-2025-6485600727
accepted
313592code-projects Online Shopping Store action.php sql injectionVulDBVulDB06/19/202506/21/202506/22/2025CVE-2025-6484600694
accepted
313591code-projects Simple Pizza Ordering System edituser.php sql injectionVulDBVulDB06/19/202506/21/202506/25/2025CVE-2025-6483600690
accepted
313590code-projects Simple Pizza Ordering System edituser-exec.php sql injectionVulDBVulDB06/19/202506/21/202506/25/2025CVE-2025-6482600689
accepted
313589code-projects Simple Pizza Ordering System update.php sql injectionVulDBVulDB06/19/202506/21/202506/25/2025CVE-2025-6481600685
accepted
313588code-projects Simple Pizza Ordering System addcatexec.php sql injectionVulDBVulDB06/19/202506/21/202506/25/2025CVE-2025-6480600684
accepted
313587code-projects Simple Pizza Ordering System salesreport.php sql injectionVulDBVulDB06/19/202506/21/202506/25/2025CVE-2025-6479600683
accepted
313586CodeAstro Expense Management System cross-site request forgeryVulDBVulDB06/19/202506/21/202506/22/2025CVE-2025-6478600581
accepted
313585SourceCodester Student Result Management System System Settings Page system cross site scriptingVulDBVulDB06/19/202506/21/202506/25/2025CVE-2025-6477600559
accepted
313584SourceCodester Gym Management System cross-site request forgeryVulDBVulDB06/19/202506/21/202506/22/2025CVE-2025-6476600558
accepted
313583SourceCodester Student Result Management System Manage Students Module manage_students cross site scriptingVulDBVulDB06/19/202506/21/202506/28/2025CVE-2025-6475600550
accepted
313582code-projects Inventory Management System changeUsername.php sql injectionVulDBVulDB06/19/202506/21/202506/28/2025CVE-2025-6474600494
accepted
313581code-projects School Fees Payment System fees.php cross site scriptingVulDBVulDB06/18/202506/21/202506/25/2025CVE-2025-6473599888
accepted
313580code-projects Online Bidding System showprod.php sql injectionVulDBVulDB06/18/202506/21/202506/28/2025CVE-2025-6472599867
accepted
313579code-projects Online Bidding System administrator sql injectionVulDBVulDB06/18/202506/21/202506/28/2025CVE-2025-6471599402
accepted
313578code-projects Online Bidding System bidlog.php sql injectionVulDBVulDB06/18/202506/21/202506/28/2025CVE-2025-6470599090
accepted
313577code-projects Online Bidding System details.php sql injectionVulDBVulDB06/18/202506/21/202506/28/2025CVE-2025-6469599089
accepted
313576code-projects Online Bidding System bidnow.php sql injectionVulDBVulDB06/18/202506/21/202506/22/2025CVE-2025-6468598994
accepted
313575code-projects Online Bidding System login.php sql injectionVulDBVulDB06/18/202506/21/202506/22/2025CVE-2025-6467598882
accepted
313574ageerle ruoyi-ai SseServiceImpl.java upload unrestricted uploadVulDBVulDB06/17/202506/21/202506/22/2025CVE-2025-6466598365
accepted
313564code-projects Online Hotel Reservation System execedituser.php sql injectionVulDBVulDB06/18/202506/20/202506/26/2025CVE-2025-6458598883
accepted
313563code-projects Online Hotel Reservation System demo.php sql injectionVulDBVulDB06/18/202506/20/202506/28/2025CVE-2025-6457598878
accepted
313562code-projects Online Hotel Reservation System order.php sql injectionVulDBVulDB06/18/202506/20/202506/28/2025CVE-2025-6456598877
accepted
313561code-projects Online Hotel Reservation System messageexec.php sql injectionVulDBVulDB06/18/202506/20/202506/28/2025CVE-2025-6455598876
accepted
313560diyhi bbs API ForumManageAction.java add path traversalVulDBVulDB06/18/202506/20/202506/22/2025CVE-2025-6453598862
accepted
313559CodeAstro Patient Record Management System Generate New Report Page cross site scriptingVulDBVulDB06/17/202506/20/202506/28/2025CVE-2025-6452598711
accepted
313558code-projects Simple Online Hotel Reservation System delete_pending.php sql injectionVulDBVulDB06/17/202506/20/202506/28/2025CVE-2025-6451598589
accepted
313557code-projects Simple Online Hotel Reservation System confirm_reserve.php sql injectionVulDBVulDB06/17/202506/20/202506/28/2025CVE-2025-6450598588
accepted
313556code-projects Simple Online Hotel Reservation System checkout_query.php sql injectionVulDBVulDB06/17/202506/20/202506/28/2025CVE-2025-6449598587
accepted
313555code-projects Simple Online Hotel Reservation System delete_room.php sql injectionVulDBVulDB06/17/202506/20/202506/28/2025CVE-2025-6448598586
accepted
313554code-projects Simple Online Hotel Reservation System index.php sql injectionVulDBVulDB06/17/202506/20/202506/22/2025CVE-2025-6447598581
accepted
313553code-projects Client Details System index.php sql injectionVulDBVulDB06/17/202506/20/202506/22/2025CVE-2025-6446598499
accepted
313417Campcodes Online Recruitment Management System About Content Page ajax.php unrestricted uploadVulDBVulDB06/17/202506/20/202506/26/2025CVE-2025-6422598211
accepted
313415code-projects Simple Online Hotel Reservation System add_account.php sql injectionVulDBVulDB06/17/202506/20/202506/26/2025CVE-2025-6421598247
accepted
313414code-projects Simple Online Hotel Reservation System add_room.php sql injectionVulDBVulDB06/17/202506/20/202506/26/2025CVE-2025-6420598246
accepted
313413code-projects Simple Online Hotel Reservation System edit_room.php sql injectionVulDBVulDB06/17/202506/20/202506/26/2025CVE-2025-6419598245
accepted
313412code-projects Simple Online Hotel Reservation System edit_query_account.php sql injectionVulDBVulDB06/17/202506/20/202506/25/2025CVE-2025-6418598243
accepted
313411PHPGurukul Art Gallery Management System add-artist.php sql injectionVulDBVulDB06/17/202506/20/202506/21/2025CVE-2025-6417598233
accepted
313410PHPGurukul Art Gallery Management System changeimage4.php sql injectionVulDBVulDB06/17/202506/20/202506/21/2025CVE-2025-6416598232
accepted
313409PHPGurukul Art Gallery Management System changeimage3.php sql injectionVulDBVulDB06/17/202506/20/202506/23/2025CVE-2025-6415598231
accepted
313408PHPGurukul Art Gallery Management System changeimage2.php sql injectionVulDBVulDB06/17/202506/20/202506/21/2025CVE-2025-6414598230
accepted
313407PHPGurukul Art Gallery Management System changeimage1.php sql injectionVulDBVulDB06/17/202506/20/202506/21/2025CVE-2025-6413598229
accepted
313406PHPGurukul Art Gallery Management System changeimage.php sql injectionVulDBVulDB06/17/202506/20/202506/21/2025CVE-2025-6412598228
accepted
313405PHPGurukul Art Gallery Management System changepropic.php sql injectionVulDBVulDB06/17/202506/20/202506/21/2025CVE-2025-6411598227
accepted
313404PHPGurukul Art Gallery Management System edit-art-medium-detail.php sql injectionVulDBVulDB06/17/202506/20/202506/21/2025CVE-2025-6410598226
accepted
313403PHPGurukul Art Gallery Management System forgot-password.php sql injectionVulDBVulDB06/17/202506/20/202506/25/2025CVE-2025-6409598225
accepted
313402Campcodes Online Hospital Management System search.php sql injectionVulDBVulDB06/17/202506/20/202506/25/2025CVE-2025-6408598207
accepted
313401Campcodes Online Hospital Management System user-login.php sql injectionVulDBVulDB06/17/202506/20/202506/25/2025CVE-2025-6407598205
accepted
313400Campcodes Online Hospital Management System forgot-password.php sql injectionVulDBVulDB06/17/202506/20/202506/25/2025CVE-2025-6406598204
accepted
313399Campcodes Online Teacher Record Management System edit-teacher-detail.php sql injectionVulDBVulDB06/17/202506/20/202506/25/2025CVE-2025-6405598200
accepted
313398Campcodes Online Teacher Record Management System search.php sql injectionVulDBVulDB06/17/202506/20/202506/25/2025CVE-2025-6404598199
accepted
313397code-projects School Fees Payment System student.php sql injectionVulDBVulDB06/16/202506/20/202506/21/2025CVE-2025-6403597758
accepted
313396TOTOLINK X15 HTTP POST Request formIpv6Setup buffer overflowVulDBVulDB06/16/202506/20/202506/26/2025CVE-2025-6402597693
accepted
313395TOTOLINK N300RH HTTP POST Message formFilter denial of serviceVulDBVulDB06/16/202506/20/202506/26/2025CVE-2025-6401597688
accepted
313394TOTOLINK N300RH HTTP POST Message formPortFw buffer overflowVulDBVulDB06/16/202506/20/202506/26/2025CVE-2025-6400597687
accepted
313392TOTOLINK X15 HTTP POST Request formIPv6Addr buffer overflowVulDBVulDB06/16/202506/20/202506/26/2025CVE-2025-6399597681
accepted
313387code-projects Simple Online Hotel Reservation System add_reserve.php sql injectionVulDBVulDB06/16/202506/20/202506/26/2025CVE-2025-6394597662
accepted
313386TOTOLINK A702R/A3002R/A3002RU/EX1200T HTTP POST Request formIPv6Addr buffer overflowVulDBVulDB06/16/202506/20/202506/23/2025CVE-2025-6393597565
accepted
313370poco MultipartReader.cpp MultipartInputStream null pointer dereferenceVulDBVulDB06/16/202506/19/202506/21/2025CVE-2025-6375597446
accepted
313367D-Link DIR-619L formSetACLFilter stack-based overflowVulDBVulDB06/16/202506/19/202506/25/2025CVE-2025-6374597428
accepted
313366D-Link DIR-619L formWlSiteSurvey formSetWizard1 stack-based overflowVulDBVulDB06/16/202506/19/202506/25/2025CVE-2025-6373597427
accepted
313365D-Link DIR-619L formSetWizard1 stack-based overflowVulDBVulDB06/16/202506/19/202506/25/2025CVE-2025-6372597426
accepted
313364D-Link DIR-619L formSetEnableWizard stack-based overflowVulDBVulDB06/16/202506/19/202506/25/2025CVE-2025-6371597424
accepted
313363D-Link DIR-619L formWlanGuestSetup stack-based overflowVulDBVulDB06/16/202506/19/202506/25/2025CVE-2025-6370597423
accepted
313362D-Link DIR-619L formdumpeasysetup stack-based overflowVulDBVulDB06/16/202506/19/202506/25/2025CVE-2025-6369597422
accepted
313361D-Link DIR-619L formSetEmail stack-based overflowVulDBVulDB06/16/202506/19/202506/25/2025CVE-2025-6368597421
accepted
313360D-Link DIR-619L formSetDomainFilter stack-based overflowVulDBVulDB06/16/202506/19/202506/25/2025CVE-2025-6367597420
accepted
313358HobbesOSR Kitten pgtable.h set_pte_at resource consumptionVulDBVulDB06/16/202506/19/202506/21/2025CVE-2025-6365597382
accepted
313357code-projects Simple Pizza Ordering System adduser-exec.php sql injectionVulDBVulDB06/15/202506/19/202506/27/2025CVE-2025-6364597305
accepted
313356code-projects Simple Pizza Ordering System adding-exec.php sql injectionVulDBVulDB06/15/202506/19/202506/21/2025CVE-2025-6363597304
accepted
313355code-projects Simple Pizza Ordering System editpro.php sql injectionVulDBVulDB06/15/202506/19/202506/27/2025CVE-2025-6362597303
accepted
313354code-projects Simple Pizza Ordering System adds.php sql injectionVulDBVulDB06/15/202506/19/202506/27/2025CVE-2025-6361597302
accepted
313353code-projects Simple Pizza Ordering System portal.php sql injectionVulDBVulDB06/15/202506/19/202506/27/2025CVE-2025-6360597301
accepted
313352code-projects Simple Pizza Ordering System cashconfirm.php sql injectionVulDBVulDB06/15/202506/19/202506/26/2025CVE-2025-6359597300
accepted
313351code-projects Simple Pizza Ordering System saveorder.php sql injectionVulDBVulDB06/15/202506/19/202506/26/2025CVE-2025-6358597299
accepted
313350code-projects Simple Pizza Ordering System paymentportal.php sql injectionVulDBVulDB06/15/202506/19/202506/26/2025CVE-2025-6357597298
accepted
313349code-projects Simple Pizza Ordering System addmem.php sql injectionVulDBVulDB06/15/202506/19/202506/26/2025CVE-2025-6356597297
accepted
313348SourceCodester Online Hotel Reservation System execeditroom.php sql injectionVulDBVulDB06/15/202506/19/202506/26/2025CVE-2025-6355597296
accepted
313346code-projects Online Shoe Store customer_signup.php sql injectionVulDBVulDB06/15/202506/19/202506/26/2025CVE-2025-6354597283
accepted
313345code-projects Responsive Blog search.php cross site scriptingVulDBVulDB06/15/202506/19/202506/23/2025CVE-2025-6353597260
accepted
313344code-projects Automated Voting System Backend vote.php direct requestVulDBVulDB06/15/202506/19/202506/26/2025CVE-2025-6352597239
accepted
313343itsourcecode Employee Record Management System editprofile.php sql injectionVulDBVulDB06/15/202506/19/202506/26/2025CVE-2025-6351597209
accepted
313342code-projects Responsive Blog pageViewMembers.php cross site scriptingVulDBVulDB06/11/202506/19/202506/20/2025CVE-2025-6347595676
accepted
313341SourceCodester Advance Charity Management System fundDetails.php sql injectionVulDBVulDB06/11/202506/19/202506/26/2025CVE-2025-6346595346
accepted
313340SourceCodester My Food Recipe Add Recipe Page add-recipe.php addRecipeModal cross site scriptingVulDBVulDB06/14/202506/19/202506/26/2025CVE-2025-6345597093
accepted
313339code-projects Online Shoe Store contactus.php sql injectionVulDBVulDB06/14/202506/19/202506/26/2025CVE-2025-6344597045
accepted
313338code-projects Online Shoe Store admin_product.php sql injectionVulDBVulDB06/14/202506/19/202506/26/2025CVE-2025-6343597044
accepted
313337code-projects Online Shoe Store admin_football.php sql injectionVulDBVulDB06/14/202506/19/202506/26/2025CVE-2025-6342597043
accepted
313336code-projects School Fees Payment System cross-site request forgeryVulDBVulDB06/14/202506/19/202506/27/2025CVE-2025-6341597023
accepted
313335code-projects School Fees Payment System branch.php cross site scriptingVulDBVulDB06/14/202506/19/202506/26/2025CVE-2025-6340596998
accepted
313334ponaravindb Hospital Management System func3.php sql injectionVulDBVulDB06/13/202506/19/202506/19/2025CVE-2025-6339596744
accepted
313333TOTOLINK A3002R/A3002RU HTTP POST Request formTmultiAP buffer overflowVulDBVulDB06/13/202506/19/202506/19/2025CVE-2025-6337596691
accepted
313332TOTOLINK EX1200T HTTP POST Request formTmultiAP buffer overflowVulDBVulDB06/13/202506/19/202506/26/2025CVE-2025-6336596690
accepted
313331DedeCMS Template dedetag.class.php command injectionVulDBVulDB06/13/202506/19/202506/24/2025CVE-2025-6335596624
accepted
313330D-Link DIR-867 Query String strncpy stack-based overflowVulDBVulDB06/13/202506/19/202506/24/2025CVE-2025-6334596579
accepted
313329PHPGurukul Directory Management System admin-profile.php sql injectionVulDBVulDB06/13/202506/19/202506/26/2025CVE-2025-6333596535
accepted
313328PHPGurukul Directory Management System manage-directory.php sql injectionVulDBVulDB06/13/202506/19/202506/26/2025CVE-2025-6332596534
accepted
313327PHPGurukul Directory Management System search-directory.php sql injectionVulDBVulDB06/13/202506/19/202506/26/2025CVE-2025-6331596533
accepted
313326PHPGurukul Directory Management System searchdata.php sql injectionVulDBVulDB06/13/202506/19/202506/26/2025CVE-2025-6330596532
accepted
313325ScriptAndTools Real Estate Management System User Delete userdelete.php authorizationVulDBVulDB06/13/202506/19/202506/24/2025CVE-2025-6329596472
accepted
313324D-Link DIR-815 hedwig.cgi sub_403794 stack-based overflowVulDBVulDB06/13/202506/19/202506/24/2025CVE-2025-6328596439
accepted
313323PHPGurukul Pre-School Enrollment System enrollment.php sql injectionVulDBVulDB06/13/202506/19/202506/26/2025CVE-2025-6323596383
accepted
313322PHPGurukul Pre-School Enrollment System visit.php sql injectionVulDBVulDB06/13/202506/19/202506/27/2025CVE-2025-6322596382
accepted
313321PHPGurukul Pre-School Enrollment System add-subadmin.php sql injectionVulDBVulDB06/13/202506/19/202506/27/2025CVE-2025-6321596380
accepted
313320PHPGurukul Pre-School Enrollment System add-class.php sql injectionVulDBVulDB06/13/202506/19/202506/27/2025CVE-2025-6320596378
accepted
313319PHPGurukul Pre-School Enrollment System add-teacher.php sql injectionVulDBVulDB06/13/202506/19/202506/27/2025CVE-2025-6319596377
accepted
313318PHPGurukul Pre-School Enrollment System check_availability.php sql injectionVulDBVulDB06/12/202506/19/202506/27/2025CVE-2025-6318596065
accepted
313317code-projects Online Shoe Store confirm.php sql injectionVulDBVulDB06/12/202506/19/202506/27/2025CVE-2025-6317595991
accepted
313316code-projects Online Shoe Store admin_running.php sql injectionVulDBVulDB06/12/202506/19/202506/27/2025CVE-2025-6316595990
accepted
313315code-projects Online Shoe Store cart2.php sql injectionVulDBVulDB06/12/202506/19/202506/27/2025CVE-2025-6315595989
accepted
313314Campcodes Sales and Inventory System cat_update.php sql injectionVulDBVulDB06/12/202506/19/202506/20/2025CVE-2025-6314595944
accepted
313313Campcodes Sales and Inventory System cat_add.php sql injectionVulDBVulDB06/12/202506/19/202506/20/2025CVE-2025-6313595931
accepted
313312Campcodes Sales and Inventory System cash_transaction.php sql injectionVulDBVulDB06/12/202506/19/202506/20/2025CVE-2025-6312595930
accepted
313311Campcodes Sales and Inventory System account_add.php sql injectionVulDBVulDB06/12/202506/19/202506/20/2025CVE-2025-6311595922
accepted
313310PHPGurukul Emergency Ambulance Hiring Portal index.php sql injectionVulDBVulDB06/12/202506/19/202506/27/2025CVE-2025-6310595917
accepted
313309PHPGurukul Emergency Ambulance Hiring Portal add-ambulance.php sql injectionVulDBVulDB06/12/202506/19/202506/27/2025CVE-2025-6309595916
accepted
313308PHPGurukul Emergency Ambulance Hiring Portal bwdates-request-report-details.php sql injectionVulDBVulDB06/12/202506/19/202506/27/2025CVE-2025-6308595915
accepted
313307code-projects Online Shoe Store edit_customer.php sql injectionVulDBVulDB06/12/202506/19/202506/27/2025CVE-2025-6307595762
accepted
313306code-projects Online Shoe Store admin_index.php sql injectionVulDBVulDB06/12/202506/19/202506/27/2025CVE-2025-6306595761
accepted
313305code-projects Online Shoe Store admin_feature.php sql injectionVulDBVulDB06/12/202506/19/202506/27/2025CVE-2025-6305595760
accepted
313304code-projects Online Shoe Store cart.php sql injectionVulDBVulDB06/11/202506/19/202506/27/2025CVE-2025-6304595515
accepted
313303code-projects Online Shoe Store contactus1.php sql injectionVulDBVulDB06/11/202506/19/202506/27/2025CVE-2025-6303595514
accepted
313302TOTOLINK EX1200T cstecgi.cgi setStaticDhcpConfig stack-based overflowVulDBVulDB06/11/202506/19/202506/20/2025CVE-2025-6302595473
accepted
313301PHPGurukul Notice Board System Add Notice manage-notices.php cross site scriptingVulDBVulDB06/11/202506/19/202506/26/2025CVE-2025-6301595373
accepted
313300PHPGurukul Employee Record Management System editempeducation.php sql injectionVulDBVulDB06/11/202506/19/202506/26/2025CVE-2025-6300595366
accepted
313299TOTOLINK N150RT formWSC os command injectionVulDBVulDB06/11/202506/19/202506/20/2025CVE-2025-6299594650
accepted
313298code-projects Hostel Management System empty_rooms.php sql injectionVulDBVulDB06/10/202506/19/202506/20/2025CVE-2025-6296594016
accepted
313297code-projects Hostel Management System allocated_rooms.php sql injectionVulDBVulDB06/10/202506/19/202506/26/2025CVE-2025-6295593998
accepted
313296code-projects Hostel Management System contact.php sql injectionVulDBVulDB06/10/202506/19/202506/26/2025CVE-2025-6294593997
accepted
313295code-projects Hostel Management System contact_manager.php sql injectionVulDBVulDB06/10/202506/19/202506/26/2025CVE-2025-6293593996
accepted
313294D-Link DIR-825 HTTP POST Request sub_4091AC stack-based overflowVulDBVulDB06/10/202506/19/202506/20/2025CVE-2025-6292593938
accepted
313293D-Link DIR-825 HTTP POST Request do_file stack-based overflowVulDBVulDB06/10/202506/19/202506/20/2025CVE-2025-6291593937
accepted
313292PHPGurukul Bus Pass Management System Profile Page admin-profile.php cross site scriptingVulDBVulDB06/10/202506/19/202506/27/2025CVE-2025-6288593923
accepted
313291PHPGurukul COVID19 Testing Management System Take Action test-details.php cross site scriptingVulDBVulDB06/10/202506/19/202506/27/2025CVE-2025-6287593878
accepted
313290PHPGurukul COVID19 Testing Management System search-report-result.php redirectVulDBVulDB06/10/202506/19/202506/27/2025CVE-2025-6286593794
accepted
313289PHPGurukul COVID19 Testing Management System search-report-result.php cross site scriptingVulDBVulDB06/10/202506/19/202506/27/2025CVE-2025-6285593789
accepted
313288PHPGurukul Car Rental Portal cross-site request forgeryVulDBVulDB06/10/202506/19/202506/24/2025CVE-2025-6284593775
accepted
313287xataio Xata Agent route.ts GET path traversalVulDBVulDB06/10/202506/19/202506/24/2025CVE-2025-6283593627
accepted
313286xlang-ai OpenAgents file.py create_upload_file path traversalVulDBVulDB06/10/202506/19/202506/24/2025CVE-2025-6282593616
accepted
313285OpenBMB XAgent community path traversalVulDBVulDB06/10/202506/19/202506/24/2025CVE-2025-6281593615
accepted
313284TransformerOptimus SuperAGI EmailToolKit read_email.py download_attachment path traversalVulDBVulDB06/10/202506/19/202506/24/2025CVE-2025-6280593614
accepted
313283Upsonic Pickle add_tool cloudpickle.loads deserializationVulDBVulDB06/09/202506/19/202506/24/2025CVE-2025-6279593099
accepted
313282Upsonic server.py os.path.join path traversalVulDBVulDB06/09/202506/19/202506/24/2025CVE-2025-6278593096
accepted
313281Brilliance Golden Link Secondary System custTakeInfoPage.htm sql injectionVulDBVulDB06/09/202506/19/202506/24/2025CVE-2025-6277593074
accepted
313280Brilliance Golden Link Secondary System rentTakeInfoPage.htm sql injectionVulDBVulDB06/09/202506/19/202506/24/2025CVE-2025-6276593067
accepted
313279WebAssembly wabt binary-reader-interp.cc GetFuncOffset use after freeVulDBVulDB06/09/202506/19/202506/24/2025CVE-2025-6275593017
accepted
313278WebAssembly wabt binary-reader-interp.cc OnDataCount resource consumptionVulDBVulDB06/09/202506/19/202506/24/2025CVE-2025-6274593016
accepted
313277WebAssembly wabt binary-reader-objdump.cc LogOpcode assertion [Disputed]VulDBVulDB06/09/202506/19/202506/24/2025CVE-2025-6273593010
accepted
313276wasm3 m3_compile.c MarkSlotAllocated out-of-bounds writeVulDBVulDB06/09/202506/19/202506/24/2025CVE-2025-6272593008
accepted
313275swftools wav2swf wav.c wav_convert2mono out-of-boundsVulDBVulDB06/09/202506/19/202506/24/2025CVE-2025-6271593005
accepted
313274HDF5 H5FSsection.c H5FS__sect_find_node heap-based overflowVulDBVulDB06/08/202506/19/202506/24/2025CVE-2025-6270592588
accepted
313273HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflowVulDBVulDB06/08/202506/19/202506/24/2025CVE-2025-6269592587
accepted
313272Luna Imaging search cross site scriptingVulDBVulDB06/07/202506/19/202506/24/2025CVE-2025-6268592218
accepted
313271zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 barcodeDetail sql injectionVulDBVulDB05/29/202506/19/202506/24/2025CVE-2025-6267586697
accepted
313270FLIR AX8 upload.php unrestricted uploadVulDBVulDB05/29/202506/19/202506/24/2025CVE-2025-6266586692
accepted
312661Webkul QloApps ajax_products_list.php sql injectionVulDBVulDB06/10/202506/16/202506/26/2025CVE-2025-6173593679
accepted
312642themanojdesai python-a2a api.py create_workflow path traversalVulDBVulDB06/10/202506/15/202506/17/2025CVE-2025-6167593613
accepted
312641frdel Agent-Zero image_get.py image_get path traversalVulDBVulDB06/10/202506/15/202506/17/2025CVE-2025-6166593611
accepted
312640TOTOLINK X15 HTTP POST Request formTmultiAP buffer overflowVulDBVulDB06/10/202506/15/202506/23/2025CVE-2025-6165593603
accepted
312639TOTOLINK A3002R HTTP POST Request formMultiAP buffer overflowVulDBVulDB06/10/202506/15/202506/23/2025CVE-2025-6164593602
accepted
312638TOTOLINK A3002RU HTTP POST Request formMultiAP buffer overflowVulDBVulDB06/10/202506/15/202506/23/2025CVE-2025-6163593601
accepted
312637TOTOLINK EX1200T HTTP POST Request formMultiAP buffer overflowVulDBVulDB06/10/202506/15/202506/23/2025CVE-2025-6162593600
accepted
312636SourceCodester Simple Food Ordering System editproduct.php unrestricted uploadVulDBVulDB06/09/202506/15/202506/26/2025CVE-2025-6161593237
accepted
312635SourceCodester Client Database Management System user_customer_create_order.php sql injectionVulDBVulDB06/09/202506/15/202506/26/2025CVE-2025-6160593216
accepted
312634code-projects Hostel Management System allocate_room.php sql injectionVulDBVulDB06/09/202506/15/202506/26/2025CVE-2025-6159593177
accepted
312633D-Link DIR-665 HTTP POST Request sub_AC78 stack-based overflowVulDBVulDB06/09/202506/15/202506/17/2025CVE-2025-6158593161
accepted
312632PHPGurukul Nipah Virus Testing Management System registered-user-testing.php sql injectionVulDBVulDB06/09/202506/15/202506/25/2025CVE-2025-6157593101
accepted
312631PHPGurukul Nipah Virus Testing Management System bwdates-report-ds.php sql injectionVulDBVulDB06/09/202506/15/202506/25/2025CVE-2025-6156593100
accepted
312630PHPGurukul Hostel Management System login-hm.inc.php sql injectionVulDBVulDB06/09/202506/15/202506/25/2025CVE-2025-6155593078
accepted
312629PHPGurukul Hostel Management System login.inc.php sql injectionVulDBVulDB06/09/202506/15/202506/25/2025CVE-2025-6154593076
accepted
312628PHPGurukul Hostel Management System students.php sql injectionVulDBVulDB06/09/202506/15/202506/25/2025CVE-2025-6153593075
accepted
312627Steel Browser files.routes.ts handleFileUpload path traversalVulDBVulDB06/09/202506/15/202506/17/2025CVE-2025-6152593060
accepted
312626TP-Link TL-WR940N WanSlaacCfgRpm.htm buffer overflowVulDBVulDB06/09/202506/15/202506/19/2025CVE-2025-6151593031
accepted
312625TOTOLINK X15 HTTP POST Request formMultiAP buffer overflowVulDBVulDB06/09/202506/15/202506/23/2025CVE-2025-6150593021
accepted
312624TOTOLINK A3002R HTTP POST Request formSysLog buffer overflowVulDBVulDB06/09/202506/15/202506/23/2025CVE-2025-6149593019
accepted
312623TOTOLINK A3002RU HTTP POST Request formSysLog buffer overflowVulDBVulDB06/09/202506/15/202506/23/2025CVE-2025-6148593018
accepted
312622TOTOLINK A702R HTTP POST Request formSysLog buffer overflowVulDBVulDB06/09/202506/15/202506/23/2025CVE-2025-6147593015
accepted
312621TOTOLINK X15 HTTP POST Request formSysLog buffer overflowVulDBVulDB06/09/202506/15/202506/23/2025CVE-2025-6146593014
accepted
312620TOTOLINK EX1200T HTTP POST Request formSysLog buffer overflowVulDBVulDB06/09/202506/15/202506/23/2025CVE-2025-6145593011
accepted
312619TOTOLINK EX1200T HTTP POST Request formSysCmd buffer overflowVulDBVulDB06/09/202506/15/202506/23/2025CVE-2025-6144593009
accepted
312618TOTOLINK EX1200T HTTP POST Request formNtp buffer overflowVulDBVulDB06/09/202506/15/202506/23/2025CVE-2025-6143593004
accepted
312613Intera InHire server-side request forgeryVulDBVulDB05/30/202506/15/202506/17/2025CVE-2025-6142587665
accepted
312610GNU ncurses parse_entry.c postprocess_termcap stack-based overflowVulDBVulDB06/09/202506/15/202506/17/2025CVE-2025-6141593000
accepted
312609spdlog pattern_formatter-inl.h scoped_padder resource consumptionVulDBVulDB06/09/202506/15/202506/21/2025CVE-2025-6140592999
accepted
312608TOTOLINK T10 shadow.sample hard-coded passwordVulDBVulDB06/09/202506/15/202506/26/2025CVE-2025-6139592922
accepted
312607TOTOLINK T10 HTTP POST Request cstecgi.cgi setWizardCfg buffer overflowVulDBVulDB06/09/202506/15/202506/20/2025CVE-2025-6138592917
accepted
312606TOTOLINK T10 HTTP POST Request cstecgi.cgi setWiFiScheduleCfg buffer overflowVulDBVulDB06/09/202506/15/202506/26/2025CVE-2025-6137592911
accepted
312605Projectworlds Life Insurance Management System insertPayment.php sql injectionVulDBVulDB06/08/202506/15/202506/26/2025CVE-2025-6136592842
accepted
312604Projectworlds Life Insurance Management System insertNominee.php sql injectionVulDBVulDB06/08/202506/15/202506/26/2025CVE-2025-6135592840
accepted
312603Projectworlds Life Insurance Management System insertClient.php sql injectionVulDBVulDB06/08/202506/15/202506/26/2025CVE-2025-6134592839
accepted
312602Projectworlds Life Insurance Management System insertagent.php sql injectionVulDBVulDB06/08/202506/15/202506/25/2025CVE-2025-6133592838
accepted
312601Chanjet CRM departmentsetting.php sql injectionVulDBVulDB06/08/202506/15/202506/17/2025CVE-2025-6132592781
accepted
312600CodeAstro Food Ordering System POST Request Parameter edit cross site scriptingVulDBVulDB06/08/202506/15/202506/17/2025CVE-2025-6131592780
accepted
312599TOTOLINK EX1200T HTTP POST Request formStats buffer overflowVulDBVulDB06/08/202506/15/202506/20/2025CVE-2025-6130592696
accepted
312598TOTOLINK EX1200T HTTP POST Request formSaveConfig buffer overflowVulDBVulDB06/08/202506/15/202506/16/2025CVE-2025-6129592695
accepted
312597TOTOLINK EX1200T HTTP POST Request formWirelessTbl buffer overflowVulDBVulDB06/08/202506/15/202506/16/2025CVE-2025-6128592694
accepted
312596PHPGurukul Nipah Virus Testing Management System search-report.php cross site scriptingVulDBVulDB06/08/202506/15/202506/25/2025CVE-2025-6127592641
accepted
312595PHPGurukul Rail Pass Management System contact.php cross site scriptingVulDBVulDB06/08/202506/15/202506/25/2025CVE-2025-6126592639
accepted
312594PHPGurukul Rail Pass Management System aboutus.php cross site scriptingVulDBVulDB06/08/202506/15/202506/25/2025CVE-2025-6125592638
accepted
312593code-projects Restaurant Order System tablelow.php sql injectionVulDBVulDB06/08/202506/15/202506/25/2025CVE-2025-6124592625
accepted
312592code-projects Restaurant Order System payment.php sql injectionVulDBVulDB06/08/202506/15/202506/25/2025CVE-2025-6123592621
accepted
312591code-projects Restaurant Order System table.php sql injectionVulDBVulDB06/08/202506/15/202506/25/2025CVE-2025-6122592624
accepted
312590D-Link DIR-632 HTTP POST Request get_pure_content stack-based overflowVulDBVulDB06/08/202506/15/202506/16/2025CVE-2025-6121592574
accepted
312589Open Asset Import Library Assimp HL1MDLLoader.cpp read_meshes heap-based overflowVulDBVulDB06/06/202506/15/202506/16/2025CVE-2025-6120591235
accepted
312588Open Asset Import Library Assimp BVHLoader.cpp ReadNodeChannels use after freeVulDBVulDB06/06/202506/15/202506/16/2025CVE-2025-6119591233
accepted
312587Das Parking Management System 停车场管理系统 API search sql injectionVulDBVulDB06/06/202506/15/202506/16/2025CVE-2025-6118591173
accepted
312586Das Parking Management System 停车场管理系统 API Search sql injectionVulDBVulDB06/06/202506/15/202506/16/2025CVE-2025-6117591161
accepted
312585Das Parking Management System 停车场管理系统 API Search sql injectionVulDBVulDB06/06/202506/15/202506/16/2025CVE-2025-6116591160
accepted
312584D-Link DIR-619L form_macfilter stack-based overflowVulDBVulDB06/08/202506/15/202506/16/2025CVE-2025-6115592570
accepted
312583D-Link DIR-619L form_portforwarding stack-based overflowVulDBVulDB06/08/202506/15/202506/16/2025CVE-2025-6114592568
accepted
312582Tenda FH1203 AdvSetLanip fromadvsetlanip buffer overflowVulDBVulDB06/07/202506/15/202506/16/2025CVE-2025-6113592478
accepted
312581Tenda FH1205 AdvSetLanip fromadvsetlanip buffer overflowVulDBVulDB06/07/202506/15/202506/16/2025CVE-2025-6112592472
accepted
312580Tenda FH1205 VirtualSer fromVirtualSer stack-based overflowVulDBVulDB06/07/202506/15/202506/16/2025CVE-2025-6111592471
accepted
312579Tenda FH1201 SafeMacFilter stack-based overflowVulDBVulDB06/07/202506/15/202506/16/2025CVE-2025-6110592473
accepted
312578javahongxi whatsmars InitializrController.java initialize path traversalVulDBVulDB06/07/202506/15/202506/16/2025CVE-2025-6109592397
accepted
312577hansonwang99 Spring-Boot-In-Action File Upload ImageUploadService.java watermarkTest path traversalVulDBVulDB06/07/202506/15/202506/16/2025CVE-2025-6108592362
accepted
312576comfyanonymous comfyui utils.py set_attr dynamically-determined object attributesVulDBVulDB06/05/202506/15/202506/18/2025CVE-2025-6107590921
accepted
312575WuKongOpenSource WukongCRM AdminRoleController.java cross-site request forgeryVulDBVulDB06/05/202506/15/202506/16/2025CVE-2025-6106590852
accepted
312574jflyfox jfinal_cms HOME.java cross-site request forgeryVulDBVulDB06/05/202506/15/202506/16/2025CVE-2025-6105590704
accepted
312573Wifi-soft UniBox Controller pms_check.php os command injectionVulDBVulDB06/05/202506/15/202506/16/2025CVE-2025-6104590747
accepted
312572Wifi-soft UniBox Controller test_accesscodelogin.php os command injectionVulDBVulDB06/05/202506/15/202506/16/2025CVE-2025-6103590734
accepted
312571Wifi-soft UniBox Controller logout.php os command injectionVulDBVulDB06/05/202506/15/202506/16/2025CVE-2025-6102590648
accepted
312570letta-ai letta interface.py function_message eval injectionVulDBVulDB06/05/202506/15/202506/16/2025CVE-2025-6101590528
accepted
312569realguoshuai open-video-cms list sql injectionVulDBVulDB06/04/202506/15/202506/16/2025CVE-2025-6100590375
accepted
312568szluyu99 gin-vue-blog PATCH Request manager.go improper authorizationVulDBVulDB06/03/202506/15/202506/16/2025CVE-2025-6099589495
accepted
312567UTT 进取 750W API setSysAdm strcpy buffer overflowVulDBVulDB06/03/202506/15/202506/16/2025CVE-2025-6098589437
accepted
312566UTT 进取 750W Administrator Password setSysAdm formDefineManagement unverified password changeVulDBVulDB06/03/202506/15/202506/16/2025CVE-2025-6097589425
accepted
312565codesiddhant Jasmin Ransomware dashboard.php sql injectionVulDBVulDB06/02/202506/15/202506/16/2025CVE-2025-6096588836
accepted
312564codesiddhant Jasmin Ransomware checklogin.php sql injectionVulDBVulDB06/02/202506/15/202506/16/2025CVE-2025-6095588833
accepted
312563FoxCMS Download.php batchCope sql injectionVulDBVulDB06/02/202506/15/202506/16/2025CVE-2025-6094588807
accepted
312562uYanki board-stm32f103rc-berial heartrate1_hal.c heartrate1_i2c_hal_write stack-based overflowVulDBVulDB05/31/202506/15/202506/16/2025CVE-2025-6093588106
accepted
312559comfyanonymous comfyui Incomplete Fix CVE-2024-10099 image cross site scriptingVulDBVulDB06/01/202506/15/202506/15/2025CVE-2025-6092588224
accepted
312558H3C GR-3000AX aspForm UpdateIpv6Params buffer overflowVulDBVulDB05/31/202506/15/202506/15/2025CVE-2025-6091588000
accepted
312557H3C GR-5400AX aspForm UpdateIpv6params buffer overflowVulDBVulDB05/31/202506/15/202506/15/2025CVE-2025-6090587999
accepted
312556Astun Technology iShare Maps atCheckJS.aspx redirectVulDBVulDB05/31/202506/15/202506/15/2025CVE-2025-6089587876
accepted
312332kiCode111 like-girl ipAddPost.php sql injectionVulDBVulDB05/31/202506/11/202506/19/2025CVE-2025-6009588092
accepted
312331kiCode111 like-girl ImgAddPost.php sql injectionVulDBVulDB05/31/202506/11/202506/19/2025CVE-2025-6008588088
accepted
312330kiCode111 like-girl CopyadminPost.php sql injectionVulDBVulDB05/30/202506/11/202506/19/2025CVE-2025-6007587569
accepted
312329kiCode111 like-girl ImgUpdaPost.php sql injectionVulDBVulDB05/30/202506/11/202506/20/2025CVE-2025-6006587551
accepted
312328kiCode111 like-girl aboutPost.php sql injectionVulDBVulDB05/30/202506/11/202506/20/2025CVE-2025-6005587540
accepted
311900code-projects School Fees Payment System improper authenticationVulDBVulDB06/08/202506/10/202506/11/2025CVE-2025-5985592612
accepted
311899SourceCodester Online Student Clearance System add-fee.php cross site scriptingVulDBVulDB06/08/202506/10/202506/11/2025CVE-2025-5984592554
accepted
311860code-projects Restaurant Order System order.php sql injectionVulDBVulDB06/07/202506/10/202506/16/2025CVE-2025-5980592467
accepted
311859code-projects School Fees Payment System branch.php sql injectionVulDBVulDB06/07/202506/10/202506/16/2025CVE-2025-5979592463
accepted
311856Tenda FH1202 VirtualSer fromVirtualSer stack-based overflowVulDBVulDB06/07/202506/10/202506/20/2025CVE-2025-5978592462
accepted
311855code-projects School Fees Payment System datatable.php sql injectionVulDBVulDB06/07/202506/10/202506/11/2025CVE-2025-5977592458
accepted
311854PHPGurukul Rail Pass Management System add-pass.php cross site scriptingVulDBVulDB06/07/202506/10/202506/11/2025CVE-2025-5976592442
accepted
311853PHPGurukul Rail Pass Management System download-pass.php cross site scriptingVulDBVulDB06/07/202506/10/202506/11/2025CVE-2025-5975592440
accepted
311852PHPGurukul Restaurant Table Booking System check-status.php cross site scriptingVulDBVulDB06/07/202506/10/202506/11/2025CVE-2025-5974592357
accepted
311851PHPGurukul Restaurant Table Booking System add-table.php cross site scriptingVulDBVulDB06/07/202506/10/202506/11/2025CVE-2025-5973592343
accepted
311850PHPGurukul Restaurant Table Booking System manage-subadmins.php cross site scriptingVulDBVulDB06/07/202506/10/202506/11/2025CVE-2025-5972592340
accepted
311847code-projects School Fees Payment System ajx.php sql injectionVulDBVulDB06/07/202506/10/202506/16/2025CVE-2025-5971592339
accepted
311846PHPGurukul Restaurant Table Booking System add-subadmin.php cross site scriptingVulDBVulDB06/07/202506/10/202506/10/2025CVE-2025-5970592338
accepted
311845D-Link DIR-632 HTTP POST Request biurl_grou FUN_00425fd8 stack-based overflowVulDBVulDB06/07/202506/10/202506/10/2025CVE-2025-5969592336
accepted
311789Zend.To NSSDropoff.php exec os command injectionVulDBVulDB06/03/202506/09/202506/10/2025CVE-2025-5952589178
accepted
311713Open5GS AMF/MME emm-sm.c common_register_state denial of serviceVulDBVulDB06/03/202506/09/202506/10/2025CVE-2025-5935589354
accepted
311712Netgear EX3700 mtd sub_41619C stack-based overflowVulDBVulDB06/01/202506/09/202506/20/2025CVE-2025-5934588258
accepted
311687PHPGurukul Vehicle Record Management System search-vehicle.php sql injectionVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5913592310
accepted
311686D-Link DIR-632 HTTP POST Request do_file stack-based overflowVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5912592307
accepted
311684TOTOLINK EX1200T HTTP POST Request formDMZ buffer overflowVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5911592272
accepted
311683TOTOLINK EX1200T HTTP POST Request formWsc buffer overflowVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5910592271
accepted
311682TOTOLINK EX1200T HTTP POST Request formReflashClientTbl buffer overflowVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5909592270
accepted
311681TOTOLINK EX1200T HTTP POST Request formIpQoS buffer overflowVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5908592269
accepted
311680TOTOLINK EX1200T HTTP POST Request formFilter buffer overflowVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5907592267
accepted
311679code-projects Laundry System data missing authenticationVulDBVulDB06/07/202506/09/202506/13/2025CVE-2025-5906592266
accepted
311678TOTOLINK T10 POST Request cstecgi.cgi setWiFiRepeaterCfg buffer overflowVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5905592265
accepted
311677TOTOLINK T10 POST Request cstecgi.cgi setWiFiMeshName buffer overflowVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5904592264
accepted
311676TOTOLINK T10 POST Request cstecgi.cgi setWiFiAclRules buffer overflowVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5903592247
accepted
311675TOTOLINK T10 POST Request cstecgi.cgi setUpgradeFW buffer overflowVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5902592246
accepted
311674TOTOLINK T10 POST Request cstecgi.cgi UploadCustomModule buffer overflowVulDBVulDB06/07/202506/09/202506/16/2025CVE-2025-5901592243
accepted
311673Tenda AC9 cross-site request forgeryVulDBVulDB06/06/202506/09/202506/16/2025CVE-2025-5900592198
accepted
311671GNU PSPP pspp-convert.c parse_variables_option free of memory not on the heapVulDBVulDB05/28/202506/09/202506/10/2025CVE-2025-5899586106
accepted
311670GNU PSPP pspp-convert.c parse_variables_option out-of-bounds writeVulDBVulDB05/28/202506/09/202506/10/2025CVE-2025-5898586105
accepted
311669vuejs vue-cli Markdown Code HtmlPwaPlugin.js HtmlPwaPlugin redosVulDBVulDB05/28/202506/09/202506/10/2025CVE-2025-5897585798
accepted
311668tarojs taro index.js redosVulDBVulDB05/28/202506/09/202506/10/2025CVE-2025-5896585796
accepted
311667Metabase dom.js parseDataUri redosVulDBVulDB05/28/202506/09/202506/10/2025CVE-2025-5895585795
accepted
311663RocketChat parseMessage.js parseMessage redosVulDBVulDB05/28/202506/09/202506/10/2025CVE-2025-5892585751
accepted
311662Unitech pm2 Config.js redosVulDBVulDB05/28/202506/09/202506/10/2025CVE-2025-5891585750
accepted
311661actions toolkit glob internal-pattern.ts globEscape redosVulDBVulDB05/28/202506/09/202506/10/2025CVE-2025-5890585727
accepted
311660juliangruber brace-expansion index.js expand redosVulDBVulDB05/28/202506/09/202506/11/2025CVE-2025-5889585717
accepted
311659jsnjfz WebStack-Guns cross-site request forgeryVulDBVulDB05/21/202506/09/202506/09/2025CVE-2025-5888582062
accepted
311658jsnjfz WebStack-Guns File Upload UserMgrController.java cross site scriptingVulDBVulDB05/19/202506/09/202506/10/2025CVE-2025-5887580744
accepted
311657Emlog article.php cross site scriptingVulDBVulDB05/06/202506/09/202506/20/2025CVE-2025-5886571804
accepted
311656Konica Minolta bizhub cross-site request forgeryVulDBVulDB02/02/202506/09/202506/09/2025CVE-2025-5885493666
accepted
311655Konica Minolta bizhub Display MFP Information List cross site scriptingVulDBVulDB02/02/202506/09/202506/09/2025CVE-2025-5884493653
accepted
311639code-projects Chat System confirm_password.php sql injectionVulDBVulDB06/06/202506/08/202506/25/2025CVE-2025-5881592112
accepted
311638Whistle get-temp-file path traversalVulDBVulDB05/22/202506/08/202506/08/2025CVE-2025-5880582867
accepted
311637WuKongOpenSource WukongCRM File Upload AdminSysConfigController.java cross site scriptingVulDBVulDB05/30/202506/08/202506/09/2025CVE-2025-5879587201
accepted
311636Fengoffice Feng Office Document Upload ApplicationDataObject.class.php xml external entity referenceVulDBVulDB05/29/202506/08/202506/09/2025CVE-2025-5877586971
accepted
311635Lucky LM-520-SC/LM-520-FSC/LM-520-FSC-SAM missing authenticationVulDBVulDB05/28/202506/08/202506/09/2025CVE-2025-5876585821
accepted
311634TP-LINK Technologies TL-IPC544EP-W4 main sub_69064 buffer overflowVulDBVulDB05/20/202506/08/202506/23/2025CVE-2025-5875581366
accepted
311633Redash getattr python.py run_query sandboxVulDBVulDB05/18/202506/08/202506/09/2025CVE-2025-5874580255
accepted
311632eCharge Hardy Barth Salia PLCC Web UI firmware.php unrestricted uploadVulDBVulDB05/28/202506/08/202506/09/2025CVE-2025-5873585733
accepted
311631eGauge EG3000 Energy Monitor Setting missing authenticationVulDBVulDB05/27/202506/08/202506/09/2025CVE-2025-5872585486
accepted
311630Papendorf SOL Connect Center Web Interface missing authenticationVulDBVulDB05/27/202506/08/202506/09/2025CVE-2025-5871585459
accepted
311629TRENDnet TV-IP121W Web Interface setup.cgi improper authenticationVulDBVulDB05/27/202506/08/202506/09/2025CVE-2025-5870585435
accepted
311628RT-Thread lwp_syscall.c sys_recvfrom memory corruptionVulDBVulDB05/24/202506/08/202506/09/2025CVE-2025-5869584135
accepted
311627RT-Thread lwp_syscall.c sys_thread_sigprocmask array indexVulDBVulDB05/24/202506/08/202506/09/2025CVE-2025-5868584130
accepted
311626RT-Thread lwp_syscall.c csys_sendto null pointer dereferenceVulDBVulDB05/24/202506/08/202506/09/2025CVE-2025-5867584129
accepted
311625RT-Thread lwp_syscall.c sys_sigprocmask array indexVulDBVulDB05/24/202506/08/202506/09/2025CVE-2025-5866584127
accepted
311624RT-Thread Parameter lwp_syscall.c sys_select memory corruptionVulDBVulDB05/24/202506/08/202506/09/2025CVE-2025-5865584124
accepted
311623Tenda TDSEE App Password Reset Confirmation Code ConfirmSmsCode excessive authenticationVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5864592074
accepted
311622Tenda AC5 SetRebootTimer formSetRebootTimer stack-based overflowVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5863591981
accepted
311621Tenda AC7 setPptpUserList formSetPPTPUserList buffer overflowVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5862591980
accepted
311620Tenda AC7 AdvSetLanip fromadvsetlanip buffer overflowVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5861591960
accepted
311619PHPGurukul Maid Hiring Management System search-booking-request.php sql injectionVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5860591910
accepted
311605PHPGurukul Nipah Virus Testing Management System test-details.php sql injectionVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5859591443
accepted
311604PHPGurukul Nipah Virus Testing Management System patient-report.php sql injectionVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5858591440
accepted
311603code-projects Patient Record Management System urinalysis_record.php sql injectionVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5857591430
accepted
311602PHPGurukul BP Monitoring Management System registration.php sql injectionVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5856591426
accepted
311601Tenda AC6 SetRebootTimer formSetRebootTimer stack-based overflowVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5855591422
accepted
311600Tenda AC6 AdvSetLanip fromadvsetlanip buffer overflowVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5854591420
accepted
311599Tenda AC6 SetRemoteWebCfg formSetSafeWanWebMan stack-based overflowVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5853591419
accepted
311598Tenda AC6 setPptpUserList formSetPPTPUserList buffer overflowVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5852591392
accepted
311597Tenda AC15 HTTP POST Request AdvSetLanip fromadvsetlanip buffer overflowVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5851591384
accepted
311596Tenda AC15 HTTP POST Request SetLEDCf formsetschedled buffer overflowVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5850591376
accepted
311595Tenda AC15 HTTP POST Request SetRemoteWebCfg formSetSafeWanWebMan stack-based overflowVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5849591375
accepted
311594Tenda AC15 HTTP POST Request setPptpUserList formSetPPTPUserList buffer overflowVulDBVulDB06/06/202506/08/202506/09/2025CVE-2025-5848591372
accepted
311593Tenda AC9 HTTP POST Request SetRemoteWebCfg formSetSafeWanWebMan stack-based overflowVulDBVulDB06/06/202506/08/202506/08/2025CVE-2025-5847591362
accepted
311583SourceCodester Client Database Management System user_update_customer_order.php unrestricted uploadVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5840591425
accepted
311582Tenda AC9 POST Request AdvSetLanip fromadvsetlanip buffer overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5839591369
accepted
311581PHPGurukul Employee Record Management System adminprofile.php sql injectionVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5838591365
accepted
311580PHPGurukul Employee Record Management System allemployees.php sql injectionVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5837591364
accepted
311579Tenda AC9 POST Request SetIPTVCfg formSetIptv command injectionVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5836591363
accepted
311353Tenda AC8 WifiExtraSet fromSetWirelessRepeat stack-based overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5799591270
accepted
311352Tenda AC8 SetSysTimeCfg fromSetSysTime stack-based overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5798591266
accepted
311351code-projects Laundry System insert_type.php cross site scriptingVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5797591315
accepted
311350code-projects Laundry System edit_type.php cross site scriptingVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5796591267
accepted
311349Tenda AC5 AdvSetLanip fromadvsetlanip buffer overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5795591224
accepted
311348Tenda AC5 setPptpUserList formSetPPTPUserList buffer overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5794591223
accepted
311340TOTOLINK EX1200T HTTP POST Request formPortFw buffer overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5793591222
accepted
311339TOTOLINK EX1200T HTTP POST Request formWlanRedirect buffer overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5792591220
accepted
311338TOTOLINK X15 HTTP POST Request formIpQoS buffer overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5790591219
accepted
311337TOTOLINK X15 HTTP POST Request formPortFw buffer overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5789591218
accepted
311336TOTOLINK X15 HTTP POST Request formReflashClientTbl buffer overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5788591217
accepted
311335TOTOLINK X15 HTTP POST Request formWsc buffer overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5787591212
accepted
311334TOTOLINK X15 HTTP POST Request formDMZ buffer overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5786591211
accepted
311333TOTOLINK X15 HTTP POST Request formWirelessTbl buffer overflowVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5785591210
accepted
311332PHPGurukul Employee Record Management System myexp.php sql injectionVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5784591205
accepted
311331PHPGurukul Employee Record Management System editmyexp.php sql injectionVulDBVulDB06/06/202506/06/202506/07/2025CVE-2025-5783591203
accepted
311330PHPGurukul Employee Record Management System resetpassword.php sql injectionVulDBVulDB06/06/202506/06/202506/09/2025CVE-2025-5782591202
accepted
311324code-projects Patient Record Management System view_dental.php sql injectionVulDBVulDB06/06/202506/06/202506/11/2025CVE-2025-5780591128
accepted
311323code-projects Patient Record Management System birthing.php sql injectionVulDBVulDB06/06/202506/06/202506/11/2025CVE-2025-5779591127
accepted
3113221000 Projects ABC Courier Management System adminSQL sql injectionVulDBVulDB06/06/202506/06/202506/09/2025CVE-2025-5778591110
accepted
311308code-projects Laundry System cross-site request forgeryVulDBVulDB06/05/202506/06/202506/11/2025CVE-2025-5766590851
accepted
311307code-projects Laundry System edit_laundry.php cross site scriptingVulDBVulDB06/05/202506/06/202506/11/2025CVE-2025-5765590809
accepted
311306code-projects Laundry System insert_laundry.php cross site scriptingVulDBVulDB06/05/202506/06/202506/11/2025CVE-2025-5764590800
accepted
311305Tenda CP3 apollo sub_F3C8C command injectionVulDBVulDB06/05/202506/06/202506/09/2025CVE-2025-5763590784
accepted
311304code-projects Patient Record Management System view_hematology.php sql injectionVulDBVulDB06/05/202506/06/202506/09/2025CVE-2025-5762590749
accepted
311303PHPGurukul BP Monitoring Management System edit-family-member.php sql injectionVulDBVulDB06/05/202506/06/202506/06/2025CVE-2025-5761590708
accepted
311302PHPGurukul Local Services Search Engine Management System edit-person-detail.php sql injectionVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5759590654
accepted
311301SourceCodester Open Source Clinic Management System doctor.php sql injectionVulDBVulDB06/05/202506/05/202506/07/2025CVE-2025-5758590651
accepted
311300code-projects Traffic Offense Reporting System save-reported.php cross site scriptingVulDBVulDB06/05/202506/05/202506/11/2025CVE-2025-5757590649
accepted
311299code-projects Real Estate Property Management System EditCity.php sql injectionVulDBVulDB06/05/202506/05/202506/11/2025CVE-2025-5756590641
accepted
311298SourceCodester Open Source Clinic Management System email_config.php sql injectionVulDBVulDB06/05/202506/05/202506/07/2025CVE-2025-5755590639
accepted
311265TOTOLINK X15 HTTP POST Request formSaveConfig buffer overflowVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5739590636
accepted
311264TOTOLINK X15 HTTP POST Request formStats buffer overflowVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5738590635
accepted
311263TOTOLINK X15 HTTP POST Request formDosCfg buffer overflowVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5737590621
accepted
311262TOTOLINK X15 HTTP POST Request formNtp buffer overflowVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5736590620
accepted
311261TOTOLINK X15 HTTP POST Request formSetLg buffer overflowVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5735590619
accepted
311260TOTOLINK X15 HTTP POST Request formWlanRedirect buffer overflowVulDBVulDB06/05/202506/05/202506/09/2025CVE-2025-5734590615
accepted
311259code-projects Traffic Offense Reporting System cross-site request forgeryVulDBVulDB06/05/202506/05/202506/09/2025CVE-2025-5732590598
accepted
311250code-projects Health Center Patient Record Management System birthing_record.php sql injectionVulDBVulDB06/05/202506/05/202506/25/2025CVE-2025-5729590590
accepted
311248SourceCodester Open Source Clinic Management System manage_website.php unrestricted uploadVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5728590578
accepted
311247SourceCodester Student Result Management System Announcement Page announcement cross site scriptingVulDBVulDB06/05/202506/11/2025CVE-2025-5727
 
accepted
311246SourceCodester Student Result Management System Division System Page division-system cross site scriptingVulDBVulDB06/05/202506/11/2025CVE-2025-5726
 
accepted
311245SourceCodester Student Result Management System Grading System Page grading-system cross site scriptingVulDBVulDB06/05/202506/09/2025CVE-2025-5725
 
accepted
311244SourceCodester Student Result Management System Subjects Page subjects cross site scriptingVulDBVulDB06/05/202506/09/2025CVE-2025-5724
 
accepted
311243SourceCodester Student Result Management System Classes Page classes cross site scriptingVulDBVulDB06/05/202506/06/2025CVE-2025-5723
 
accepted
311242SourceCodester Student Result Management System Add Academic Term terms cross site scriptingVulDBVulDB06/05/202506/06/2025CVE-2025-5722
 
accepted
311241SourceCodester Student Result Management System Profile Setting Page update_profile cross site scriptingVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5721590569
accepted
311238SourceCodester Open Source Clinic Management System login.php sql injectionVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5716590566
accepted
311236Signal App Biometric Authentication missing critical step in authenticationVulDBVulDB05/27/202506/05/202506/06/2025CVE-2025-5715585069
accepted
311235SoluçõesCoop iSoluçõesWEB Profile Information Update up.upload.php path traversalVulDBVulDB05/16/202506/05/202506/06/2025CVE-2025-5714579509
accepted
311234SoluçõesCoop iSoluçõesWEB Flow fluxos-dashboard cross site scriptingVulDBVulDB05/16/202506/05/202506/06/2025CVE-2025-5713579504
accepted
311233SourceCodester Open Source Clinic Management System appointment.php sql injectionVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5712590530
accepted
311232code-projects Real Estate Property Management System InsertCity.php sql injectionVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5711590522
accepted
311231code-projects Real Estate Property Management System InsertState.php sql injectionVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5710590505
accepted
311230code-projects Real Estate Property Management System InsertCategory.php sql injectionVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5709590501
accepted
311229code-projects Real Estate Property Management System NewsReport.php sql injectionVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5708590495
accepted
311228PHPGurukul Human Metapneumovirus Testing Management System registered-user-testing.php sql injectionVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5707590473
accepted
311227PHPGurukul Human Metapneumovirus Testing Management System new-user-testing.php sql injectionVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5706590461
accepted
311226code-projects Real Estate Property Management System Property.php sql injectionVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5705590432
accepted
311225code-projects Real Estate Property Management System User.php sql injectionVulDBVulDB06/05/202506/05/202506/06/2025CVE-2025-5704590429
accepted
311214Brilliance Golden Link Secondary System logSelect.htm sql injectionVulDBVulDB06/01/202506/04/202506/06/2025CVE-2025-5698588324
accepted
311213Brilliance Golden Link Secondary System tcCustDeferPosiQuery.htm sql injectionVulDBVulDB06/01/202506/04/202506/06/2025CVE-2025-5697588323
accepted
311212Brilliance Golden Link Secondary System rentChangeCheckInfoPage.htm sql injectionVulDBVulDB06/01/202506/04/202506/06/2025CVE-2025-5696588316
accepted
311211FLIR AX8 Backend subscriptions.php subscribe_to_alarm command injectionVulDBVulDB05/28/202506/04/202506/06/2025CVE-2025-5695585715
accepted
311210PHPGurukul Human Metapneumovirus Testing Management System search-report-result.php sql injectionVulDBVulDB06/04/202506/04/202506/06/2025CVE-2025-5694590184
accepted
311209PHPGurukul Human Metapneumovirus Testing Management System bwdates-report-result.php sql injectionVulDBVulDB06/04/202506/04/202506/06/2025CVE-2025-5693590183
accepted
311169Tenda CH22 Natlimit formNatlimit stack-based overflowVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5685590153
accepted
311167Shenzhen Dashi Tongzhou Information Technology AgileBPM Groovy Script SysScriptController.java executeScript deserializationVulDBVulDB05/27/202506/04/202506/06/2025CVE-2025-5680585108
accepted
311166Shenzhen Dashi Tongzhou Information Technology AgileBPM SysToolsController.java parseStrByFreeMarker deserializationVulDBVulDB05/27/202506/04/202506/06/2025CVE-2025-5679585127
accepted
311165Campcodes Online Recruitment Management System ajax.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5677590135
accepted
311164Campcodes Online Recruitment Management System ajax.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5676590134
accepted
311163Campcodes Online Teacher Record Management System bwdates-reports-details.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5675590124
accepted
311162code-projects Patient Record Management System urinalysis_form.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5674590120
accepted
311161TOTOLINK N302R Plus HTTP POST Request formFilter buffer overflowVulDBVulDB06/04/202506/04/202506/06/2025CVE-2025-5672590094
accepted
311160TOTOLINK N302R Plus HTTP POST Request formPortFw buffer overflowVulDBVulDB06/04/202506/04/202506/06/2025CVE-2025-5671590093
accepted
311159PHPGurukul Medical Card Generation System manage-card.php sql injectionVulDBVulDB06/04/202506/04/202506/07/2025CVE-2025-5670590066
accepted
311158PHPGurukul Medical Card Generation System unreadenq.php sql injectionVulDBVulDB06/04/202506/04/202506/07/2025CVE-2025-5669590065
accepted
311157PHPGurukul Medical Card Generation System readenq.php sql injectionVulDBVulDB06/04/202506/04/202506/07/2025CVE-2025-5668590064
accepted
311156FreeFloat FTP Server REIN Command buffer overflowVulDBVulDB05/29/202506/04/202506/25/2025CVE-2025-5667587026
accepted
311155FreeFloat FTP Server XMKD Command buffer overflowVulDBVulDB05/29/202506/04/202506/25/2025CVE-2025-5666587025
accepted
311154FreeFloat FTP Server XCWD Command buffer overflowVulDBVulDB05/29/202506/04/202506/25/2025CVE-2025-5665587024
accepted
311153FreeFloat FTP Server RESTART Command buffer overflowVulDBVulDB05/29/202506/04/202506/25/2025CVE-2025-5664587021
accepted
311152PHPGurukul Auto Taxi Stand Management System search-autoortaxi.php sql injectionVulDBVulDB06/04/202506/04/202506/07/2025CVE-2025-5663590055
accepted
311151code-projects Traffic Offense Reporting System Setting save-settings.php cross site scriptingVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5661590020
accepted
311150PHPGurukul Complaint Management System register-complaint.php sql injectionVulDBVulDB06/04/202506/04/202506/07/2025CVE-2025-5660589981
accepted
311149PHPGurukul Complaint Management System profile.php sql injectionVulDBVulDB06/04/202506/04/202506/07/2025CVE-2025-5659589980
accepted
311148PHPGurukul Complaint Management System updatecomplaint.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5658589979
accepted
311147PHPGurukul Complaint Management System manage-users.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5657589968
accepted
311146PHPGurukul Complaint Management System edit-category.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5656589967
accepted
311145PHPGurukul Complaint Management System edit-subcategory.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5655589966
accepted
311144PHPGurukul Complaint Management System edit-state.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5654589965
accepted
311143PHPGurukul Complaint Management System between-date-userreport.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5653589964
accepted
311142PHPGurukul Complaint Management System between-date-complaintreport.php sql injectionVulDBVulDB06/04/202506/04/202506/07/2025CVE-2025-5652589963
accepted
311141code-projects Traffic Offense Reporting System saveuser.php cross site scriptingVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5651589962
accepted
3111401000projects Online Notice Board register.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5650589819
accepted
311139SourceCodester Student Result Management System Register Interface new_user access controlVulDBVulDB06/03/202506/04/202506/11/2025CVE-2025-5649589458
accepted
311136Radare2 radiff2 pal.c r_cons_pal_init memory corruption [Disputed]VulDBVulDB05/29/202506/04/202506/05/2025CVE-2025-5648586929
accepted
311135Radare2 radiff2 cons.c r_cons_context_break_pop memory corruption [Disputed]VulDBVulDB05/29/202506/04/202506/23/2025CVE-2025-5647586928
accepted
311134Radare2 radiff2 pal.c r_cons_rainbow_free memory corruption [Disputed]VulDBVulDB05/29/202506/04/202506/23/2025CVE-2025-5646586923
accepted
311133Radare2 radiff2 pal.c r_cons_pal_init memory corruption [Disputed]VulDBVulDB05/29/202506/04/202506/23/2025CVE-2025-5645586922
accepted
311132Radare2 radiff2 cons.c r_cons_flush use after free [Disputed]VulDBVulDB05/29/202506/04/202506/23/2025CVE-2025-5644586921
accepted
311131Radare2 radiff2 cons.c cons_stack_load memory corruption [Disputed]VulDBVulDB05/29/202506/04/202506/23/2025CVE-2025-5643586912
accepted
311130Radare2 radiff2 pal.c r_cons_pal_init memory corruption [Disputed]VulDBVulDB05/29/202506/04/202506/23/2025CVE-2025-5642586910
accepted
311129Radare2 radiff2 cons.c r_cons_is_breaked memory corruption [Disputed]VulDBVulDB05/29/202506/04/202506/23/2025CVE-2025-5641586909
accepted
311127PX4-Autopilot TRAJECTORY_REPRESENTATION_WAYPOINTS Message mavlink_receiver.cpp stack-based overflowVulDBVulDB05/26/202506/04/202506/27/2025CVE-2025-5640584889
accepted
311126PHPGurukul Notice Board System forgot-password.php sql injectionVulDBVulDB06/04/202506/04/202506/07/2025CVE-2025-5639589812
accepted
311125PHPGurukul Notice Board System admin-profile.php sql injectionVulDBVulDB06/04/202506/04/202506/07/2025CVE-2025-5638589811
accepted
311124PCMan FTP Server SYSTEM Command buffer overflowVulDBVulDB05/29/202506/04/202506/25/2025CVE-2025-5637587064
accepted
311123PCMan FTP Server SET Command buffer overflowVulDBVulDB05/29/202506/04/202506/25/2025CVE-2025-5636587059
accepted
311122PCMan FTP Server PLS Command buffer overflowVulDBVulDB05/29/202506/04/202506/05/2025CVE-2025-5635587057
accepted
311121PCMan FTP Server NOOP Command buffer overflowVulDBVulDB05/29/202506/04/202506/25/2025CVE-2025-5634587048
accepted
311120code-projects/anirbandutta9 Content Management System/News-Buzz users.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5633589783
accepted
311119code-projects/anirbandutta9 Content Management System/News-Buzz users.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5632589781
accepted
311118code-projects/anirbandutta9 Content Management System/News-Buzz publicposts.php sql injectionVulDBVulDB06/04/202506/04/202506/11/2025CVE-2025-5631589780
accepted
311116D-Link DIR-816 form2lansetup.cgi stack-based overflowVulDBVulDB06/04/202506/04/202506/06/2025CVE-2025-5630589779
accepted
311115Tenda AC10 HTTP SetPptpServerCfg formSetPPTPServer buffer overflowVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5629589424
accepted
311114SourceCodester Food Menu Manager Add Menu index.php cross site scriptingVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5628589365
accepted
311113code-projects Patient Record Management System sputum_form.php sql injectionVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5627589364
accepted
311112Campcodes Online Teacher Record Management System edit-subjects-detail.php sql injectionVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5626589309
accepted
311111Campcodes Online Teacher Record Management System search-teacher.php sql injectionVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5625589279
accepted
311110D-Link DIR-816 QoSPortSetup stack-based overflowVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5624589226
accepted
311109D-Link DIR-816 qosClassifier stack-based overflowVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5623589224
accepted
311108D-Link DIR-816 wirelessApcli_5g stack-based overflowVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5622589222
accepted
311107D-Link DIR-816 qosClassifier os command injectionVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5621589221
accepted
311106D-Link DIR-816 setipsec_config os command injectionVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5620589220
accepted
311105Tenda CH22 addUserName formaddUserName stack-based overflowVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5619589179
accepted
311104PHPGurukul Online Fire Reporting System edit-team.php sql injectionVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5618589117
accepted
311103PHPGurukul Online Fire Reporting System manage-teams.php sql injectionVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5617589113
accepted
311102PHPGurukul Online Fire Reporting System profile.php sql injectionVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5616589109
accepted
311101PHPGurukul Online Fire Reporting System details.php sql injectionVulDBVulDB06/03/202506/04/202506/11/2025CVE-2025-5615589108
accepted
311100PHPGurukul Online Fire Reporting System search-report-result.php sql injectionVulDBVulDB06/03/202506/04/202506/11/2025CVE-2025-5614589107
accepted
311099PHPGurukul Online Fire Reporting System request-details.php sql injectionVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5613589106
accepted
311098PHPGurukul Online Fire Reporting System reporting.php sql injectionVulDBVulDB06/03/202506/04/202506/06/2025CVE-2025-5612589105
accepted
311097CodeAstro Real Estate Management System submitpropertyupdate.php sql injectionVulDBVulDB06/03/202506/04/202506/11/2025CVE-2025-5611589103
accepted
311096CodeAstro Real Estate Management System submitpropertydelete.php sql injectionVulDBVulDB06/03/202506/04/202506/11/2025CVE-2025-5610589102
accepted
311095Tenda AC18 AdvSetLanip fromadvsetlanip buffer overflowVulDBVulDB06/02/202506/04/202506/04/2025CVE-2025-5609588936
accepted
311094Tenda AC18 SetSysAutoRebbotCfg formsetreboottimer buffer overflowVulDBVulDB06/02/202506/04/202506/04/2025CVE-2025-5608588935
accepted
311093Tenda AC18 setPptpUserList formSetPPTPUserList buffer overflowVulDBVulDB06/02/202506/04/202506/04/2025CVE-2025-5607588934
accepted
311092Tenda AC18 SetIPTVCfg formSetIptv command injectionVulDBVulDB06/02/202506/04/202506/11/2025CVE-2025-5606588933
accepted
311090Campcodes Hospital Management System user-login.php sql injectionVulDBVulDB06/02/202506/04/202506/11/2025CVE-2025-5604588844
accepted
311089Campcodes Hospital Management System registration.php sql injectionVulDBVulDB06/02/202506/04/202506/11/2025CVE-2025-5603588843
accepted
311088Campcodes Hospital Management System registration.php sql injectionVulDBVulDB06/02/202506/04/202506/11/2025CVE-2025-5602588842
accepted
311087TOTOLINK EX1200T cstecgi.cgi setLanguageCfg stack-based overflowVulDBVulDB05/31/202506/04/202506/06/2025CVE-2025-5600588075
accepted
311086PHPGurukul Student Result Management System editmyexp.php sql injectionVulDBVulDB05/31/202506/04/202506/06/2025CVE-2025-5599587960
accepted
311082FreeFloat FTP Server REGET Command buffer overflowVulDBVulDB05/29/202506/04/202506/25/2025CVE-2025-5596587019
accepted
311081FreeFloat FTP Server PROGRESS Command buffer overflowVulDBVulDB05/29/202506/04/202506/25/2025CVE-2025-5595587018
accepted
311080FreeFloat FTP Server SET Command buffer overflowVulDBVulDB05/29/202506/04/202506/13/2025CVE-2025-5594587009
accepted
311079FreeFloat FTP Server HOST Command buffer overflowVulDBVulDB05/29/202506/04/202506/13/2025CVE-2025-5593587000
accepted
311078FreeFloat FTP Server PASSIVE Command buffer overflowVulDBVulDB05/29/202506/04/202506/04/2025CVE-2025-5592586990
accepted
311046PHPGurukul Hospital Management System POST Parameter edit-patient.php cross site scriptingVulDBVulDB06/02/202506/03/202506/11/2025CVE-2025-5584588828
accepted
311040CodeAstro Real Estate Management System register.php sql injectionVulDBVulDB06/02/202506/03/202506/04/2025CVE-2025-5583588822
accepted
311039CodeAstro Real Estate Management System profile.php sql injectionVulDBVulDB06/02/202506/03/202506/04/2025CVE-2025-5582588821
accepted
311038CodeAstro Real Estate Management System index.php sql injectionVulDBVulDB06/02/202506/03/202506/04/2025CVE-2025-5581588820
accepted
311037CodeAstro Real Estate Management System login.php sql injectionVulDBVulDB06/02/202506/03/202506/04/2025CVE-2025-5580588811
accepted
311036PHPGurukul Dairy Farm Shop Management System search-product.php sql injectionVulDBVulDB06/02/202506/03/202506/04/2025CVE-2025-5579588804
accepted
311035PHPGurukul Dairy Farm Shop Management System sales-report-details.php sql injectionVulDBVulDB06/02/202506/03/202506/04/2025CVE-2025-5578588800
accepted
311034PHPGurukul Dairy Farm Shop Management System profile.php sql injectionVulDBVulDB06/02/202506/03/202506/04/2025CVE-2025-5577588799
accepted
311033PHPGurukul Dairy Farm Shop Management System bwdate-report-details.php sql injectionVulDBVulDB06/02/202506/03/202506/04/2025CVE-2025-5576588789
accepted
311032PHPGurukul Dairy Farm Shop Management System add-product.php sql injectionVulDBVulDB06/02/202506/03/202506/04/2025CVE-2025-5575588785
accepted
311031PHPGurukul Dairy Farm Shop Management System add-company.php sql injectionVulDBVulDB06/02/202506/03/202506/11/2025CVE-2025-5574588778
accepted
311030D-Link DCS-932L setSystemWizard setSystemControl os command injectionVulDBVulDB06/02/202506/03/202506/06/2025CVE-2025-5573588467
accepted
311029D-Link DCS-932L setSystemEmail stack-based overflowVulDBVulDB06/02/202506/03/202506/06/2025CVE-2025-5572588466
accepted
311028D-Link DCS-932L setSystemAdmin os command injectionVulDBVulDB06/02/202506/03/202506/04/2025CVE-2025-5571588465
accepted
311027IdeaCMS getList.html Goods sql injectionVulDBVulDB06/01/202506/03/202506/04/2025CVE-2025-5569588372
accepted
311013PHPGurukul Notice Board System search-notice.php sql injectionVulDBVulDB05/30/202506/03/202506/11/2025CVE-2025-5566587623
accepted
311012PHPGurukul Curfew e-Pass Management System edit-category-detail.php sql injectionVulDBVulDB05/30/202506/03/202506/11/2025CVE-2025-5562587544
accepted
311011PHPGurukul Curfew e-Pass Management System view-pass-detail.php sql injectionVulDBVulDB05/30/202506/03/202506/11/2025CVE-2025-5561587543
accepted
311010PHPGurukul Curfew e-Pass Management System index.php sql injectionVulDBVulDB05/30/202506/03/202506/11/2025CVE-2025-5560587542
accepted
311009PHPGurukul Teacher Subject Allocation Management System changeimage.php sql injectionVulDBVulDB05/30/202506/03/202506/11/2025CVE-2025-5558587476
accepted
311008PHPGurukul Teacher Subject Allocation Management System edit-course.php sql injectionVulDBVulDB05/30/202506/03/202506/11/2025CVE-2025-5557587475
accepted
311007PHPGurukul Teacher Subject Allocation Management System edit-teacher-info.php sql injectionVulDBVulDB05/30/202506/03/202506/11/2025CVE-2025-5556587474
accepted
311006PHPGurukul Rail Pass Management System pass-bwdates-reports-details.php sql injectionVulDBVulDB05/30/202506/03/202506/11/2025CVE-2025-5554587417
accepted
311005PHPGurukul Rail Pass Management System download-pass.php sql injectionVulDBVulDB05/30/202506/03/202506/11/2025CVE-2025-5553587416
accepted
311002ChestnutCMS API Endpoint exec deserializationVulDBVulDB05/30/202506/03/202506/04/2025CVE-2025-5552587199
accepted
311001FreeFloat FTP Server SYSTEM Command buffer overflowVulDBVulDB05/29/202506/03/202506/24/2025CVE-2025-5551586988
accepted
311000FreeFloat FTP Server PBSZ Command buffer overflowVulDBVulDB05/29/202506/03/202506/24/2025CVE-2025-5550586987
accepted
310999FreeFloat FTP Server PASV Command buffer overflowVulDBVulDB05/29/202506/03/202506/24/2025CVE-2025-5549586983
accepted
310998FreeFloat FTP Server NOOP Command buffer overflowVulDBVulDB05/29/202506/03/202506/24/2025CVE-2025-5548586982
accepted
310997FreeFloat FTP Server CDUP Command buffer overflowVulDBVulDB05/29/202506/03/202506/24/2025CVE-2025-5547586981
accepted
310996PHPGurukul Daily Expense Tracker System expense-reports-detailed.php sql injectionVulDBVulDB05/29/202506/03/202506/11/2025CVE-2025-5546586916
accepted
310995aaluoxiang oa_system ProcedureController.java image path traversalVulDBVulDB05/28/202506/03/202506/04/2025CVE-2025-5545585885
accepted
310994aaluoxiang oa_system UserpanelController.java image path traversalVulDBVulDB05/28/202506/03/202506/04/2025CVE-2025-5544585884
accepted
310993TOTOLINK X2000R Parent Controls Page cross site scriptingVulDBVulDB05/28/202506/03/202506/06/2025CVE-2025-5543585728
accepted
310992TOTOLINK X2000R Virtual Server Page formPortFw cross site scriptingVulDBVulDB05/28/202506/03/202506/06/2025CVE-2025-5542585726
accepted
310967Tenda RX3 SetStaticRouteCfg save_staticroute_data stack-based overflowVulDBVulDB05/29/202506/03/202506/04/2025CVE-2025-5527586781
accepted
310966Jrohy trojan linux.go LogChan os command injectionVulDBVulDB05/29/202506/03/202506/06/2025CVE-2025-5525586673
accepted
310959enilu web-flash File Upload upload fileService.upload cross site scriptingVulDBVulDB05/27/202506/03/202506/04/2025CVE-2025-5523585342
accepted
310958jack0240 魏 bskms 蓝天幼儿园管理系统 User Creation addUser improper authorizationVulDBVulDB05/26/202506/03/202506/04/2025CVE-2025-5522584986
accepted
310957WuKongOpenSource WukongCRM updataPassword cross-site request forgeryVulDBVulDB05/26/202506/03/202506/04/2025CVE-2025-5521584636
accepted
310956Open5GS AMF/MME emm_state_authentication assertionVulDBVulDB05/21/202506/03/202506/04/2025CVE-2025-5520582269
accepted
310953TOTOLINK X2000R URL Filtering Page formFilter cross site scriptingVulDBVulDB05/26/202506/03/202506/06/2025CVE-2025-5516584661
accepted
310952TOTOLINK X2000R formMapDel command injectionVulDBVulDB05/26/202506/03/202506/03/2025CVE-2025-5515584653
accepted
310927quequnlong shiyi-blog add cross site scriptingVulDBVulDB05/25/202506/03/202506/03/2025CVE-2025-5513584492
accepted
310926quequnlong shiyi-blog Administrator Backend verifyPassword improper authenticationVulDBVulDB05/25/202506/03/202506/03/2025CVE-2025-5512584491
accepted
310925quequnlong shiyi-blog photos improper authorizationVulDBVulDB05/25/202506/03/202506/03/2025CVE-2025-5511584490
accepted
310924quequnlong shiyi-blog optimize server-side request forgeryVulDBVulDB05/25/202506/03/202506/03/2025CVE-2025-5510584489
accepted
310923quequnlong shiyi-blog upload path traversalVulDBVulDB05/25/202506/03/202506/04/2025CVE-2025-5509584488
accepted
310922TOTOLINK A3002RU IP Port Filtering Page cross site scriptingVulDBVulDB05/26/202506/03/202506/06/2025CVE-2025-5508584671
accepted
310921TOTOLINK A3002RU MAC Filtering Page cross site scriptingVulDBVulDB05/26/202506/03/202506/03/2025CVE-2025-5507584664
accepted
310920TOTOLINK A3002RU NAT Mapping Page cross site scriptingVulDBVulDB05/26/202506/03/202506/03/2025CVE-2025-5506584663
accepted
310919TOTOLINK A3002RU Virtual Server Page formPortFw cross site scriptingVulDBVulDB05/26/202506/03/202506/03/2025CVE-2025-5505584662
accepted
310918TOTOLINK X2000R formWsc command injectionVulDBVulDB05/26/202506/03/202506/03/2025CVE-2025-5504584660
accepted
310917TOTOLINK X15 formMapReboot stack-based overflowVulDBVulDB06/03/202506/03/2025CVE-2025-5503
 
accepted
310916TOTOLINK X15 formMapReboot command injectionVulDBVulDB05/23/202506/03/202506/06/2025CVE-2025-5502583562
accepted
310915Open5GS NGAP PathSwitchRequest Message ngap-handler.c ngap_handle_path_switch_request_transfer assertionVulDBVulDB05/21/202506/03/202506/13/2025CVE-2025-5501582265
accepted
310914slackero phpwcms image_resized.php getimagesize deserializationVulDBVulDB05/15/202506/03/202506/03/2025CVE-2025-5499578082
accepted
310913slackero phpwcms Custom Source Tab cnt21.readform.inc.php is_file deserializationVulDBVulDB05/15/202506/03/202506/03/2025CVE-2025-5498578054
accepted
310912slackero phpwcms Feedimport Module processing.inc.php deserializationVulDBVulDB05/15/202506/03/202506/13/2025CVE-2025-5497577999
accepted
310911Netgear WNR614 URL improper authenticationVulDBVulDB05/26/202506/03/202506/03/2025CVE-2025-5495584939
accepted
310910Baison Channel Middleware Product ToJsonByControlName sql injectionVulDBVulDB05/29/202506/03/202506/03/2025CVE-2025-5493586972
accepted
310909D-Link DI-500WF-WT /usr/sbin/jhttpd msp_info.htm sub_456DE8 command injectionVulDBVulDB05/11/202506/03/202506/03/2025CVE-2025-5492575244
accepted
310786Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 ssid1MACFilter os command injectionVulDBVulDB05/25/202506/01/202506/02/2025CVE-2025-5447584369
accepted
310785Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_checkCredentialsByBBS os command injectionVulDBVulDB05/25/202506/01/202506/25/2025CVE-2025-5446584368
accepted
310784Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_checkFWByBBS os command injectionVulDBVulDB05/25/202506/01/202506/11/2025CVE-2025-5445584367
accepted
310783Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_UpgradeFWByBBS os command injectionVulDBVulDB05/25/202506/01/202506/11/2025CVE-2025-5444584366
accepted
310782Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 wirelessAdvancedHidden os command injectionVulDBVulDB05/25/202506/01/202506/11/2025CVE-2025-5443584365
accepted
310781Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 RP_pingGatewayByBBS os command injectionVulDBVulDB05/25/202506/01/202506/25/2025CVE-2025-5442584364
accepted
310780Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 setDeviceURL os command injectionVulDBVulDB05/25/202506/01/202506/25/2025CVE-2025-5441584363
accepted
310779Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 NTP os command injectionVulDBVulDB05/25/202506/01/202506/02/2025CVE-2025-5440584362
accepted
310778Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 verifyFacebookLike os command injectionVulDBVulDB05/25/202506/01/202506/02/2025CVE-2025-5439584361
accepted
310777Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 WPS command injectionVulDBVulDB05/25/202506/01/202506/02/2025CVE-2025-5438584360
accepted
310770Multilaser Sirius RE016 Password Change cstecgi.cgi improper authenticationVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5437584325
accepted
310769Multilaser Sirius RE016 cstecgi.cgi information disclosureVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5436584324
accepted
310768Marwal Infotech CMS page.php sql injectionVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5435584262
accepted
310767Aem Solutions CMS page.php sql injectionVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5434584261
accepted
310766Fengoffice Feng Office index.php sql injectionVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5433584259
accepted
310765AssamLook CMS view_tender.php sql injectionVulDBVulDB06/01/202506/16/2025CVE-2025-5432
 
accepted
310764AssamLook CMS department-profile.php sql injectionVulDBVulDB06/01/202506/02/2025CVE-2025-5431
 
accepted
310763AssamLook CMS product.php sql injectionVulDBVulDB05/24/202506/01/202506/16/2025CVE-2025-5430584257
accepted
310762juzaweb CMS Plugins Page install access controlVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5429584057
accepted
310761juzaweb CMS Error Logs Page log-viewer access controlVulDBVulDB05/24/202506/01/202506/16/2025CVE-2025-5428584056
accepted
310760juzaweb CMS Permalinks Page permalinks access controlVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5427584055
accepted
310759juzaweb CMS Menu Page menus access controlVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5426584054
accepted
310758juzaweb CMS Theme Editor Page default access controlVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5425584053
accepted
310757juzaweb CMS Media Page media access controlVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5424584052
accepted
310756juzaweb CMS General Setting Page general access controlVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5423584051
accepted
310755juzaweb CMS Email Logs Page email access controlVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5422584050
accepted
310754juzaweb CMS Plugin Editor Page editor access controlVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5421584049
accepted
310753juzaweb CMS Profile Page upload cross site scriptingVulDBVulDB05/24/202506/01/202506/02/2025CVE-2025-5420584048
accepted
310752Mist Community Edition Authentication Endpoint views.py login cross site scriptingVulDBVulDB05/23/202505/31/202506/02/2025CVE-2025-5412583534
accepted
310751Mist Community Edition views.py tag_resources cross site scriptingVulDBVulDB05/23/202505/31/202506/02/2025CVE-2025-5411583533
accepted
310750Mist Community Edition middleware.py session_start_response cross-site request forgeryVulDBVulDB05/23/202505/31/202506/02/2025CVE-2025-5410583532
accepted
310749Mist Community Edition API Token views.py create_token access controlVulDBVulDB05/23/202505/31/202506/02/2025CVE-2025-5409583531
accepted
310748WAVLINK WL-WN576K1 HTTP POST Request login.cgi sys_login buffer overflowVulDBVulDB05/23/202505/31/202506/02/2025CVE-2025-5408583486
accepted
310747chaitak-gorai Blogbook register_script.php cross site scriptingVulDBVulDB05/23/202505/31/202506/03/2025CVE-2025-5407583432
accepted
310746chaitak-gorai Blogbook posts.php unrestricted uploadVulDBVulDB05/23/202505/31/202506/03/2025CVE-2025-5406583427
accepted
310745chaitak-gorai Blogbook post.php cross site scriptingVulDBVulDB05/22/202505/31/202506/03/2025CVE-2025-5405582925
accepted
310744chaitak-gorai Blogbook GET Parameter search.php denial of serviceVulDBVulDB05/22/202505/31/202506/03/2025CVE-2025-5404582915
accepted
310743chaitak-gorai Blogbook GET Parameter view_all_posts.php sql injectionVulDBVulDB05/22/202505/31/202506/03/2025CVE-2025-5403582910
accepted
310742chaitak-gorai Blogbook GET Parameter edit_post.php sql injectionVulDBVulDB05/22/202505/31/202506/03/2025CVE-2025-5402582904
accepted
310741chaitak-gorai Blogbook GET Parameter post.php sql injectionVulDBVulDB05/22/202505/31/202506/03/2025CVE-2025-5401582874
accepted
310740chaitak-gorai Blogbook GET Parameter user.php sql injectionVulDBVulDB05/22/202505/31/202506/03/2025CVE-2025-5400582865
accepted
310683JeeWMS File filedeal.do filedeal access controlVulDBVulDB05/30/202506/03/2025CVE-2025-5390
 
accepted
310682JeeWMS File generateController.do dogenerateOne2Many access controlVulDBVulDB05/30/202506/03/2025CVE-2025-5389
 
accepted
310681JeeWMS generateController.do dogenerate sql injectionVulDBVulDB05/30/202506/03/2025CVE-2025-5388
 
accepted
310680JeeWMS File generateController.do dogenerate access controlVulDBVulDB05/30/202506/03/2025CVE-2025-5387
 
accepted
310679JeeWMS cgformTransController.do transEditor sql injectionVulDBVulDB05/30/202506/03/2025CVE-2025-5386
 
accepted
310678JeeWMS cgformTemplateController.do doAdd path traversalVulDBVulDB05/30/202506/03/2025CVE-2025-5385
 
accepted
310677JeeWMS cgAutoListController.do CgAutoListController sql injectionVulDBVulDB05/30/202506/03/2025CVE-2025-5384
 
accepted
310676Yifang CMS Article Management Module cross site scriptingVulDBVulDB05/30/202506/03/2025CVE-2025-5383
 
accepted
310674Yifang CMS Admin Panel downloadFile path traversalVulDBVulDB05/30/202506/03/2025CVE-2025-5381
 
accepted
310673ashinigit 天青一白 XueShengZhuSu 学生住宿管理系统 Image File Upload upload path traversalVulDBVulDB05/22/202505/30/202506/03/2025CVE-2025-5380583119
accepted
310672NuCom NC-WR744G Console Application hard-coded credentialsVulDBVulDB05/22/202505/30/202506/03/2025CVE-2025-5379582868
accepted
310671Astun Technology iShare Maps mycouncil2.aspx cross site scriptingVulDBVulDB05/22/202505/30/202506/03/2025CVE-2025-5378582841
accepted
310670Astun Technology iShare Maps historic1.asp cross site scriptingVulDBVulDB05/22/202505/30/202506/03/2025CVE-2025-5377582835
accepted
310669SourceCodester Health Center Patient Record Management System patient.php sql injectionVulDBVulDB05/30/202505/30/202506/03/2025CVE-2025-5376587405
accepted
310668PHPGurukul HPGurukul Online Birth Certificate System registered-users.php sql injectionVulDBVulDB05/30/202505/30/202506/03/2025CVE-2025-5375587394
accepted
310667PHPGurukul Online Birth Certificate System all-applications.php sql injectionVulDBVulDB05/30/202505/30/202506/03/2025CVE-2025-5374587393
accepted
310666PHPGurukul Online Birth Certificate System users-applications.php sql injectionVulDBVulDB05/30/202505/30/202506/03/2025CVE-2025-5373587392
accepted
310664SourceCodester Health Center Patient Record Management System admin.php sql injectionVulDBVulDB05/30/202505/30/202506/03/2025CVE-2025-5371587382
accepted
310663PHPGurukul News Portal forgot-password.php sql injectionVulDBVulDB05/30/202505/30/202506/03/2025CVE-2025-5370587365
accepted
310662SourceCodester PHP Display Username After Login login.php sql injectionVulDBVulDB05/30/202505/30/202506/03/2025CVE-2025-5369587234
accepted
310661PHPGurukul Daily Expense Tracker System expense-yearwise-reports-detailed.php sql injectionVulDBVulDB05/29/202505/30/202506/03/2025CVE-2025-5368586911
accepted
310660PHPGurukul Online Shopping Portal Project category.php sql injectionVulDBVulDB05/29/202505/30/202506/03/2025CVE-2025-5367586814
accepted
310659Campcodes Online Hospital Management System patient-search.php sql injectionVulDBVulDB05/29/202505/30/202506/02/2025CVE-2025-5365586700
accepted
310658Campcodes Online Hospital Management System add-patient.php sql injectionVulDBVulDB05/29/202505/30/202506/02/2025CVE-2025-5364586699
accepted
310657Campcodes Online Hospital Management System index.php sql injectionVulDBVulDB05/29/202505/30/202506/02/2025CVE-2025-5363586698
accepted
310656Campcodes Online Hospital Management System doctor-specilization.php sql injectionVulDBVulDB05/29/202505/30/202506/02/2025CVE-2025-5362586596
accepted
310655Campcodes Online Hospital Management System contact.php sql injectionVulDBVulDB05/29/202505/30/202506/02/2025CVE-2025-5361586592
accepted
310654Campcodes Online Hospital Management System book-appointment.php sql injectionVulDBVulDB05/29/202505/30/202506/02/2025CVE-2025-5360586591
accepted
310653Campcodes Online Hospital Management System appointment-history.php sql injectionVulDBVulDB05/29/202505/30/202506/11/2025CVE-2025-5359586590
accepted
310652PHPGurukul/Campcodes Cyber Cafe Management System bwdates-reports-details.php sql injectionVulDBVulDB05/29/202505/30/202506/11/2025CVE-2025-5358586569
accepted
310651FreeFloat FTP Server PWD Command buffer overflowVulDBVulDB05/28/202505/30/202506/16/2025CVE-2025-5357585641
accepted
310650FreeFloat FTP Server BYE Command buffer overflowVulDBVulDB05/28/202505/30/202506/24/2025CVE-2025-5356585639
accepted
3105051000 Projects Online Notice Board index.php sql injectionVulDBVulDB05/29/202505/29/202505/30/2025CVE-2025-5332586566
accepted
310504PCMan FTP Server NLST Command buffer overflowVulDBVulDB05/27/202505/29/202506/23/2025CVE-2025-5331585404
accepted
310503FreeFloat FTP Server RETR Command buffer overflowVulDBVulDB05/27/202505/29/202506/23/2025CVE-2025-5330585402
accepted
310498chshcms mccms Backups.php restore_del path traversalVulDBVulDB05/21/202505/29/202506/11/2025CVE-2025-5328582297
accepted
310497chshcms mccms Gf.php index server-side request forgeryVulDBVulDB05/21/202505/29/202506/11/2025CVE-2025-5327582295
accepted
310496zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 verifyToken deserializationVulDBVulDB05/20/202505/29/202505/30/2025CVE-2025-5326581277
accepted
310495zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 testService special elements used in a template engineVulDBVulDB05/20/202505/29/202505/30/2025CVE-2025-5325581275
accepted
310494TechPowerUp GPU-Z 0x8000645C IOCTL GPU-Z.sys sub_140001880 memory leakVulDBVulDB05/19/202505/29/202505/29/2025CVE-2025-5324580513
accepted
310493fossasia open-event-server Mail Verification mail.py send_email_change_user_email reliance on obfuscation or encryption of security-relevant inputs without integrity checkingVulDBVulDB05/18/202505/29/202505/30/2025CVE-2025-5323580256
accepted
310492aimhubio aim run_view Object query.py RestrictedPythonQuery sandboxVulDBVulDB05/18/202505/29/202506/01/2025CVE-2025-5321580253
accepted
310491gradio-app gradio CORS is_valid_origin origin validationVulDBVulDB05/18/202505/29/202506/01/2025CVE-2025-5320580250
accepted
310426SourceCodester Client Database Management System user_order_customer_update.php unrestricted uploadVulDBVulDB05/28/202505/28/202506/10/2025CVE-2025-5299585732
accepted
310422Campcodes Online Hospital Management System betweendates-detailsreports.php sql injectionVulDBVulDB05/27/202505/28/202505/31/2025CVE-2025-5298585161
accepted
310421SourceCodester Computer Store System main.c Add stack-based overflowVulDBVulDB05/27/202505/28/202506/10/2025CVE-2025-5297585114
accepted
310420FreeFloat FTP Server PORT Command buffer overflowVulDBVulDB05/22/202505/28/202506/24/2025CVE-2025-5295582988
accepted
310354PHPGurukul News Portal Project edit-subadmin.php sql injectionVulDBVulDB05/26/202505/27/202505/27/2025CVE-2025-5252584923
accepted
310353PHPGurukul News Portal Project edit-subcategory.php sql injectionVulDBVulDB05/26/202505/27/202506/10/2025CVE-2025-5251584922
accepted
310352PHPGurukul News Portal Project edit-category.php sql injectionVulDBVulDB05/26/202505/27/202506/10/2025CVE-2025-5250584911
accepted
310351PHPGurukul News Portal Project add-category.php sql injectionVulDBVulDB05/26/202505/27/202506/24/2025CVE-2025-5249584903
accepted
310350PHPGurukul Company Visitor Management System bwdates-reports-details.php sql injectionVulDBVulDB05/26/202505/27/202506/10/2025CVE-2025-5248584823
accepted
310349Gowabby HFish url.go LoadUrl improper authenticationVulDBVulDB05/26/202505/27/202505/27/2025CVE-2025-5247584798
accepted
310348Campcodes Online Hospital Management System query-details.php sql injectionVulDBVulDB05/26/202505/27/202505/29/2025CVE-2025-5246584718
accepted
310347GNU Binutils objdump debug.c debug_type_samep memory corruptionVulDBVulDB05/26/202505/27/202505/27/2025CVE-2025-5245584635
accepted
310346GNU Binutils ld elflink.c elf_gc_sweep memory corruptionVulDBVulDB05/26/202505/27/202505/27/2025CVE-2025-5244584634
accepted
310331PHPGurukul Student Study Center Management System report.php sql injectionVulDBVulDB05/25/202505/26/202506/10/2025CVE-2025-5232584508
accepted
310330PHPGurukul Company Visitor Management System forgot-password.php sql injectionVulDBVulDB05/25/202505/26/202506/10/2025CVE-2025-5231584438
accepted
310329PHPGurukul Online Nurse Hiring System bwdates-report-details.php sql injectionVulDBVulDB05/24/202505/26/202506/10/2025CVE-2025-5230584042
accepted
310328Campcodes Online Hospital Management System view-patient.php sql injectionVulDBVulDB05/23/202505/26/202505/29/2025CVE-2025-5229583490
accepted
310326D-Link DI-8100 jhttpd login.cgi httpd_get_parm stack-based overflowVulDBVulDB05/23/202505/26/202505/27/2025CVE-2025-5228583430
accepted
310325PHPGurukul Small CRM manage-tickets.php sql injectionVulDBVulDB05/23/202505/26/202505/27/2025CVE-2025-5227583423
accepted
310324PHPGurukul Small CRM change-password.php sql injectionVulDBVulDB05/23/202505/26/202505/27/2025CVE-2025-5226583408
accepted
310323Campcodes Advanced Online Voting System index.php sql injectionVulDBVulDB05/23/202505/26/202505/29/2025CVE-2025-5225583397
accepted
310320Campcodes Online Hospital Management System add-doctor.php sql injectionVulDBVulDB05/22/202505/26/202505/29/2025CVE-2025-5224583029
accepted
310317FreeFloat FTP Server QUOTE Command buffer overflowVulDBVulDB05/22/202505/26/202506/24/2025CVE-2025-5221582971
accepted
310316FreeFloat FTP Server GET Command buffer overflowVulDBVulDB05/22/202505/26/202505/27/2025CVE-2025-5220582970
accepted
310315FreeFloat FTP Server ASCII Command buffer overflowVulDBVulDB05/22/202505/26/202505/27/2025CVE-2025-5219582968
accepted
310314FreeFloat FTP Server LITERAL Command buffer overflowVulDBVulDB05/22/202505/26/202505/27/2025CVE-2025-5218582965
accepted
310313FreeFloat FTP Server RMDIR Command buffer overflowVulDBVulDB05/22/202505/26/202505/27/2025CVE-2025-5217582963
accepted
310312PHPGurukul Student Record System login.php sql injectionVulDBVulDB05/22/202505/26/202505/27/2025CVE-2025-5216582936
accepted
310311D-Link DCS-5020L ptdc.cgi websReadEvent stack-based overflowVulDBVulDB05/22/202505/26/202505/27/2025CVE-2025-5215582935
accepted
310310Kashipara Responsive Online Learing Platform course_detail_user_new.php sql injectionVulDBVulDB05/22/202505/26/202505/27/2025CVE-2025-5214582929
accepted
310309projectworlds Responsive E-Learning System delete_file.php sql injectionVulDBVulDB05/22/202505/26/202505/27/2025CVE-2025-5213582909
accepted
310308PHPGurukul Employee Record Management System editempexp.php sql injectionVulDBVulDB05/22/202505/26/202505/27/2025CVE-2025-5212582812
accepted
310307PHPGurukul Employee Record Management System myprofile.php sql injectionVulDBVulDB05/22/202505/26/202505/27/2025CVE-2025-5211582809
accepted
310306PHPGurukul Employee Record Management System loginerms.php sql injectionVulDBVulDB05/22/202505/26/202505/27/2025CVE-2025-5210582802
accepted
310305SourceCodester Online Hospital Management System check_availability.php sql injectionVulDBVulDB05/21/202505/26/202505/27/2025CVE-2025-5208582279
accepted
310304SourceCodester Client Database Management System superadmin_update_profile.php sql injectionVulDBVulDB05/21/202505/26/202505/27/2025CVE-2025-5207582253
accepted
310303Pixelimity Installation index.php sql injectionVulDBVulDB05/21/202505/26/202505/27/2025CVE-2025-5206582221
accepted
3103021000 Projects Daily College Class Work Report Book dcwr_entry.php sql injectionVulDBVulDB05/21/202505/26/202505/26/2025CVE-2025-5205582110
accepted
310293Open Asset Import Library Assimp MDLMaterialLoader.cpp ParseSkinLump_3DGS_MDL7 out-of-boundsVulDBVulDB05/15/202505/26/202505/26/2025CVE-2025-5204578013
accepted
310292Open Asset Import Library Assimp ParsingUtils.h SkipSpaces out-of-boundsVulDBVulDB05/15/202505/26/202505/26/2025CVE-2025-5203578012
accepted
310291Open Asset Import Library Assimp HL1MDLLoader.cpp validate_header out-of-boundsVulDBVulDB05/15/202505/26/202505/26/2025CVE-2025-5202578007
accepted
310290Open Asset Import Library Assimp LWOLoader.cpp CountVertsAndFacesLWO2 out-of-boundsVulDBVulDB05/15/202505/26/202505/26/2025CVE-2025-5201578006
accepted
310289Open Asset Import Library Assimp MDLLoader.cpp InternReadFile_Quake1 out-of-boundsVulDBVulDB05/15/202505/26/202505/26/2025CVE-2025-5200578005
accepted
310279Wing FTP Server Lua Admin Console unnecessary privilegesVulDBVulDB05/24/202505/26/202505/26/2025CVE-2025-5196584253
accepted
310274thinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgeryVulDBVulDB05/20/202505/25/202505/26/2025CVE-2025-5186581704
accepted
310273Summer Pearl Group Vacation Rental Management Platform cross-site request forgeryVulDBVulDB05/25/202505/26/2025CVE-2025-5185
 
accepted
310272Summer Pearl Group Vacation Rental Management Platform HTTP Response Header information disclosureVulDBVulDB05/25/202505/26/2025CVE-2025-5184
 
accepted
310271Summer Pearl Group Vacation Rental Management Platform Header redirectVulDBVulDB05/25/202505/26/2025CVE-2025-5183
 
accepted
310270Summer Pearl Group Vacation Rental Management Platform Listing authorizationVulDBVulDB05/25/202505/26/2025CVE-2025-5182
 
accepted
310269Summer Pearl Group Vacation Rental Management Platform updateListing cross site scriptingVulDBVulDB05/20/202505/25/202505/26/2025CVE-2025-5181581383
accepted
310268Wondershare Filmora Installer NFWCHK.exe uncontrolled search pathVulDBVulDB05/18/202505/25/202505/26/2025CVE-2025-5180580226
accepted
310267Realce Tecnologia Queue Ticket Kiosk Cadastro de Administrador Page index.php cross site scriptingVulDBVulDB05/17/202505/25/202505/26/2025CVE-2025-5179579852
accepted
310266Realce Tecnologia Queue Ticket Kiosk Image File ajax.php unrestricted uploadVulDBVulDB05/17/202505/25/202505/26/2025CVE-2025-5178579851
accepted
310265Realce Tecnologia Queue Ticket Kiosk Admin Login Page index.php cross site scriptingVulDBVulDB05/17/202505/25/202505/26/2025CVE-2025-5177579850
accepted
310264Realce Tecnologia Queue Ticket Kiosk Admin Login Page index.php sql injectionVulDBVulDB05/17/202505/25/202505/26/2025CVE-2025-5176579849
accepted
310263erdogant pypickle pypickle.py save improper authorizationVulDBVulDB05/17/202505/25/202505/26/2025CVE-2025-5175579824
accepted
310262erdogant pypickle pypickle.py load deserializationVulDBVulDB05/16/202505/25/202505/26/2025CVE-2025-5174579157
accepted
310261HumanSignal label-studio-ml-backend PT File neural_nets.py load deserializationVulDBVulDB05/15/202505/25/202505/27/2025CVE-2025-5173578126
accepted
310260Econtrata valida sql injectionVulDBVulDB05/16/202505/25/202505/26/2025CVE-2025-5172579248
accepted
310259llisoft MTA Maita Training System OpenController.java this.fileService.download unrestricted uploadVulDBVulDB05/16/202505/25/202505/26/2025CVE-2025-5171579088
accepted
310258llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injectionVulDBVulDB05/16/202505/25/202505/26/2025CVE-2025-5170579069
accepted
310257Open Asset Import Library Assimp MDLLoader.cpp InternReadFile_3DGS_MDL345 out-of-boundsVulDBVulDB05/15/202505/25/202505/26/2025CVE-2025-5169578004
accepted
310256Open Asset Import Library Assimp MDLLoader.cpp ImportUVCoordinate_3DGS_MDL345 out-of-boundsVulDBVulDB05/15/202505/25/202505/26/2025CVE-2025-5168578003
accepted
310255Open Asset Import Library Assimp LWOLoader.h GetS0 out-of-boundsVulDBVulDB05/15/202505/25/202505/26/2025CVE-2025-5167578002
accepted
310254Open Asset Import Library Assimp MDC File Parser MDCLoader.cpp InternReadFile out-of-boundsVulDBVulDB05/15/202505/25/202505/26/2025CVE-2025-5166578001
accepted
310253Open Asset Import Library Assimp MDCLoader.cpp ValidateSurfaceHeader out-of-boundsVulDBVulDB05/15/202505/25/202505/26/2025CVE-2025-5165578000
accepted
310252PerfreeBlog JWT JwtUtil hard-coded keyVulDBVulDB05/13/202505/25/202505/26/2025CVE-2025-5164576433
accepted
310251yangshare 技术杨工 warehouseManager 仓库管理系统 access controlVulDBVulDB05/13/202505/25/202505/26/2025CVE-2025-5163576315
accepted
310250H3C SecCenter SMP-E1114P02 importFile unrestricted uploadVulDBVulDB05/16/202505/25/202505/26/2025CVE-2025-5162578679
accepted
310249H3C SecCenter SMP-E1114P02 download operationDailyOut path traversalVulDBVulDB05/16/202505/25/202505/26/2025CVE-2025-5161578678
accepted
310248H3C SecCenter SMP-E1114P02 download path traversalVulDBVulDB05/13/202505/25/202505/26/2025CVE-2025-5160576232
accepted
310247H3C SecCenter SMP-E1114P02 download path traversalVulDBVulDB05/13/202505/25/202505/26/2025CVE-2025-5159576231
accepted
310246H3C SecCenter SMP-E1114P02 downloadSoftware path traversalVulDBVulDB05/13/202505/25/202505/26/2025CVE-2025-5158576230
accepted
310245H3C SecCenter SMP-E1114P02 fileContent path traversalVulDBVulDB05/13/202505/25/202505/26/2025CVE-2025-5157576229
accepted
310244H3C GR-5400AX aspForm EditWlanMacList buffer overflowVulDBVulDB05/09/202505/25/202505/26/2025CVE-2025-5156574080
accepted
310243qianfox FoxCMS Article.php batchCope sql injectionVulDBVulDB05/13/202505/25/202505/25/2025CVE-2025-5155576286
accepted
310242PhonePe App SQLite Database databases cleartext storage in a file or on diskVulDBVulDB05/13/202505/25/202505/25/2025CVE-2025-5154576245
accepted
310241CMS Made Simple Design Manager Module cross site scriptingVulDBVulDB05/12/202505/24/202506/03/2025CVE-2025-5153575470
accepted
310240Chanjet CRM newActivityedit.php sql injectionVulDBVulDB05/10/202505/24/202506/03/2025CVE-2025-5152575047
accepted
310239defog-ai introspect analysis_tools.py execute_analysis_code_safely code injectionVulDBVulDB05/10/202505/24/202506/03/2025CVE-2025-5151574809
accepted
310238docarray Web API torch_dataset.py __getitem__ prototype pollutionVulDBVulDB05/09/202505/24/202506/03/2025CVE-2025-5150574696
accepted
310237WCMS Login getallcon getMemberByUid improper authenticationVulDBVulDB05/09/202505/24/202506/03/2025CVE-2025-5149574590
accepted
310236FunAudioLLM InspireMusic Pickle Data model.py load_state_dict deserializationVulDBVulDB05/08/202505/24/202505/27/2025CVE-2025-5148573800
accepted
310235Netcore NBR1005GPEV2/NBR200V2/B6V2 network_tools tools_ping command injectionVulDBVulDB05/08/202505/24/202505/29/2025CVE-2025-5147573682
accepted
310234Netcore NBR200V2 HTTP Header routerd passwd_set command injectionVulDBVulDB05/08/202505/24/202505/29/2025CVE-2025-5146573493
accepted
310233Netcore POWER13 Query String cgi-bin command injectionVulDBVulDB05/08/202505/24/202505/25/2025CVE-2025-5145573492
accepted
310221Seeyon Zhiyuan OA Web Application System ThirdMenuController.class this.oursNetService.getData server-side request forgeryVulDBVulDB05/09/202505/23/202505/25/2025CVE-2025-5140574440
accepted
310220Qualitor Office 365-type Connection testaConexaoOffice365.php command injectionVulDBVulDB05/07/202505/23/202506/24/2025CVE-2025-5139572477
accepted
310219Bitwarden PDF File cross site scripting [Disputed]VulDBVulDB05/06/202505/23/202506/20/2025CVE-2025-5138572263
accepted
310218DedeCMS Incomplete Fix CVE-2018-9175 sys_verifies.php code injectionVulDBVulDB05/06/202505/23/202506/10/2025CVE-2025-5137571933
accepted
310215Tmall Demo Payment Identifier pay random valuesVulDBVulDB05/06/202505/23/202506/19/2025CVE-2025-5136571960
accepted
310214Tmall Demo Product Details Page admin cross site scriptingVulDBVulDB05/06/202505/23/202505/25/2025CVE-2025-5135571941
accepted
310213Tmall Demo Buy Item Page cross site scriptingVulDBVulDB05/06/202505/23/202505/25/2025CVE-2025-5134571939
accepted
310212Tmall Demo Search Box cross site scriptingVulDBVulDB05/06/202505/23/202505/25/2025CVE-2025-5133571932
accepted
310211Tmall Demo logout cross-site request forgeryVulDBVulDB05/06/202505/23/202506/16/2025CVE-2025-5132571924
accepted
310210Tmall Demo uploadCategoryImage unrestricted uploadVulDBVulDB05/06/202505/23/202505/24/2025CVE-2025-5131571901
accepted
310209Tmall Demo uploadProductImage unrestricted uploadVulDBVulDB05/06/202505/23/202506/16/2025CVE-2025-5130571893
accepted
310207Sangfor 零信任访问控制系统 aTrust MSASN1.dll uncontrolled search pathVulDBVulDB05/05/202505/23/202505/24/2025CVE-2025-5129571267
accepted
310206ScriptAndTools Real-Estate-website-in-PHP Admin Login Panel admin sql injectionVulDBVulDB05/04/202505/23/202505/24/2025CVE-2025-5128570957
accepted
310205FLIR AX8 prod.php cross site scriptingVulDBVulDB05/06/202505/23/202506/16/2025CVE-2025-5127572265
accepted
310204FLIR AX8 settingsregional.php setDataTime command injectionVulDBVulDB05/03/202505/23/202506/16/2025CVE-2025-5126570725
accepted
310203Sony SNC-M1 Administrative Interface default credentials [Disputed]VulDBVulDB04/24/202505/23/202505/24/2025CVE-2025-5124564839
accepted
310198Emlog Pro api_controller.php sql injectionVulDBVulDB04/10/202505/23/202506/10/2025CVE-2025-5119555822
accepted
310090easysoft zentaopms Editor index.php edit deserializationVulDBVulDB05/03/202505/23/202505/23/2025CVE-2025-5114570727
accepted
310089FreeFloat FTP Server MGET Command buffer overflowVulDBVulDB05/22/202505/23/202506/24/2025CVE-2025-5112582962
accepted
310088FreeFloat FTP Server TYPE Command buffer overflowVulDBVulDB05/22/202505/23/202506/23/2025CVE-2025-5111582958
accepted
310087FreeFloat FTP Server VERBOSE Command buffer overflowVulDBVulDB05/22/202505/23/202506/23/2025CVE-2025-5110582957
accepted
310086FreeFloat FTP Server STATUS Command buffer overflowVulDBVulDB05/20/202505/23/202505/23/2025CVE-2025-5109581298
accepted
310085zongzhige ShopXO ZIP File Payment.php Upload unrestricted uploadVulDBVulDB05/02/202505/23/202505/23/2025CVE-2025-5108569827
accepted
310084Fujian Kelixun xml_cdr_details.php sql injectionVulDBVulDB05/02/202505/23/202505/23/2025CVE-2025-5107569448
accepted
310083Fujian Kelixun Filename fax_view.php os command injectionVulDBVulDB05/02/202505/23/202505/23/2025CVE-2025-5106569404
accepted
310082TOZED ZLT W51 Service Port 7777 heap inspectionVulDBVulDB05/01/202505/23/202505/23/2025CVE-2025-5105568495
accepted
309961Campcodes Cybercafe Management System adminprofile.php sql injectionVulDBVulDB05/21/202505/22/202505/28/2025CVE-2025-5081582065
accepted
309960Tenda FH451 webExcptypemanFilter stack-based overflowVulDBVulDB05/21/202505/22/202505/22/2025CVE-2025-5080582059
accepted
309959Campcodes Online Shopping Portal updateorder.php sql injectionVulDBVulDB05/20/202505/22/202505/28/2025CVE-2025-5079581439
accepted
309958Campcodes Online Shopping Portal subcategory.php sql injectionVulDBVulDB05/20/202505/22/202505/28/2025CVE-2025-5078581432
accepted
309957Campcodes Online Shopping Portal edit-subcategory.php sql injectionVulDBVulDB05/20/202505/22/202505/28/2025CVE-2025-5077581431
accepted
309956FreeFloat FTP Server SEND Command buffer overflowVulDBVulDB05/20/202505/22/202506/23/2025CVE-2025-5076581297
accepted
309955FreeFloat FTP Server DEBUG Command buffer overflowVulDBVulDB05/20/202505/22/202506/23/2025CVE-2025-5075581296
accepted
309954FreeFloat FTP Server PROMPT Command buffer overflowVulDBVulDB05/20/202505/22/202506/06/2025CVE-2025-5074581290
accepted
309953FreeFloat FTP Server MKDIR Command buffer overflowVulDBVulDB05/20/202505/22/202506/06/2025CVE-2025-5073581288
accepted
309879Campcodes Online Shopping Portal edit-subcategory.php unrestricted uploadVulDBVulDB05/20/202505/21/202505/28/2025CVE-2025-5059581391
accepted
309878Campcodes Online Shopping Portal insert-product.php sql injectionVulDBVulDB05/20/202505/21/202505/28/2025CVE-2025-5057581374
accepted
309877Campcodes Online Shopping Portal edit-products.php sql injectionVulDBVulDB05/20/202505/21/202505/28/2025CVE-2025-5056581373
accepted
309872FreeFloat FTP Server MDIR Command buffer overflowVulDBVulDB05/20/202505/21/202506/10/2025CVE-2025-5053581285
accepted
309871FreeFloat FTP Server LS Command buffer overflowVulDBVulDB05/20/202505/21/202506/23/2025CVE-2025-5052581284
accepted
309870FreeFloat FTP Server BINARY Command buffer overflowVulDBVulDB05/20/202505/21/202506/23/2025CVE-2025-5051581283
accepted
309869FreeFloat FTP Server BELL Command buffer overflowVulDBVulDB05/20/202505/21/202506/23/2025CVE-2025-5050581282
accepted
309868FreeFloat FTP Server APPEND Command buffer overflowVulDBVulDB05/20/202505/21/202506/23/2025CVE-2025-5049581278
accepted
309853XiaoBingby TeaCMS addUser cross-site request forgeryVulDBVulDB05/19/202505/21/202505/21/2025CVE-2025-5033580729
accepted
309852Campcodes Online Shopping Portal edit-category.php sql injectionVulDBVulDB05/19/202505/21/202505/21/2025CVE-2025-5032580601
accepted
309851Ackites KillWxapkg wxapkg File Decompression resource consumptionVulDBVulDB05/19/202505/21/202505/21/2025CVE-2025-5031580524
accepted
309850Ackites KillWxapkg wxapkg File Parser unpack.go processFile os command injectionVulDBVulDB05/19/202505/21/202505/21/2025CVE-2025-5030580526
accepted
309847Kingdee Cloud Galaxy Private Cloud BBC System File deleteFileAction.jhtml path traversalVulDBVulDB05/04/202505/21/202505/21/2025CVE-2025-5029570956
accepted
309729HkCms Search index.html cross site scriptingVulDBVulDB05/20/202505/20/2025CVE-2025-5013
 
accepted
309664moonlightL hexo-boot Dynamic List Page index.html cross site scriptingVulDBVulDB05/19/202505/20/202505/20/2025CVE-2025-5011580588
accepted
309663moonlightL hexo-boot Blog Backend index.html cross site scriptingVulDBVulDB05/19/202505/20/202505/20/2025CVE-2025-5010580567
accepted
309662projectworlds Online Time Table Generator add_teacher.php sql injectionVulDBVulDB05/19/202505/20/202505/28/2025CVE-2025-5008580412
accepted
309661Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scriptingVulDBVulDB05/18/202505/20/202505/22/2025CVE-2025-5007580323
accepted
309660Campcodes Online Shopping Portal category.php sql injectionVulDBVulDB05/18/202505/20/202505/28/2025CVE-2025-5006580248
accepted
309659projectworlds Online Time Table Generator add_course.php sql injectionVulDBVulDB05/18/202505/20/202505/28/2025CVE-2025-5004580201
accepted
309658projectworlds Online Time Table Generator semester_ajax.php sql injectionVulDBVulDB05/18/202505/20/202505/28/2025CVE-2025-5003580195
accepted
309657SourceCodester Client Database Management System user_proposal_update_order.php sql injectionVulDBVulDB05/18/202505/20/202505/28/2025CVE-2025-5002580192
accepted
309652GNU PSPP pspp-convert.c calloc integer overflowVulDBVulDB05/02/202505/20/202505/21/2025CVE-2025-5001569966
accepted
309651Linksys FGW3000-AH/FGW3000-HK HTTP POST Request sysconf.cgi control_panel_sw command injectionVulDBVulDB04/26/202505/20/202505/21/2025CVE-2025-5000565992
accepted
309650Linksys FGW3000-AH/FGW3000-HK HTTP POST Request sysconf.cgi sub_4153FC command injectionVulDBVulDB04/26/202505/20/202505/21/2025CVE-2025-4999565909
accepted
309649H3C Magic R200G HTTP POST Request aspForm EditWlanMacList denial of serviceVulDBVulDB04/22/202505/20/202505/21/2025CVE-2025-4998563583
accepted
309648H3C R2+ProG HTTP POST Request aspForm SetAPInfoById denial of serviceVulDBVulDB04/22/202505/20/202505/21/2025CVE-2025-4997563551
accepted
309647Intelbras RF 301K Add Static IP cross site scriptingVulDBVulDB02/15/202505/20/202505/21/2025CVE-2025-4996501900
accepted
309640Netgear DGND3700 mini_http currentsetting.htm information disclosureVulDBVulDB04/24/202505/20/202505/20/2025CVE-2025-4980564714
accepted
309639Netgear DGND3700 Basic Authentication BRS_top.html improper authenticationVulDBVulDB04/24/202505/20/202505/20/2025CVE-2025-4978564712
accepted
309638Netgear DGND3700 BRS_top.html information disclosureVulDBVulDB04/24/202505/20/202505/20/2025CVE-2025-4977564711
accepted
309504PHPGurukul Credit Card Application Management System index.php sql injectionVulDBVulDB05/18/202505/18/202505/28/2025CVE-2025-4941580167
accepted
3095031000 Projects Daily College Class Work Report Book admin_info.php sql injectionVulDBVulDB05/18/202505/18/202505/18/2025CVE-2025-4940580161
accepted
309502PHPGurukul Credit Card Application Management System new-ccapplication.php cross site scriptingVulDBVulDB05/18/202505/18/202505/28/2025CVE-2025-4939580119
accepted
309500PHPGurukul Employee Record Management System registererms.php sql injectionVulDBVulDB05/17/202505/18/202505/28/2025CVE-2025-4938579848
accepted
309499SourceCodester Apartment Visitor Management System profile.php sql injectionVulDBVulDB05/17/202505/18/202506/06/2025CVE-2025-4937579830
accepted
309498projectworlds Online Food Ordering System admin-page.php sql injectionVulDBVulDB05/17/202505/18/202506/06/2025CVE-2025-4936579823
accepted
309497SourceCodester Stock Management System changePassword.php sql injectionVulDBVulDB05/17/202505/18/202505/18/2025CVE-2025-4935579798
accepted
309496PHPGurukul User Registration & Login and User Management System edit-profile.php sql injectionVulDBVulDB05/17/202505/18/202505/18/2025CVE-2025-4934579759
accepted
309495ponaravindb Hospital-Management-System doctor-panel.php sql injectionVulDBVulDB05/17/202505/18/202505/18/2025CVE-2025-4933579678
accepted
309494projectworlds Online Lawyer Management System lawyer_registation.php sql injectionVulDBVulDB05/17/202505/18/202505/18/2025CVE-2025-4932579676
accepted
309493projectworlds Online Lawyer Management System user_registation.php sql injectionVulDBVulDB05/16/202505/18/202505/19/2025CVE-2025-4931579481
accepted
309492Campcodes Online Shopping Portal my-cart.php sql injectionVulDBVulDB05/16/202505/18/202505/19/2025CVE-2025-4930579468
accepted
309491Campcodes Online Shopping Portal my-account.php sql injectionVulDBVulDB05/16/202505/18/202506/11/2025CVE-2025-4929579467
accepted
309490projectworlds Online Lawyer Management System save_lawyer_edit_profile.php sql injectionVulDBVulDB05/16/202505/18/202505/19/2025CVE-2025-4928579313
accepted
309489PHPGurukul Online Marriage Registration System between-dates-application-report.php sql injectionVulDBVulDB05/16/202505/18/202505/19/2025CVE-2025-4927579300
accepted
309488PHPGurukul Car Rental Project post-avehical.php unrestricted uploadVulDBVulDB05/16/202505/18/202505/18/2025CVE-2025-4926579163
accepted
309487PHPGurukul Daily Expense Tracker System expense-monthwise-reports-detailed.php sql injectionVulDBVulDB05/16/202505/18/202505/19/2025CVE-2025-4925579105
accepted
309486SourceCodester Client Database Management System user_void_transaction.php sql injectionVulDBVulDB05/16/202505/18/202505/18/2025CVE-2025-4924579111
accepted
309485SourceCodester Client Database Management System user_delivery_update.php unrestricted uploadVulDBVulDB05/16/202505/18/202505/28/2025CVE-2025-4923579104
accepted
309474PHPGurukul Auto Taxi Stand Management System new-autoortaxi-entry-form.php sql injectionVulDBVulDB05/16/202505/17/202505/19/2025CVE-2025-4917579100
accepted
309473PHPGurukul Auto Taxi Stand Management System admin-profile.php sql injectionVulDBVulDB05/16/202505/17/202505/19/2025CVE-2025-4916579098
accepted
309472PHPGurukul Auto Taxi Stand Management System auto-taxi-entry-detail.php sql injectionVulDBVulDB05/16/202505/17/202505/19/2025CVE-2025-4915579097
accepted
309471PHPGurukul Auto Taxi Stand Management System forgot-password.php sql injectionVulDBVulDB05/16/202505/17/202505/19/2025CVE-2025-4914579096
accepted
309470PHPGurukul Auto Taxi Stand Management System index.php sql injectionVulDBVulDB05/16/202505/17/202505/19/2025CVE-2025-4913579095
accepted
309469SourceCodester Student Result Management System Image File update_student.php path traversalVulDBVulDB05/16/202505/17/202505/19/2025CVE-2025-4912579089
accepted
309468PHPGurukul Zoo Management System view-foreigner-ticket.php sql injectionVulDBVulDB05/16/202505/17/202505/19/2025CVE-2025-4911578751
accepted
309467PHPGurukul Zoo Management System edit-animal-details.php sql injectionVulDBVulDB05/16/202505/17/202505/19/2025CVE-2025-4910578749
accepted
309466SourceCodester Client Database Management System exposure of information through directory listingVulDBVulDB05/16/202505/17/202505/28/2025CVE-2025-4909578723
accepted
309465PHPGurukul Daily Expense Tracker System expense-datewise-reports-detailed.php sql injectionVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4908578254
accepted
309464PHPGurukul Daily Expense Tracker System forgot-password.php sql injectionVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4907578194
accepted
309462PHPGurukul Notice Board System login.php sql injectionVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4906578086
accepted
309461iop-apl-uw basestation3 QC.py load_qc_pickl deserializationVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4905578074
accepted
309460D-Link DI-7003GV2 webgl.data sub_41F0FC information disclosureVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4904578052
accepted
309459D-Link DI-7003GV2 webgl.asp sub_41F4F0 unverified password changeVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4903578051
accepted
309458D-Link DI-7003GV2 versionupdate.data sub_48F4F0 information disclosureVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4902578050
accepted
309457D-Link DI-7003GV2 HTTP Endpoint state_view.data sub_41E304 information disclosureVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4901578049
accepted
309456Campcodes Sales and Inventory System payment.php sql injectionVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4900578041
accepted
309455Campcodes Sales and Inventory System transaction_update.php sql injectionVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4899578040
accepted
309454SourceCodester Student Result Management System Logo File update_system.php unlink path traversalVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4898578036
accepted
309453Tenda A15 HTTP POST Request multimodalAdd buffer overflowVulDBVulDB05/15/202505/17/202505/19/2025CVE-2025-4897578035
accepted
309452Tenda AC10 UserCongratulationsExec buffer overflowVulDBVulDB05/15/202505/17/202505/18/2025CVE-2025-4896578034
accepted
309449SourceCodester Doctors Appointment System delete-session.php sql injectionVulDBVulDB05/15/202505/17/202505/18/2025CVE-2025-4895578022
accepted
309448calmkart Django-sso-server crypto.py gen_rsa_keys inadequate encryptionVulDBVulDB05/15/202505/17/202506/06/2025CVE-2025-4894578019
accepted
309447jammy928 CoinExchange_CryptoExchange_Java File Upload Endpoint UploadFileUtil.java uploadLocalImage path traversalVulDBVulDB05/15/202505/17/202505/18/2025CVE-2025-4893577907
accepted
309445code-projects Police Station Management System Delete Record source.cpp remove stack-based overflowVulDBVulDB05/14/202505/17/202505/18/2025CVE-2025-4892577501
accepted
309444code-projects Police Station Management System Display Record source.cpp display buffer overflowVulDBVulDB05/14/202505/17/202505/18/2025CVE-2025-4891577500
accepted
309443code-projects Tourism Management System Login User LoginUser stack-based overflowVulDBVulDB05/14/202505/17/202505/18/2025CVE-2025-4890577499
accepted
309442code-projects Tourism Management System User Registration AddUser buffer overflowVulDBVulDB05/14/202505/17/202505/18/2025CVE-2025-4889577498
accepted
309441code-projects Pharmacy Management System Add Order Details take_order buffer overflowVulDBVulDB05/14/202505/17/202505/18/2025CVE-2025-4888577497
accepted
309440SourceCodester Online Student Clearance System cross-site request forgeryVulDBVulDB05/14/202505/17/202505/18/2025CVE-2025-4887577487
accepted
309439itsourcecode Sales and Inventory System product_update.php sql injectionVulDBVulDB05/14/202505/17/202505/18/2025CVE-2025-4886577365
accepted
309438itsourcecode Sales and Inventory System product_add.php sql injectionVulDBVulDB05/14/202505/17/202505/28/2025CVE-2025-4885577364
accepted
309437itsourcecode Restaurant Management System assign_save.php sql injectionVulDBVulDB05/14/202505/17/202505/28/2025CVE-2025-4884577363
accepted
309436D-Link DI-8100 Connection Limit Page ctxz.asp ctxz_asp stack-based overflowVulDBVulDB05/13/202505/17/202505/18/2025CVE-2025-4883576392
accepted
309435itsourcecode Restaurant Management System team_update.php sql injectionVulDBVulDB05/13/202505/17/202505/18/2025CVE-2025-4882576285
accepted
309434itsourcecode Restaurant Management System user_save.php sql injectionVulDBVulDB05/13/202505/17/202505/18/2025CVE-2025-4881576284
accepted
309433PHPGurukul News Portal aboutus.php sql injectionVulDBVulDB05/13/202505/17/202505/18/2025CVE-2025-4880576264
accepted
309418Campcodes Online Shopping Portal forgot-password.php sql injectionVulDBVulDB05/13/202505/16/202505/18/2025CVE-2025-4875576265
accepted
309416PHPGurukul News Portal Project contactus.php sql injectionVulDBVulDB05/13/202505/16/202505/18/2025CVE-2025-4874576251
accepted
309415PHPGurukul News Portal Login index.php sql injectionVulDBVulDB05/13/202505/16/202505/18/2025CVE-2025-4873576244
accepted
309414FreeFloat FTP Server CCC Command buffer overflowVulDBVulDB05/12/202505/16/202506/13/2025CVE-2025-4872575631
accepted
309413PCMan FTP Server REST Command buffer overflowVulDBVulDB05/12/202505/16/202506/13/2025CVE-2025-4871575624
accepted
309412itsourcecode Restaurant Management System menu_save.php sql injectionVulDBVulDB05/12/202505/16/202505/18/2025CVE-2025-4870575553
accepted
309411itsourcecode Restaurant Management System member_update.php sql injectionVulDBVulDB05/12/202505/16/202505/28/2025CVE-2025-4869575552
accepted
309410merikbest ecommerce-spring-reactjs File Upload Endpoint admin path traversalVulDBVulDB05/12/202505/16/202505/18/2025CVE-2025-4868575506
accepted
309409Tenda A15 ArpNerworkSet formArpNerworkSet denial of serviceVulDBVulDB05/12/202505/16/202506/24/2025CVE-2025-4867575501
accepted
309408weibocom rill-flow Management Console code injectionVulDBVulDB05/12/202505/16/202506/13/2025CVE-2025-4866575478
accepted
309407itsourcecode Restaurant Management System member_save.php sql injectionVulDBVulDB05/12/202505/16/202505/18/2025CVE-2025-4865575466
accepted
309406itsourcecode Restaurant Management System finished.php sql injectionVulDBVulDB05/12/202505/16/202505/18/2025CVE-2025-4864575465
accepted
309405Advaya Softech GEMS ERP Portal studentLogin.action sql injectionVulDBVulDB05/11/202505/16/202506/13/2025CVE-2025-4863575384
accepted
309404PHPGurukul Directory Management System searchdata.php cross site scriptingVulDBVulDB05/11/202505/16/202505/18/2025CVE-2025-4862575355
accepted
309403PHPGurukul Beauty Parlour Management System admin-profile.php sql injectionVulDBVulDB05/11/202505/16/202505/18/2025CVE-2025-4861575230
accepted
309402D-Link DAP-2695 Static Pool Settings Page adv_dhcps.php cross site scriptingVulDBVulDB05/10/202505/16/202505/18/2025CVE-2025-4860575103
accepted
309401D-Link DAP-2695 MAC Bypass Settings Page adv_macbypass.php cross site scriptingVulDBVulDB05/10/202505/16/202505/18/2025CVE-2025-4859575101
accepted
309400D-Link DAP-2695 ARP Spoofing Prevention Page adv_arpspoofing.php cross site scriptingVulDBVulDB05/10/202505/16/202505/18/2025CVE-2025-4858575100
accepted
309323TOTOLINK A3002R VPN Page cross site scriptingVulDBVulDB05/10/202505/16/202505/18/2025CVE-2025-4852575099
accepted
309322TOTOLINK N300RH cstecgi.cgi setUploadUserData command injectionVulDBVulDB05/10/202505/16/202505/24/2025CVE-2025-4851575074
accepted
309321TOTOLINK N300RH cstecgi.cgi setUnloadUserData command injectionVulDBVulDB05/10/202505/16/202505/24/2025CVE-2025-4850575073
accepted
309320TOTOLINK N300RH cstecgi.cgi CloudACMunualUpdateUserdata command injectionVulDBVulDB05/10/202505/16/202505/24/2025CVE-2025-4849575072
accepted
309317FreeFloat FTP Server RECV Command buffer overflowVulDBVulDB05/07/202505/16/202505/19/2025CVE-2025-4848572492
accepted
309316FreeFloat FTP Server MLS Command buffer overflowVulDBVulDB05/07/202505/16/202505/18/2025CVE-2025-4847572487
accepted
309315FreeFloat FTP Server MPUT Command buffer overflowVulDBVulDB05/07/202505/16/202505/18/2025CVE-2025-4846572486
accepted
309314FreeFloat FTP Server TRACE Command buffer overflowVulDBVulDB05/07/202505/16/202505/18/2025CVE-2025-4845572483
accepted
309313FreeFloat FTP Server CD Command buffer overflowVulDBVulDB05/07/202505/16/202505/18/2025CVE-2025-4844572475
accepted
309310D-Link DCS-932L ucp isUCPCameraNameChanged stack-based overflowVulDBVulDB05/10/202505/16/202505/18/2025CVE-2025-4842574925
accepted
309309D-Link DCS-932L udev SubUPnPCSInit stack-based overflowVulDBVulDB05/10/202505/16/202505/18/2025CVE-2025-4843574926
accepted
309308D-Link DCS-932L gpio sub_404780 stack-based overflowVulDBVulDB05/10/202505/16/202505/18/2025CVE-2025-4841574924
accepted
309307itwanger paicoding CrossUtil.java cross-domain policyVulDBVulDB05/10/202505/16/202505/18/2025CVE-2025-4839574826
accepted
309306kanwangzjm Funiture Login LoginServlet.java doPost redirectVulDBVulDB05/10/202505/16/202505/18/2025CVE-2025-4838574825
accepted
309303projectworlds Student Project Allocation System make_group_sql.php sql injectionVulDBVulDB05/09/202505/16/202505/18/2025CVE-2025-4837574646
accepted
309302Projectworlds Life Insurance Management System deleteAgent.php sql injectionVulDBVulDB05/09/202505/16/202505/17/2025CVE-2025-4836574617
accepted
309301TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formWlanRedirect buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4835574608
accepted
309300TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formSetLg buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4834574607
accepted
309299TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formNtp buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4833574606
accepted
309298TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formDosCfg buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4832574605
accepted
309297TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formSiteSurveyProfile buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4831574604
accepted
309296TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formSysCmd buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4830574600
accepted
309295TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formStats sub_40BE30 buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4829574599
accepted
309288TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formSaveConfig buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4827574598
accepted
309287TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formWirelessTbl buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4826574597
accepted
309286TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formDMZ buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4825574596
accepted
309285TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formWsc buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4824574594
accepted
309284TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formReflashClientTbl submit-url buffer overflowVulDBVulDB05/09/202505/16/202505/24/2025CVE-2025-4823574593
accepted
309276y_project RuoYi Offline Logout batchForceLogout improper authorizationVulDBVulDB05/09/202505/16/202505/17/2025CVE-2025-4819574443
accepted
309275SourceCodester Doctor's Appointment System GET Parameter delete-doctor.php sql injectionVulDBVulDB05/09/202505/16/202505/28/2025CVE-2025-4818574219
accepted
309274Sourcecodester Doctor's Appointment System GET Parameter delete-appointment.php sql injectionVulDBVulDB05/09/202505/16/202505/28/2025CVE-2025-4817574178
accepted
309273SourceCodester Doctor's Appointment System GET Parameter appointment.php sql injectionVulDBVulDB05/09/202505/16/202505/28/2025CVE-2025-4816574129
accepted
309272Campcodes Sales and Inventory System supplier_update.php sql injectionVulDBVulDB05/09/202505/16/202505/17/2025CVE-2025-4815574082
accepted
309271Campcodes Sales and Inventory System supplier_add.php sql injectionVulDBVulDB05/09/202505/16/202505/28/2025CVE-2025-4814574081
accepted
309270PHPGurukul Human Metapneumovirus Testing Management System edit-phlebotomist.php sql injectionVulDBVulDB05/08/202505/16/202505/16/2025CVE-2025-4813573888
accepted
309269PHPGurukul Human Metapneumovirus Testing Management System profile.php sql injectionVulDBVulDB05/08/202505/16/202505/16/2025CVE-2025-4812573886
accepted
309266CodeAstro Pharmacy Management System Login index.php sql injectionVulDBVulDB05/08/202505/16/202505/16/2025CVE-2025-4811573700
accepted
309265Tenda AC7 SetRebootTimer formSetRebootTimer stack-based overflowVulDBVulDB05/08/202505/16/202505/24/2025CVE-2025-4810573643
accepted
309264Tenda AC7 setMacFilterCfg fromSafeSetMacFilter stack-based overflowVulDBVulDB05/08/202505/16/202505/24/2025CVE-2025-4809573642
accepted
309263PHPGurukul Park Ticketing Management System add-normal-ticket.php sql injectionVulDBVulDB05/07/202505/16/202505/17/2025CVE-2025-4808572602
accepted
309261SourceCodester Online Student Clearance System exposure of information through directory listingVulDBVulDB05/06/202505/16/202505/28/2025CVE-2025-4807572238
accepted
309260SourceCodester/oretnom23 Stock Management System view_bo sql injectionVulDBVulDB05/06/202505/16/202505/28/2025CVE-2025-4806572219
accepted
309105gongfuxiang schoolcms index.php SaveInfo sql injectionVulDBVulDB05/07/202505/15/202505/16/2025CVE-2025-4795572601
accepted
309103PHPGurukul Online Course Registration news.php sql injectionVulDBVulDB05/07/202505/15/202505/16/2025CVE-2025-4794572508
accepted
309102PHPGurukul Online Course Registration edit-student-profile.php sql injectionVulDBVulDB05/07/202505/15/202505/16/2025CVE-2025-4793572507
accepted
309101FreeFloat FTP Server MDELETE Command buffer overflowVulDBVulDB05/07/202505/15/202506/23/2025CVE-2025-4792572481
accepted
309100FreeFloat FTP Server HASH Command buffer overflowVulDBVulDB05/07/202505/15/202505/23/2025CVE-2025-4791572480
accepted
309099FreeFloat FTP Server GLOB Command buffer overflowVulDBVulDB05/07/202505/15/202505/23/2025CVE-2025-4790572479
accepted
309098FreeFloat FTP Server LCD Command buffer overflowVulDBVulDB05/07/202505/15/202505/23/2025CVE-2025-4789572478
accepted
309097FreeFloat FTP Server DELETE Command buffer overflowVulDBVulDB05/07/202505/15/202505/23/2025CVE-2025-4788572476
accepted
309096SourceCodester/oretnom23 Stock Management System view_sale sql injectionVulDBVulDB05/06/202505/15/202505/24/2025CVE-2025-4787572333
accepted
309095SourceCodester/oretnom23 Stock Management System view_return sql injectionVulDBVulDB05/06/202505/15/202505/24/2025CVE-2025-4786572297
accepted
309086PHPGurukul Daily Expense Tracker System user-profile.php sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4785572264
accepted
309082SourceCodester/oretnom23 Stock Management System view_receiving sql injectionVulDBVulDB05/06/202505/15/202505/23/2025CVE-2025-4782572195
accepted
309078PHPGurukul Park Ticketing Management System forgot-password.php sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4781572164
accepted
309077PHPGurukul Park Ticketing Management System foreigner-search.php sql injectionVulDBVulDB05/06/202505/15/202506/06/2025CVE-2025-4780572163
accepted
309076PHPGurukul Park Ticketing Management System normal-search.php sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4778572161
accepted
309075PHPGurukul Park Ticketing Management System view-foreigner-ticket.php sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4777572155
accepted
309074PHPGurukul Online Course Registration level.php sql injectionVulDBVulDB05/06/202505/15/202505/15/2025CVE-2025-4773572144
accepted
309073PHPGurukul Online Course Registration department.php sql injectionVulDBVulDB05/06/202505/15/202505/16/2025CVE-2025-4772572143
accepted
309072PHPGurukul Online Course Registration course.php sql injectionVulDBVulDB05/06/202505/15/202505/16/2025CVE-2025-4771572135
accepted
309071PHPGurukul Park Ticketing Management System view-normal-ticket.php sql injectionVulDBVulDB05/06/202505/15/202506/06/2025CVE-2025-4770572134
accepted
309070CBEWIN Anytxt Searcher ATService.exe uncontrolled search pathVulDBVulDB05/06/202505/15/202505/16/2025CVE-2025-4769571820
accepted
309069feng_ha_ha/megagao ssm-erp/production_ssm PictureServiceImpl.java uploadPicture unrestricted uploadVulDBVulDB05/06/202505/15/202505/16/2025CVE-2025-4768571737
accepted
309068defog-ai introspect Test Endpoint integration_routes.py test_custom_tool code injectionVulDBVulDB05/05/202505/15/202505/27/2025CVE-2025-4767571363
accepted
309067PHPGurukul Zoo Management System profile.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4766571351
accepted
309066PHPGurukul Zoo Management System contactus.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4765571345
accepted
309064PHPGurukul Complaint Management System admin-profile.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4761571314
accepted
309060PHPGurukul Beauty Parlour Management System contact.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4758571306
accepted
309059PHPGurukul Beauty Parlour Management System forgot-password.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4757571303
accepted
309058D-Link DI-7003GV2 restart.asp denial of serviceVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4756571077
accepted
309057D-Link DI-7003GV2 netconfig.asp sub_497DE4 improper authenticationVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4755571073
accepted
309056D-Link DI-7003GV2 login.data information disclosureVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4753571072
accepted
309055D-Link DI-7003GV2 install_base.data information disclosureVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4752571071
accepted
309054D-Link DI-7003GV2 index.data information disclosureVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4751571070
accepted
309053D-Link DI-7003GV2 Configuration get_version.data information disclosureVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4750571069
accepted
309052D-Link DI-7003GV2 Factory Reset backup.asp sub_4983B0 denial of serviceVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4749571068
accepted
309047Bohua NetDragon Firewall ip_status.php command injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4747571035
accepted
309046Campcodes Sales and Inventory System purchase_delete.php sql injectionVulDBVulDB05/05/202505/15/202505/16/2025CVE-2025-4746571020
accepted
309045code-projects Employee Record System current_employees.php cross site scriptingVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4745570967
accepted
309044code-projects Employee Record System edit_employee.php cross site scriptingVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4744570965
accepted
309043code-projects Employee Record System getData.php sql injectionVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4743570963
accepted
309042XU-YIJIE grpo-flat grpo_vanilla.py main deserializationVulDBVulDB05/04/202505/15/202505/27/2025CVE-2025-4742570923
accepted
309041Campcodes Sales and Inventory System purchase_add.php sql injectionVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4741570913
accepted
309040BeamCtrl Airiana coef deserializationVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4740570888
accepted
309039projectworlds Hospital Database Management System medicines_info.php sql injectionVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4739570855
accepted
309038PHPGurukul Daily Expense Tracker register.php sql injectionVulDBVulDB05/04/202505/15/202505/16/2025CVE-2025-4736570814
accepted
309037Campcodes Sales and Inventory System product.php unrestricted uploadVulDBVulDB05/03/202505/15/202505/16/2025CVE-2025-4735570715
accepted
309036Campcodes Sales and Inventory System ci_update.php sql injectionVulDBVulDB05/03/202505/15/202506/21/2025CVE-2025-4734570714
accepted
309035TOTOLINK A3002R/A3002RU HTTP POST Request formIpQoS buffer overflowVulDBVulDB05/03/202505/15/202506/20/2025CVE-2025-4733570703
accepted
309034TOTOLINK A3002R/A3002RU HTTP POST Request formFilter buffer overflowVulDBVulDB05/03/202505/15/202506/20/2025CVE-2025-4732570690
accepted
309033TOTOLINK A3002R/A3002RU HTTP POST Request formPortFw buffer overflowVulDBVulDB05/03/202505/15/202506/20/2025CVE-2025-4731570688
accepted
309032TOTOLINK A3002R/A3002RU HTTP POST Request formMapDel buffer overflowVulDBVulDB05/03/202505/15/202506/20/2025CVE-2025-4730570687
accepted
309031TOTOLINK A3002R/A3002RU HTTP POST Request formMapDelDevice command injectionVulDBVulDB05/03/202505/15/202506/20/2025CVE-2025-4729570686
accepted
309030SourceCodester Best Online News Portal search.php sql injectionVulDBVulDB05/03/202505/15/202505/16/2025CVE-2025-4728570677
accepted
309029Meteor livedata_server.js Object.assign redosVulDBVulDB05/03/202505/15/202506/23/2025CVE-2025-4727570441
accepted
309028itsourcecode Placement Management System view_student.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4726570010
accepted
309027itsourcecode Placement Management System view_drive.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4725569977
accepted
309026itsourcecode Placement Management System student_profile.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4724569974
accepted
309025itsourcecode Placement Management System all_student.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4723569965
accepted
309024itsourcecode Placement Management System edit_profile.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4722569951
accepted
309023itsourcecode Placement Management System drive.php sql injectionVulDBVulDB05/02/202505/15/202505/16/2025CVE-2025-4721569945
accepted
309022SourceCodester Student Result Management System drop_student.php path traversalVulDBVulDB05/02/202505/15/202505/15/2025CVE-2025-4720569855
accepted
309020Campcodes Sales and Inventory System cash_transaction.php sql injectionVulDBVulDB05/01/202505/15/202505/16/2025CVE-2025-4719568387
accepted
309019Campcodes Sales and Inventory System customer_add.php sql injectionVulDBVulDB05/01/202505/15/202505/16/2025CVE-2025-4718568386
accepted
309018PHPGurukul Company Visitor Management System visitors-form.php sql injectionVulDBVulDB05/01/202505/15/202505/16/2025CVE-2025-4717568331
accepted
309014Campcodes Sales and Inventory System credit_transaction_add.php sql injectionVulDBVulDB05/01/202505/15/202505/16/2025CVE-2025-4716568296
accepted
309013Campcodes Sales and Inventory System view_application.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4715568295
accepted
309012Campcodes Sales and Inventory System reprint.php sql injectionVulDBVulDB05/01/202505/15/202505/19/2025CVE-2025-4714568294
accepted
309011Campcodes Sales and Inventory System print.php sql injectionVulDBVulDB05/01/202505/15/202505/19/2025CVE-2025-4713568293
accepted
309010Campcodes Sales and Inventory System account_summary.php sql injectionVulDBVulDB05/01/202505/15/202505/19/2025CVE-2025-4712568292
accepted
309009Campcodes Sales and Inventory System stockin_add.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4711568291
accepted
309008Campcodes Sales and Inventory System transaction.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4710568290
accepted
309007Campcodes Sales and Inventory System transaction_del.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4709568289
accepted
309006Campcodes Sales and Inventory System sales_add.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4708568288
accepted
309005Campcodes Sales and Inventory System transaction_add.php sql injectionVulDBVulDB05/01/202505/15/202505/15/2025CVE-2025-4707568287
accepted
309004projectworlds Online Examination System Procedure3b_yearwiseVisit.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4706567923
accepted
309003PHPGurukul Vehicle Parking Management System view-incomingvehicle-detail.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4705567827
accepted
309002PHPGurukul Vehicle Parking Management System edit-category.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4704567821
accepted
309001PHPGurukul Vehicle Parking Management System admin-profile.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4703567820
accepted
309000PHPGurukul Vehicle Parking Management System add-category.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4702567805
accepted
308999VITA-MLLM Freeze-Omni utils.py torch.load deserializationVulDBVulDB04/30/202505/15/202505/27/2025CVE-2025-4701567796
accepted
308998PHPGurukul Apartment Visitors Management System visitors-form.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4699567738
accepted
308997PHPGurukul Directory Management System forget-password.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4698567695
accepted
308996PHPGurukul Directory Management System edit-directory.php sql injectionVulDBVulDB04/30/202505/15/202505/15/2025CVE-2025-4697567694
accepted
308995PHPGurukul/Campcodes Cyber Cafe Management System search.php sql injectionVulDBVulDB04/30/202505/15/202505/30/2025CVE-2025-4696567683
accepted
308994PHPGurukul/Campcodes Cyber Cafe Management System add-users.php sql injectionVulDBVulDB04/30/202505/15/202505/30/2025CVE-2025-4695567673
accepted
308301PHPGurukul Apartment Visitors Management System bwdates-passreports-details.php sql injectionVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4554567586
accepted
308300PHPGurukul Apartment Visitors Management System bwdates-reports-details.php sql injectionVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4553567584
accepted
308299ContiNew Admin password unverified password changeVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4552567572
accepted
308298ContiNew Admin file cross site scriptingVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4551567568
accepted
308297PHPGurukul Apartment Visitors Management System pass-details.php sql injectionVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4550567567
accepted
308296Campcodes Online Food Ordering System register-router.php sql injectionVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4549567549
accepted
308295Campcodes Online Food Ordering System router.php sql injectionVulDBVulDB04/30/202505/10/202505/12/2025CVE-2025-4548567547
accepted
308294SourceCodester Web-based Pharmacy Product Management System Add User Page cross site scriptingVulDBVulDB04/29/202505/10/202505/11/2025CVE-2025-4547567497
accepted
3082931Panel-dev MaxKB Knowledge Base Module csv injectionVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4546566517
accepted
308292CTCMS Content Management System File Tpl.php del path traversalVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4545566498
accepted
308291D-Link DI-8100 jhttpd ddos.asp stack-based overflowVulDBVulDB04/20/202505/10/202505/11/2025CVE-2025-4544562695
accepted
308289LyLme Spage ajax_link.php sql injectionVulDBVulDB04/29/202505/10/202505/12/2025CVE-2025-4543567290
accepted
308288Freeebird Hotel 酒店管理系统 API SessionInterceptor.java cross-domain policyVulDBVulDB04/29/202505/10/202505/12/2025CVE-2025-4542567214
accepted
308286LmxCMS POST Request ZtAction.class.php manageZt sql injectionVulDBVulDB04/29/202505/10/202506/12/2025CVE-2025-4541567191
accepted
308285MTSoftware C-Lodop CLodopPrintService unquoted search pathVulDBVulDB04/28/202505/10/202505/23/2025CVE-2025-4540566789
accepted
308284Hainan ToDesk DLL File Parser profapi.dll uncontrolled search pathVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4539566698
accepted
308283kkFileView fileUpload unrestricted uploadVulDBVulDB04/28/202505/10/202506/17/2025CVE-2025-4538566596
accepted
308282yangzongzhuan RuoYi-Vue Password login.vue sensitive information in a cookieVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4537566469
accepted
308281Gosuncn Technology Group Audio-Visual Integrated Management Platform listByPage information disclosureVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4536566425
accepted
308280Gosuncn Technology Group Audio-Visual Integrated Management Platform Configuration File config.properties information disclosureVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4535566424
accepted
308279SunGrow Logger1000 weak passwordVulDBVulDB04/28/202505/10/202505/11/2025CVE-2025-4534566423
accepted
308278JeecgBoot Document Library Upload zip unzipFile resource consumptionVulDBVulDB04/27/202505/10/202505/11/2025CVE-2025-4533566192
accepted
308277Shanghai Bairui Information Technology SunloginClient sunlogin_guard.exe uncontrolled search pathVulDBVulDB04/27/202505/10/202505/11/2025CVE-2025-4532566141
accepted
308276Seeyon Zhiyuan OA Web Application System Beetl Template EhrSalaryPayrollServiceImpl.class postData code injectionVulDBVulDB04/27/202505/10/202505/11/2025CVE-2025-4531566097
accepted
308275feng_ha_ha/megagao ssm-erp/production_ssm File FileController.java handleFileDownload path traversalVulDBVulDB04/25/202505/10/202505/11/2025CVE-2025-4530565380
accepted
308274Seeyon Zhiyuan OA Web Application System ZIP File M3CoreController.class download path traversalVulDBVulDB04/25/202505/10/202505/11/2025CVE-2025-4529565379
accepted
308273Dígitro NGC Explorer session expirationVulDBVulDB04/24/202505/10/202505/11/2025CVE-2025-4528565309
accepted
308272Dígitro NGC Explorer Password Transmission client-side enforcement of server-side securityVulDBVulDB04/24/202505/10/202505/11/2025CVE-2025-4527565308
accepted
308271Dígitro NGC Explorer Configuration Page missing password field maskingVulDBVulDB04/24/202505/10/202505/11/2025CVE-2025-4526565307
accepted
308270Discord WINSTA.dll uncontrolled search pathVulDBVulDB04/21/202505/10/202505/11/2025CVE-2025-4525562788
accepted
308235Zylon PrivateGPT settings.yaml cross-domain policyVulDBVulDB04/23/202505/09/202505/10/2025CVE-2025-4515564451
accepted
308234Zhengzhou Jiuhua Electronic Technology mayicms javascript.php sql injectionVulDBVulDB04/23/202505/09/202505/10/2025CVE-2025-4514564243
accepted
308233Catalyst User Key Authentication Plugin Logout logout.php redirectVulDBVulDB04/23/202505/09/202505/10/2025CVE-2025-4513564090
accepted
308232Inetum IODAS app.jsp cross site scriptingVulDBVulDB04/22/202505/09/202505/10/2025CVE-2025-4512563733
accepted
308231vector4wang spring-boot-quick quick-img2txt Img2TxtController.java ResponseEntity path traversalVulDBVulDB04/22/202505/09/202505/10/2025CVE-2025-4511563538
accepted
308230Changjietong UFIDA CRM optntyday.php sql injectionVulDBVulDB04/25/202505/09/202505/10/2025CVE-2025-4510565531
accepted
308225PHPGurukul e-Diary Management System manage-notes.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4509567288
accepted
308224PHPGurukul e-Diary Management System my-profile.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4508567263
accepted
308223Campcodes Online Food Ordering System add-item.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4507567170
accepted
308222Campcodes Online Food Ordering System menu-router.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4506567169
accepted
308221PHPGurukul Apartment Visitors Management System category.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4505567166
accepted
308220SourceCodester Online College Library System index.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4504567156
accepted
308219Campcodes Sales and Inventory System customer_update.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4503567145
accepted
308218Campcodes Sales and Inventory System creditor_add.php sql injectionVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4502567144
accepted
308217code-projects Album Management System Search Albums searchalbum stack-based overflowVulDBVulDB04/29/202505/09/202505/29/2025CVE-2025-4501567111
accepted
308216code-projects Hotel Management System Edit Room edit stack-based overflowVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4500567110
accepted
308215code-projects Simple Hospital Management System Add Information add stack-based overflowVulDBVulDB04/29/202505/09/202505/29/2025CVE-2025-4499567109
accepted
308214code-projects Simple Bus Reservation System Install Bus install stack-based overflowVulDBVulDB04/29/202505/09/202505/29/2025CVE-2025-4498567108
accepted
308213code-projects Simple Banking System Sign In buffer overflowVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4497567082
accepted
308212TOTOLINK T10/A3100R/A950RG/A800R/N600R/A3000RU/A810R cstecgi.cgi CloudACMunualUpdate buffer overflowVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4496567081
accepted
308209JAdmin-JAVA JAdmin save cross site scriptingVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4495566985
accepted
308208JAdmin-JAVA JAdmin Admin Backend NoNeedLoginController.java toLogin improper authenticationVulDBVulDB04/29/202505/09/202505/10/2025CVE-2025-4494566984
accepted
308207Campcodes Online Food Ordering System ticket-message.php sql injectionVulDBVulDB04/28/202505/09/202505/10/2025CVE-2025-4492566787
accepted
308206Campcodes Online Food Ordering System ticket-status.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4491566786
accepted
308205Campcodes Online Food Ordering System view-ticket-admin.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4490566785
accepted
308204Campcodes Online Food Ordering System user-router.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4489566784
accepted
308203itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4488566783
accepted
308202itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4487566782
accepted
308201itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4486566781
accepted
308200itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4485566780
accepted
308199itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4484566779
accepted
308198itsourcecode Gym Management System view_pdetails.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4483566778
accepted
308197Project Worlds Student Project Allocation System forgot_password_sql.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4482566719
accepted
308195SourceCodester Apartment Visitor Management System search-result.php sql injectionVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4481566671
accepted
308194code-projects Simple College Management System Add New Student input stack-based overflowVulDBVulDB04/28/202505/09/202505/09/2025CVE-2025-4480566525
accepted
308094code-projects Departmental Store Management System bill stack-based overflowVulDBVulDB04/28/202505/08/202505/08/2025CVE-2025-4472566516
accepted
308090code-projects Jewelery Store Management system Search Item View stack-based overflowVulDBVulDB04/27/202505/08/202505/10/2025CVE-2025-4471566273
accepted
308089SourceCodester Online Student Clearance System add-student.php cross site scriptingVulDBVulDB04/27/202505/08/202505/08/2025CVE-2025-4470566249
accepted
308088SourceCodester Online Student Clearance System add-admin.php cross site scriptingVulDBVulDB04/27/202505/08/202505/16/2025CVE-2025-4469566248
accepted
308087SourceCodester Online Student Clearance System edit-photo.php unrestricted uploadVulDBVulDB04/27/202505/08/202505/08/2025CVE-2025-4468566246
accepted
308086SourceCodester Online Student Clearance System edit-admin.php sql injectionVulDBVulDB04/27/202505/08/202505/15/2025CVE-2025-4467566245
accepted
308085itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/27/202505/08/202505/09/2025CVE-2025-4466566105
accepted
308084itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/27/202505/08/202505/09/2025CVE-2025-4465566104
accepted
308083itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/26/202505/08/202505/09/2025CVE-2025-4464565990
accepted
308082itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/26/202505/08/202505/09/2025CVE-2025-4463565984
accepted
308081TOTOLINK N150RT formWsc buffer overflowVulDBVulDB04/26/202505/08/202505/23/2025CVE-2025-4462565958
accepted
308080TOTOLINK N150RT Virtual Server Page cross site scriptingVulDBVulDB04/26/202505/08/202505/23/2025CVE-2025-4461565957
accepted
308079TOTOLINK N150RT URL Filtering Page cross site scriptingVulDBVulDB04/26/202505/08/202505/23/2025CVE-2025-4460565956
accepted
308078code-projects Patient Record Management System fecalysis_form.php sql injectionVulDBVulDB04/25/202505/08/202505/09/2025CVE-2025-4459565464
accepted
308077code-projects Patient Record Management System edit_upatient.php sql injectionVulDBVulDB04/25/202505/08/202505/09/2025CVE-2025-4458565463
accepted
308071Project Worlds Car Rental Project approve.php sql injectionVulDBVulDB04/25/202505/08/202505/09/2025CVE-2025-4457565445
accepted
308070Project Worlds Car Rental Project signup.php sql injectionVulDBVulDB04/25/202505/08/202505/09/2025CVE-2025-4456565441
accepted
308069Patch My PC Home Updater System.IO uncontrolled search pathVulDBVulDB04/19/202505/08/202505/09/2025CVE-2025-4455562440
accepted
308068D-Link DIR-619L wake_on_lan command injectionVulDBVulDB04/17/202505/08/202505/09/2025CVE-2025-4454560798
accepted
308067D-Link DIR-619L formSysCmd command injectionVulDBVulDB04/17/202505/08/202505/09/2025CVE-2025-4453560797
accepted
308066D-Link DIR-619L formSetWizard2 buffer overflowVulDBVulDB04/17/202505/08/202505/09/2025CVE-2025-4452560795
accepted
308065D-Link DIR-619L formSetWAN_Wizard52 buffer overflowVulDBVulDB04/17/202505/08/202505/09/2025CVE-2025-4451560793
accepted
308064D-Link DIR-619L formSetEasy_Wizard buffer overflowVulDBVulDB04/17/202505/08/202505/09/2025CVE-2025-4450560792
accepted
308063D-Link DIR-619L formEasySetupWizard3 buffer overflowVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4449558358
accepted
308062D-Link DIR-619L formEasySetupWizard buffer overflowVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4448558357
accepted
308056H3C GR-5400AX aspForm Edit_List_SSID buffer overflowVulDBVulDB04/18/202505/08/202505/09/2025CVE-2025-4446561866
accepted
308052D-Link DIR-605L wake_on_lan command injectionVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4445558356
accepted
308051D-Link DIR-605L sub_454F2C command injectionVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4443558355
accepted
308050D-Link DIR-605L formSetWAN_Wizard55 buffer overflowVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4442558352
accepted
308049D-Link DIR-605L formSetWAN_Wizard534 buffer overflowVulDBVulDB04/15/202505/08/202505/09/2025CVE-2025-4441558351
accepted
308048H3C GR-1800AX aspForm EnableIpv6 buffer overflowVulDBVulDB04/12/202505/08/202505/09/2025CVE-2025-4440557087
accepted
307488Tenda AC8 MtuSetMacWan formGetRouterStatus buffer overflowVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4368564812
accepted
307487itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4363564759
accepted
307486itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/24/202505/05/202505/29/2025CVE-2025-4362564758
accepted
307485PHPGurukul Company Visitor Management System department.php sql injectionVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4361564750
accepted
307478itsourcecode Gym Management System view_member.php sql injectionVulDBVulDB04/24/202505/05/202505/29/2025CVE-2025-4360564748
accepted
307477itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/24/202505/05/202505/29/2025CVE-2025-4359564746
accepted
307476PHPGurukul Company Visitor Management System admin-profile.php sql injectionVulDBVulDB04/24/202505/05/202505/15/2025CVE-2025-4358564733
accepted
307475Tenda RX3 telnet command injectionVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4357564727
accepted
307474Tenda DAP-1520 Authentication storage mod_graph_auth_uri_handler stack-based overflowVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4356564722
accepted
307473Tenda DAP-1520 api set_ws_action heap-based overflowVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4355564720
accepted
307472Tenda DAP-1520 storage check_dws_cookie stack-based overflowVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4354564719
accepted
307470Brilliance Golden Link Secondary System queryTsDictionaryType.htm sql injectionVulDBVulDB04/24/202505/05/202506/05/2025CVE-2025-4353564593
accepted
307469Brilliance Golden Link Secondary System tcEntrFlowSelect.htm sql injectionVulDBVulDB04/24/202505/05/202506/05/2025CVE-2025-4352564592
accepted
307468D-Link DIR-600L wake_on_lan command injectionVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4350558303
accepted
307467D-Link DIR-600L formSysCmd command injectionVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4349558302
accepted
307466D-Link DIR-600L formSetWanL2TP buffer overflowVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4348558301
accepted
307465D-Link DIR-600L formWlSiteSurvey buffer overflowVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4347558300
accepted
307464D-Link DIR-600L formSetWAN_Wizard534 buffer overflowVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4346558299
accepted
307463D-Link DIR-600L formSetLog buffer overflowVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4345558298
accepted
307462D-Link DIR-600L formEasySetupWizard buffer overflowVulDBVulDB04/15/202505/05/202505/05/2025CVE-2025-4343558296
accepted
307461D-Link DIR-600L formLogin buffer overflowVulDBVulDB04/15/202505/05/202505/12/2025CVE-2025-4344558297
accepted
307460D-Link DIR-600L formEasySetupWizard3 buffer overflowVulDBVulDB04/15/202505/05/202505/05/2025CVE-2025-4342558295
accepted
307459D-Link DIR-880L Request Header ssdpcgi sub_16570 command injectionVulDBVulDB04/11/202505/05/202505/05/2025CVE-2025-4341556433
accepted
307458D-Link DIR-890L/DIR-806A1 soap.cgi sub_175C8 command injectionVulDBVulDB04/10/202505/05/202505/05/2025CVE-2025-4340556092
accepted
307437feng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java uploadFile unrestricted uploadVulDBVulDB04/24/202505/05/202505/05/2025CVE-2025-4333564591
accepted
307436PHPGurukul Company Visitor Management System visitor-detail.php sql injectionVulDBVulDB04/23/202505/05/202506/05/2025CVE-2025-4332564339
accepted
307432SourceCodester Online Student Clearance System login.php sql injectionVulDBVulDB04/23/202505/05/202505/17/2025CVE-2025-4331564329
accepted
30743074CMS index path traversalVulDBVulDB04/23/202505/05/202506/13/2025CVE-2025-4329564318
accepted
307429fp2952 spring-cloud-base HTTP Header MvcController.java sendBack redirectVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4328564161
accepted
307428MRCMS cross-site request forgeryVulDBVulDB04/22/202505/05/202506/13/2025CVE-2025-4327563555
accepted
307427MRCMS Add Fragment Page add.do cross site scriptingVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4326563549
accepted
307426MRCMS Category Management Page add.do cross site scriptingVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4325563545
accepted
307425MRCMS External Link Management Page edit.do cross site scriptingVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4324563543
accepted
307424MRCMS Edit Article Page cross site scriptingVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4323563540
accepted
307417SourceCodester Advanced Web Store index.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4314564314
accepted
307416SourceCodester Advanced Web Store admin_addnew_product.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4313564311
accepted
307415SourceCodester Advanced Web Store productdetail.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4312564301
accepted
307414itsourcecode Content Management System update_main_topic_img.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4311564230
accepted
307413itsourcecode Content Management System add_topic.php unrestricted uploadVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4310564206
accepted
307412PHPGurukul Art Gallery Management System add-art-type.php sql injectionVulDBVulDB04/23/202505/05/202505/09/2025CVE-2025-4309564207
accepted
307411PHPGurukul Art Gallery Management System add-art-type.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4308564188
accepted
307410PHPGurukul Art Gallery Management System add-art-medium.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4307564179
accepted
307409PHPGurukul Nipah Virus Testing Management System edit-phlebotomist.php sql injectionVulDBVulDB04/23/202505/05/202505/05/2025CVE-2025-4306564120
accepted
307408kefaming mayi File.php upload unrestricted uploadVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4305563784
accepted
307407PHPGurukul Cyber Cafe Management System adminprofile.php sql injectionVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4304563723
accepted
307406PHPGurukul Human Metapneumovirus Testing Management System add-phlebotomist.php sql injectionVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4303563706
accepted
307405itsourcecode Content Management System search-notice.php sql injectionVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4301563625
accepted
307404itsourcecode Content Management System search_list.php sql injectionVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4300563623
accepted
307403Tenda AC1206 openSchedWifi setSchedWifi buffer overflowVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4299563558
accepted
307402Tenda AC1206 setcfm formSetCfm buffer overflowVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4298563557
accepted
307401PHPGurukul Men Salon Management System change-password.php sql injectionVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4297563548
accepted
307400MRCMS Group Edit Page edit.do cross site scriptingVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4293563534
accepted
307399MRCMS Edit User Page edit.do cross site scriptingVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4292563533
accepted
307398IdeaCMS saveUpload unrestricted uploadVulDBVulDB04/22/202505/05/202505/06/2025CVE-2025-4291563522
accepted
307397PCMan FTP Server SMNT Command buffer overflowVulDBVulDB04/17/202505/05/202505/06/2025CVE-2025-4290561628
accepted
307396PCMan FTP Server RNTO Command buffer overflowVulDBVulDB04/17/202505/05/202505/05/2025CVE-2025-4289561626
accepted
307395PCMan FTP Server RNFR Command buffer overflowVulDBVulDB04/17/202505/05/202505/05/2025CVE-2025-4288561625
accepted
307394PyTorch nccl.py torch.cuda.nccl.reduce denial of serviceVulDBVulDB04/08/202505/05/202505/05/2025CVE-2025-4287553644
accepted
307392Intelbras InControl Dispositivos Edição Page credentials storageVulDBVulDB01/16/202505/05/202505/05/2025CVE-2025-4286483834
accepted
307391SourceCodester/oretnom23 Stock Management System Login.php sql injectionVulDBVulDB04/21/202505/05/202505/05/2025CVE-2025-4283563175
accepted
307390SourceCodester/oretnom23 Stock Management System Users.php cross-site request forgeryVulDBVulDB04/21/202505/05/202505/05/2025CVE-2025-4282563102
accepted
307389Shenzhen Sixun Software Sixun Shanghui Group Business Management System LoadData information disclosureVulDBVulDB04/22/202505/05/202505/05/2025CVE-2025-4281563515
accepted
307376Mechrevo Control Console GCUService csCAPI.dll uncontrolled search pathVulDBVulDB04/22/202505/04/202505/05/2025CVE-2025-4272563468
accepted
307375TOTOLINK A720R cstecgi.cgi information disclosureVulDBVulDB04/22/202505/04/202505/05/2025CVE-2025-4271563444
accepted
307374TOTOLINK A720R Config cstecgi.cgi information disclosureVulDBVulDB04/22/202505/04/202505/05/2025CVE-2025-4270563442
accepted
307373TOTOLINK A720R Log cstecgi.cgi access controlVulDBVulDB04/22/202505/04/202505/05/2025CVE-2025-4269563430
accepted
307372TOTOLINK A720R cstecgi.cgi missing authenticationVulDBVulDB04/22/202505/04/202505/05/2025CVE-2025-4268563429
accepted
307371SourceCodester/oretnom23 Stock Management System Purchase Order Details Page view_po sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4267563231
accepted
307370PHPGurukul Notice Board System bwdates-reports-details.php sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4266563148
accepted
307369PHPGurukul Emergency Ambulance Hiring Portal contact-us.php sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4265562993
accepted
307368PHPGurukul Emergency Ambulance Hiring Portal edit-ambulance.php sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4264562992
accepted
307367PHPGurukul Online DJ Booking Management System booking-search.php sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4263562991
accepted
307366PHPGurukul Online DJ Booking Management System user-search.php sql injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4262562965
accepted
307365GAIR-NLP factool tool.py run_single code injectionVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4261562942
accepted
307364zhangyanbo2007 youkefu TemplateController.java impsave deserializationVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4260562902
accepted
307363newbee-mall UploadController.java upload unrestricted uploadVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4259562865
accepted
307362zhangyanbo2007 youkefu MediaController.java upload unrestricted uploadVulDBVulDB04/21/202505/04/202505/05/2025CVE-2025-4258562848
accepted
307361SeaCMS admin_pay.php cross site scriptingVulDBVulDB04/20/202505/04/202505/05/2025CVE-2025-4257562719
accepted
307360SeaCMS admin_paylog.php cross site scriptingVulDBVulDB04/20/202505/04/202506/13/2025CVE-2025-4256562718
accepted
307359PCMan FTP Server RMD Command buffer overflowVulDBVulDB04/17/202505/04/202506/26/2025CVE-2025-4255561623
accepted
307358PCMan FTP Server LIST Command buffer overflowVulDBVulDB04/17/202505/04/202505/05/2025CVE-2025-4254561611
accepted
307357PCMan FTP Server HASH Command buffer overflowVulDBVulDB04/17/202505/04/202505/05/2025CVE-2025-4253561609
accepted
307356PCMan FTP Server APPEND Command buffer overflowVulDBVulDB04/17/202505/04/202505/05/2025CVE-2025-4252561606
accepted
307355PCMan FTP Server RMDIR Command buffer overflowVulDBVulDB04/17/202505/04/202505/05/2025CVE-2025-4251561597
accepted
307347code-projects Nero Social Networking Site index.php sql injectionVulDBVulDB04/21/202505/03/202505/04/2025CVE-2025-4250562906
accepted
307346PHPGurukul e-Diary Management System manage-categories.php sql injectionVulDBVulDB04/21/202505/03/202505/04/2025CVE-2025-4249562836
accepted
307345SourceCodester Simple To-Do List System complete_task.php sql injectionVulDBVulDB04/20/202505/03/202505/04/2025CVE-2025-4248562700
accepted
307344SourceCodester Simple To-Do List System delete_task.php sql injectionVulDBVulDB04/20/202505/03/202505/04/2025CVE-2025-4247562699
accepted
307335code-projects Online Bus Reservation System seatlocation.php sql injectionVulDBVulDB04/20/202505/02/202505/03/2025CVE-2025-4244562691
accepted
307334code-projects Online Bus Reservation System print.php sql injectionVulDBVulDB04/20/202505/02/202505/03/2025CVE-2025-4243562690
accepted
307333PHPGurukul Online Birth Certificate System between-dates-report.php sql injectionVulDBVulDB04/20/202505/02/202505/09/2025CVE-2025-4242562624
accepted
307332PHPGurukul Teacher Subject Allocation Management System search.php sql injectionVulDBVulDB04/19/202505/02/202505/03/2025CVE-2025-4241562452
accepted
307331PCMan FTP Server LCD Command buffer overflowVulDBVulDB04/17/202505/02/202505/03/2025CVE-2025-4240561571
accepted
307330PCMan FTP Server TYPE Command buffer overflowVulDBVulDB04/17/202505/02/202505/03/2025CVE-2025-4239561562
accepted
307329PCMan FTP Server MGET Command buffer overflowVulDBVulDB04/17/202505/02/202505/03/2025CVE-2025-4238561561
accepted
307328PCMan FTP Server MDELETE Command buffer overflowVulDBVulDB04/17/202505/02/202505/03/2025CVE-2025-4237561536
accepted
307327PCMan FTP Server MDIR Command buffer overflowVulDBVulDB04/17/202505/02/202505/03/2025CVE-2025-4236561510
accepted
307323PHPGurukul/Campcodes Cyber Cafe Management System add-computer.php sql injectionVulDBVulDB04/19/202505/02/202505/30/2025CVE-2025-4226562409
accepted
307195handrew browserpilot gpt_selenium_agent.py GPTSeleniumAgent code injectionVulDBVulDB04/19/202505/02/202505/03/2025CVE-2025-4218562383
accepted
307194gorhill uBlock Origin UI 1p-filters.js currentStateChanged redosVulDBVulDB04/19/202505/02/202506/12/2025CVE-2025-4215562301
accepted
307193PHPGuruku Online DJ Booking Management System booking-bwdates-reports-details.php sql injectionVulDBVulDB04/19/202505/02/202505/29/2025CVE-2025-4214562295
accepted
307192PHPGurukul Online Birth Certificate System search.php sql injectionVulDBVulDB04/19/202505/02/202505/29/2025CVE-2025-4213562291
accepted
307180Casdoor SCIM User Creation Endpoint scim.go HandleScim authorizationVulDBVulDB04/11/202505/02/202505/02/2025CVE-2025-4210556201
accepted
306810code-projects Patient Record Management System edit_xpatient.php sql injectionVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4197561890
accepted
306809SourceCodester Patient Record Management System birthing.php sql injectionVulDBVulDB04/18/202505/01/202505/15/2025CVE-2025-4196561880
accepted
306808itsourcecode Gym Management System ajax.php sql injectionVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4195561876
accepted
306807itsourcecode Restaurant Management System category_save.php sql injectionVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4192561838
accepted
306806itsourcecode Restaurant Management System category_update.php sql injectionVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4193561849
accepted
306805PHPGurukul Employee Record Management System editmyeducation.php sql injectionVulDBVulDB04/18/202505/01/202506/06/2025CVE-2025-4191561816
accepted
306804Wangshen SecGate 3600 g=route_ispinfo_export_save path traversalVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4186561814
accepted
306803Wangshen SecGate 3600 g=obj_area_export_save path traversalVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4185561803
accepted
306802PCMan FTP Server QUOTE Command buffer overflowVulDBVulDB04/17/202505/01/202505/02/2025CVE-2025-4184561145
accepted
306801PCMan FTP Server RECV Command buffer overflowVulDBVulDB04/17/202505/01/202505/02/2025CVE-2025-4183561144
accepted
306800PCMan FTP Server BELL Command buffer overflowVulDBVulDB04/17/202505/01/202505/02/2025CVE-2025-4182561141
accepted
306799PCMan FTP Server SEND Command buffer overflowVulDBVulDB04/17/202505/01/202505/02/2025CVE-2025-4181561139
accepted
306798PCMan FTP Server TRACE Command buffer overflowVulDBVulDB04/17/202505/01/202505/02/2025CVE-2025-4180561035
accepted
306797xiaowei1118 java_server File Upload API FoodController.java path traversalVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4178561794
accepted
306796PHPGurukul Blood Bank & Donor Management System request-received-bydonar.php sql injectionVulDBVulDB04/18/202505/01/202505/02/2025CVE-2025-4176561764
accepted
306795AlanBinu007 Spring-Boot-Advanced-Projects Upload Profile API Endpoint UserProfileController.java uploadUserProfileImage path traversalVulDBVulDB04/18/202505/01/202505/10/2025CVE-2025-4175561760
accepted
306794PHPGurukul COVID19 Testing Management System login.php sql injectionVulDBVulDB04/18/202505/01/202505/09/2025CVE-2025-4174561746
accepted
306793SourceCodester Online Eyewear Shop Master.php delete_cart sql injectionVulDBVulDB04/18/202505/01/202505/01/2025CVE-2025-4173561737
accepted
306696PHPGurukul Employee Record Management System changepassword.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4164561140
accepted
306695PHPGurukul Land Record System aboutus.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4163560883
accepted
306694PCMan FTP Server ASCII Command buffer overflowVulDBVulDB04/17/202504/30/202506/24/2025CVE-2025-4162561034
accepted
306693PCMan FTP Server VERBOSE Command buffer overflowVulDBVulDB04/17/202504/30/202506/24/2025CVE-2025-4161561033
accepted
306692PCMan FTP Server LS Command buffer overflowVulDBVulDB04/17/202504/30/202506/24/2025CVE-2025-4160561030
accepted
306691PCMan FTP Server GLOB Command buffer overflowVulDBVulDB04/17/202504/30/202506/24/2025CVE-2025-4159561029
accepted
306690PCMan FTP Server PROMPT Command buffer overflowVulDBVulDB04/17/202504/30/202506/24/2025CVE-2025-4158561028
accepted
306689PHPGurukul Boat Booking System booking-details.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4157560863
accepted
306688PHPGurukul Boat Booking System change-image.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4156560856
accepted
306687PHPGurukul Boat Booking System edit-boat.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4155560853
accepted
306686PHPGurukul Pre-School Enrollment System enrollment-details.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4154560833
accepted
306685PHPGurukul Park Ticketing Management System profile.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4153560809
accepted
306684PHPGurukul Online Birth Certificate System bwdates-reports-details.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4152560808
accepted
306683PHPGurukul Curfew e-Pass Management System pass-bwdates-reports-details.php sql injectionVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4151560806
accepted
306682Netgear EX6200 sub_54340 buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4150560804
accepted
306681Netgear EX6200 sub_54014 buffer overflowVulDBVulDB04/17/202504/30/202505/19/2025CVE-2025-4149560803
accepted
306680Netgear EX6200 sub_503FC buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4148560802
accepted
306679Netgear EX6200 sub_47F7C buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4147560801
accepted
306678Netgear EX6200 sub_41940 buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4146560800
accepted
306677Netgear EX6200 sub_3D0BC buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4145560799
accepted
306634Netgear EX6200 sub_3C8EC buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4142560790
accepted
306633Netgear EX6200 sub_3C03C buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4141560789
accepted
306632Netgear EX6120 sub_30394 buffer overflowVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4140560788
accepted
306631Netgear EX6120 fwAcosCgiInbound buffer overflowVulDBVulDB04/17/202504/30/202506/23/2025CVE-2025-4139560785
accepted
306627Weitong Mall Sale Endpoint improper authorizationVulDBVulDB04/17/202504/30/202505/01/2025CVE-2025-4136560782
accepted
306626Netgear WG302v2 ui_get_input_value command injectionVulDBVulDB04/17/202504/30/202506/23/2025CVE-2025-4135560779
accepted
306604Weitong Mall Product Statistics queryTotal access controlVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4119560778
accepted
306603Weitong Mall Product History historyList access controlVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4118560777
accepted
306602Netgear JWNR2000v2 sub_435E04 command injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4122560776
accepted
306601Netgear JWNR2000v2 cmd_wireless command injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4121560775
accepted
306600Netgear JWNR2000v2 sub_4238E8 buffer overflowVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4120560774
accepted
306597Netgear JWNR2000v2 sub_41A914 buffer overflowVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4117560771
accepted
306596Netgear JWNR2000v2 get_cur_lang_ver buffer overflowVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4116560770
accepted
306595Netgear JWNR2000v2 default_version_is_new buffer overflowVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4115560769
accepted
306594Netgear JWNR2000v2 check_language_file buffer overflowVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4114560768
accepted
306593PHPGurukul Curfew e-Pass Management System edit-pass-detail.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4113560738
accepted
306592PHPGurukul Student Record System add-course.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4112560701
accepted
306591PHPGurukul Pre-School Enrollment System visitor-details.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4111560706
accepted
306590PHPGurukul Pre-School Enrollment System edit-teacher.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4110560703
accepted
306589PHPGurukul Pre-School Enrollment System edit-subadmin.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4109560700
accepted
306588PHPGurukul Student Record System add-subject.php sql injectionVulDBVulDB04/17/202504/30/202504/30/2025CVE-2025-4108560697
accepted
306517PHPGurukul Online Nurse Hiring System view-request.php sql injectionVulDBVulDB04/17/202504/29/202505/15/2025CVE-2025-4080560558
accepted
306516PCMan FTP Server RENAME Command buffer overflowVulDBVulDB04/17/202504/29/202504/29/2025CVE-2025-4079560541
accepted
306515Wangshen SecGate 3600 g=log_export_file path traversalVulDBVulDB04/17/202504/29/202504/29/2025CVE-2025-4078560540
accepted
306514code-projects School Billing System searchrec stack-based overflowVulDBVulDB04/17/202504/29/202505/15/2025CVE-2025-4077560534
accepted
306513LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4076560232
accepted
306512VMSMan login.php cross site scriptingVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4075560212
accepted
306511PHPGurukul Curfew e-Pass Management System pass-bwdates-report.php sql injectionVulDBVulDB04/16/202504/29/202505/09/2025CVE-2025-4074559983
accepted
306510PHPGurukul Student Record System change-password.php sql injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4073559947
accepted
306509PHPGurukul Online Nurse Hiring System edit-nurse.php sql injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4072559939
accepted
306508PHPGurukul COVID19 Testing Management System test-details.php sql injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4071559904
accepted
306507PHPGurukul Rail Pass Management System changeimage.php sql injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4070559620
accepted
306506code-projects Product Management System add_item stack-based overflowVulDBVulDB04/16/202504/29/202505/29/2025CVE-2025-4069559516
accepted
306505code-projects Simple Movie Ticket Booking System changeprize stack-based overflowVulDBVulDB04/16/202504/29/202505/29/2025CVE-2025-4068559479
accepted
306504ScriptAndTools Online-Travling-System viewpackage.php access controlVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4067559514
accepted
306503ScriptAndTools Online-Travling-System addpackage.php access controlVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4066559480
accepted
306502ScriptAndTools Online-Travling-System addadvertisement.php access controlVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4065559478
accepted
306501ScriptAndTools Online-Travling-System viewenquiry.php access controlVulDBVulDB04/16/202504/29/202505/02/2025CVE-2025-4064559467
accepted
306500code-projects Student Information Management System cancel stack-based overflowVulDBVulDB04/16/202504/29/202505/10/2025CVE-2025-4063559466
accepted
306499code-projects Theater Seat Booking System cancel stack-based overflowVulDBVulDB04/16/202504/29/202505/10/2025CVE-2025-4062559452
accepted
306498code-projects Clothing Store Management System add_item stack-based overflowVulDBVulDB04/16/202504/29/202505/10/2025CVE-2025-4061559447
accepted
306497PHPGurukul Notice Board System category.php sql injectionVulDBVulDB04/16/202504/29/202505/10/2025CVE-2025-4060559361
accepted
306496code-projects Prison Management System Prison_Mgmt_Sys addrecord stack-based overflowVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4059559359
accepted
306495Projectworlds Online Examination System Bloodgroop_process.php sql injectionVulDBVulDB04/16/202504/29/202504/29/2025CVE-2025-4058559354
accepted
306404PHPGurukul Rail Pass Management System search-pass.php sql injectionVulDBVulDB04/16/202504/28/202504/30/2025CVE-2025-4039559345
accepted
306403code-projects Train Ticket Reservation System reservation stack-based overflowVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4038559344
accepted
306402code-projects ATM Banking moneyWithdraw logic errorVulDBVulDB04/16/202504/28/202504/29/2025CVE-2025-4037559303
accepted
306401201206030 Novel Chapter AuthorController.java updateBookChapter access controlVulDBVulDB04/15/202504/28/202505/10/2025CVE-2025-4036558414
accepted
306397projectworlds Online Examination System inser_doc_process.php sql injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4034559297
accepted
306396PHPGurukul Nipah Virus Testing Management System patient-search-report.php sql injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4033559239
accepted
306395inclusionAI AWorld shell_tool.py subprocess.Popen os command injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4032559222
accepted
306394PHPGurukul Pre-School Enrollment System aboutus.php sql injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4031559221
accepted
306393PHPGurukul COVID19 Testing Management System search-report-result.php sql injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4030559199
accepted
306392code-projects Personal Diary Management System New Record addrecord stack-based overflowVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4029559198
accepted
306391PHPGurukul COVID19 Testing Management System profile.php sql injectionVulDBVulDB04/16/202504/28/202505/10/2025CVE-2025-4028559193
accepted
306390PHPGurukul Old Age Home Management System rules.php sql injectionVulDBVulDB04/16/202504/28/202504/28/2025CVE-2025-4027559159
accepted
306389PHPGurukul Nipah Virus Testing Management System profile.php sql injectionVulDBVulDB04/15/202504/28/202505/05/2025CVE-2025-4026558628
accepted
306379itsourcecode Placement Management System registration.php sql injectionVulDBVulDB04/15/202504/27/202504/27/2025CVE-2025-4025558621
accepted
306378itsourcecode Placement Management System add_drive.php sql injectionVulDBVulDB04/15/202504/27/202504/27/2025CVE-2025-4024558616
accepted
306377itsourcecode Placement Management System add_company.php sql injectionVulDBVulDB04/15/202504/27/202505/15/2025CVE-2025-4023558546
accepted
306376web-arena-x webarena evaluators.py HTMLContentEvaluator code injectionVulDBVulDB04/15/202504/27/202505/15/2025CVE-2025-4022558415
accepted
306375code-projects Patient Record Management System edit_spatient.php sql injectionVulDBVulDB04/15/202504/27/202505/15/2025CVE-2025-4021558402
accepted
306374PHPGurukul Old Age Home Management System contact.php sql injectionVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4020558365
accepted
30637220120630 Novel-Plus GeneratorController.java genCode missing authenticationVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4019558360
accepted
30637120120630 Novel-Plus CrawlController.java addCrawlSource missing authenticationVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4018558377
accepted
30637020120630 Novel-Plus LogController.java list improper authorizationVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4017558376
accepted
30636920120630 Novel-Plus LogController.java deleteIndex improper authorizationVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4016558375
accepted
30636820120630 Novel-Plus SessionController.java list missing authenticationVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4015558367
accepted
306367PHPGurukul Art Gallery Management System manage-art-medium.php sql injectionVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4014558350
accepted
306366PHPGurukul Art Gallery Management System aboutus.php sql injectionVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4013558348
accepted
306365playeduxyz PlayEdu 开源培训系统 User Avatar create server-side request forgeryVulDBVulDB04/15/202504/27/202505/13/2025CVE-2025-4012558283
accepted
306364Redmine Custom Query cross site scriptingVulDBVulDB04/15/202504/27/202504/28/2025CVE-2025-4011558240
accepted
306343Tenda W12/i24 httpd modules cgidhcpsCfgSet stack-based overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4007558165
accepted
306342youyiio BeyongCms Document Management Page Upload.html unrestricted uploadVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4006558152
accepted
306341PHPGurukul COVID19 Testing Management System patient-report.php sql injectionVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4005558126
accepted
306340PHPGurukul COVID19 Testing Management System password-recovery.php sql injectionVulDBVulDB04/15/202504/26/202505/02/2025CVE-2025-4004558125
accepted
306339RefindPlusRepo RefindPlus RP_ApfsIo.c InternalApfsTranslateBlock null pointer dereferenceVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4003558123
accepted
306338RefindPlusRepo RefindPlus BootLog.c GetDebugLogFile null pointer dereferenceVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4002558122
accepted
306337scipopt scip File Descriptor genRandomLOPInstance.c main file descriptor consumptionVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4001558121
accepted
306336Seeyon Zhiyuan OA Web Application System ssoproxy.jsp cross site scriptingVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-4000558067
accepted
306335Seeyon Zhiyuan OA Web Application System URL Parameter date.jsp cross site scriptingVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3999557987
accepted
306334CodeAstro Membership Management System renew.php sql injectionVulDBVulDB04/15/202504/26/202505/15/2025CVE-2025-3998557972
accepted
306333dazhouda lecms Personal Information Page index.php cross-site request forgeryVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3997557956
accepted
306332TOTOLINK N150RT MAC Filtering Page home.htm cross site scriptingVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3996557947
accepted
306331TOTOLINK N150RT LAN Settings Page fromStaticDHCP cross site scriptingVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3995557946
accepted
306330TOTOLINK N150RT IP Port Filtering home.htm cross site scriptingVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3994557945
accepted
306329TOTOLINK N150RT formWsc buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3993557944
accepted
306328TOTOLINK N150RT formWlwds buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3992557943
accepted
306327TOTOLINK N150RT formWdsEncrypt buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3991557942
accepted
306326TOTOLINK N150RT formVlan buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3990557941
accepted
306325TOTOLINK N150RT formStaticDHCP buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3989557940
accepted
306324TOTOLINK N150RT formPortFw buffer overflowVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3988557939
accepted
306323TOTOLINK N150RT formWsc command injectionVulDBVulDB04/15/202504/26/202504/28/2025CVE-2025-3987557938
accepted
306322Apereo CAS CasConfigurationMetadataServerController.java redosVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3986557473
accepted
306321Apereo CAS ResponseEntity redosVulDBVulDB04/12/202504/26/202504/27/2025CVE-2025-3985557110
accepted
306320Apereo CAS Groovy Code RegisteredServiceSimpleFormController.java saveService code injectionVulDBVulDB04/12/202504/26/202504/27/2025CVE-2025-3984557100
accepted
306319AMTT Hotel Broadband Operation System nlog_down.php command injectionVulDBVulDB04/11/202504/26/202505/02/2025CVE-2025-3983556223
accepted
306318nortikin Sverchok Set Property Mk2 Node getsetprop_mk2.py SvSetPropNodeMK2 prototype pollutionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3982557411
accepted
306317wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System details improper authorizationVulDBVulDB04/26/202505/13/2025CVE-2025-3981
 
accepted
306316wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System list improper authorizationVulDBVulDB04/15/202504/26/202505/13/2025CVE-2025-3980557930
accepted
306315dazhouda lecms Password Change index.php cross-site request forgeryVulDBVulDB04/14/202504/26/202504/28/2025CVE-2025-3979557787
accepted
306314dazhouda lecms user_set.htm information disclosureVulDBVulDB04/14/202504/26/202504/28/2025CVE-2025-3978557748
accepted
306313iteachyou Dreamer CMS Attachment download improper authorizationVulDBVulDB04/14/202504/26/202504/28/2025CVE-2025-3977557639
accepted
306312PHPGurukul COVID19 Testing Management System new-user-testing.php sql injectionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3976557472
accepted
306311ScriptAndTools eCommerce-website-in-PHP subscriber-csv.php information disclosureVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3975557414
accepted
306310PHPGurukul COVID19 Testing Management System edit-phlebotomist.php sql injectionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3974557394
accepted
306309PHPGurukul COVID19 Testing Management System check_availability.php sql injectionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3973557393
accepted
306308PHPGurukul COVID19 Testing Management System bwdates-report-result.php sql injectionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3972557392
accepted
306307PHPGurukul COVID19 Testing Management System add-phlebotomist.php sql injectionVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3971557391
accepted
306306baseweb JSite save cross site scriptingVulDBVulDB04/14/202504/26/202504/27/2025CVE-2025-3970557385
accepted
306305codeprojects News Publishing Site Dashboard Edit Category Page edit-category.php unrestricted uploadVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3969557287
accepted
306304codeprojects News Publishing Site Dashboard api.php sql injectionVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3968557286
accepted
306303itwanger paicoding Article post improper authorizationVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3967557251
accepted
306302itwanger paicoding Browsing History home information disclosureVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3966557250
accepted
306301itwanger paicoding post cross site scriptingVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3965557249
accepted
306300withstars Books-Management-System Article del cross-site request forgeryVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3964557239
accepted
306299withstars Books-Management-System Background Interface list authorizationVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3963557237
accepted
306298withstars Books-Management-System Comment add cross site scriptingVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3962557236
accepted
306297withstars Books-Management-System do cross site scriptingVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3961557231
accepted
306296withstars Books-Management-System Background Interface allreaders.html authorizationVulDBVulDB04/13/202504/26/202504/27/2025CVE-2025-3960557230
accepted
306295withstars Books-Management-System reader_delete.html cross-site request forgeryVulDBVulDB04/12/202504/26/202504/27/2025CVE-2025-3959557147
accepted
306294withstars Books-Management-System Book Edit Page book_edit_do.html cross site scriptingVulDBVulDB04/12/202504/26/202504/29/2025CVE-2025-3958557146
accepted
306293opplus springboot-admin SysLogDao.xml sql injectionVulDBVulDB04/12/202504/26/202504/29/2025CVE-2025-3957557131
accepted
306292201206030 novel-cloud BookInfoMapper.xml RestResp sql injectionVulDBVulDB04/12/202504/26/202504/27/2025CVE-2025-3956557055
accepted
306291codeprojects Patient Record Management System edit_rpatient.php.php sql injectionVulDBVulDB04/12/202504/26/202504/27/2025CVE-2025-3955557036
accepted
306290ChurchCRM Referer server-side request forgeryVulDBVulDB04/10/202504/26/202504/28/2025CVE-2025-3954555938
accepted
306288GL.iNet GL-A1300 Slate Plus RPC plugins.so buffer overflowVulDBVulDB04/26/202504/26/2025CVE-2025-2851
 
accepted
306287GL.iNet GL-A1300 Slate Plus Download Interface improper authorizationVulDBVulDB04/26/202504/26/2025CVE-2025-2850
 
accepted
306286GL.iNet GL-A1300 Slate Plus API redosVulDBVulDB03/21/202504/26/202504/26/2025CVE-2025-2811524459
accepted
305781xxyopen Novel-Plus searchByPage sql injectionVulDBVulDB04/12/202504/21/202504/22/2025CVE-2025-3856557011
accepted
305780CodeCanyon RISE Ultimate Project Manager Profile Picture save_profile_image resource injectionVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3855556871
accepted
305778H3C GR-3000AX HTTP POST Request aspForm Edit_List_SSID buffer overflowVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3854556614
accepted
305777YXJ2018 SpringBoot-Vue-OnlineExam API improper authenticationVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3850556284
accepted
305776YXJ2018 SpringBoot-Vue-OnlineExam studentPWD unverified password changeVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3849556283
accepted
305775markparticle WebServer Login httprequest.cpp sql injectionVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3847556275
accepted
305774markparticle WebServer Registration httprequest.cpp sql injectionVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3846556274
accepted
305773markparticle WebServer buffer.cpp HasWritten buffer overflowVulDBVulDB04/11/202504/21/202504/22/2025CVE-2025-3845556273
accepted
305772panhainan DS-Java cross-site request forgeryVulDBVulDB04/10/202504/21/202504/22/2025CVE-2025-3843556136
accepted
305771panhainan DS-Java FileUpload.java uploadUserPic.action code injectionVulDBVulDB04/10/202504/21/202504/21/2025CVE-2025-3842556135
accepted
305769wix-incubator jam Jinja2 Template jam.py special elements used in a template engineVulDBVulDB04/10/202504/21/202506/23/2025CVE-2025-3841555905
accepted
305737kuangstudy KuangSimpleBBS QuestionController.java fileUpload unrestricted uploadVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3830556133
accepted
305736PHPGurukul Men Salon Management System sales-reports-detail.php sql injectionVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3829555930
accepted
305735PHPGurukul Men Salon Management System view-appointment.php sql injectionVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3828555929
accepted
305734PHPGurukul Men Salon Management System forgot-password.php sql injectionVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3827555928
accepted
305733SourceCodester Web-based Pharmacy Product Management System add-supplier.php cross site scriptingVulDBVulDB04/19/202504/20/2025CVE-2025-3826
 
accepted
305732SourceCodester Web-based Pharmacy Product Management System add-category.php cross site scriptingVulDBVulDB04/19/202504/20/2025CVE-2025-3825
 
accepted
305731SourceCodester Web-based Pharmacy Product Management System add-product.php cross site scriptingVulDBVulDB04/19/202504/20/2025CVE-2025-3824
 
accepted
305730SourceCodester Web-based Pharmacy Product Management System add-stock.php cross site scriptingVulDBVulDB04/19/202504/20/2025CVE-2025-3823
 
accepted
305729SourceCodester Web-based Pharmacy Product Management System changepassword.php cross site scriptingVulDBVulDB04/19/202504/20/2025CVE-2025-3822
 
accepted
305728SourceCodester Web-based Pharmacy Product Management System add-admin.php cross site scriptingVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3821555918
accepted
305726Tenda W12/i24 httpd cgiSysUplinkCheckSet stack-based overflowVulDBVulDB04/10/202504/19/202504/20/2025CVE-2025-3820555728
accepted
305725PHPGurukul Men Salon Management System search-appointment.php sql injectionVulDBVulDB04/10/202504/19/202505/14/2025CVE-2025-3819555687
accepted
305724webpy web.py db.py PostgresDB._process_insert_query sql injectionVulDBVulDB04/10/202504/19/202505/29/2025CVE-2025-3818555649
accepted
305723SourceCodester Online Eyewear Shop Master.php sql injectionVulDBVulDB04/10/202504/19/202505/15/2025CVE-2025-3817555607
accepted
305722westboy CicadasCMS Scheduled Task save os command injectionVulDBVulDB04/10/202504/19/202504/19/2025CVE-2025-3816555555
accepted
305662zhenfeng13 My-BBS cross-site request forgeryVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3808555259
accepted
305661zhenfeng13 My-BBS Endpoint UploadController.java upload unrestricted uploadVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3807555258
accepted
305660dazhouda lecms Edit Profile admin cross site scriptingVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3806554977
accepted
305659sarrionandia tournatrack Jinja2 Template check_id.py injectionVulDBVulDB04/09/202504/18/202504/21/2025CVE-2025-3805554781
accepted
305658thautwarm vscode-diana Jinja2 Template Gen.py injectionVulDBVulDB04/09/202504/18/202504/21/2025CVE-2025-3804554779
accepted
305657Tenda W12/i24 httpd cgiSysScheduleRebootSet stack-based overflowVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3803554756
accepted
305656Tenda W12/i24 httpd cgiPingSet stack-based overflowVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3802554746
accepted
305655songquanpeng one-api System Setting cross site scriptingVulDBVulDB04/09/202504/18/202504/21/2025CVE-2025-3801554702
accepted
305653WCMS AnonymousController.php sql injectionVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3800554698
accepted
305652WCMS AnonymousController.php sql injectionVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3799554697
accepted
305651WCMS Advertisement Image AdvadminController.php sub unrestricted uploadVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3798554696
accepted
305650SeaCMS admin_topic.php sql injectionVulDBVulDB04/09/202504/18/202504/19/2025CVE-2025-3797554660
accepted
305649PHPGurukul Men Salon Management System contact-us.php sql injectionVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3796554659
accepted
305648DaiCuo SEO Optimization Settings Section cross site scriptingVulDBVulDB04/09/202504/18/202506/23/2025CVE-2025-3795554639
accepted
305615SeaCMS admin_link.php sql injectionVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3792554592
accepted
305614symisc UnQLite unqlite.c jx9MemObjStore heap-based overflowVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3791554574
accepted
305613baseweb JSite Apache Druid Monitoring Console index.html access controlVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3790554572
accepted
305612baseweb JSite save cross site scriptingVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3789554566
accepted
305611baseweb JSite save cross site scriptingVulDBVulDB04/09/202504/18/202504/18/2025CVE-2025-3788554565
accepted
305610PbootCMS Image server-side request forgeryVulDBVulDB04/08/202504/18/202504/18/2025CVE-2025-3787553731
accepted
305609Tenda AC15 WifiExtraSet fromSetWirelessRepeat buffer overflowVulDBVulDB04/08/202504/18/202504/18/2025CVE-2025-3786553703
accepted
305608D-Link DWR-M961 Authorization Interface formStaticDHCP stack-based overflowVulDBVulDB04/08/202504/18/202504/18/2025CVE-2025-3785553547
accepted
305605SourceCodester Web-based Pharmacy Product Management System add-product.php unrestricted uploadVulDBVulDB04/08/202504/18/202504/18/2025CVE-2025-3783553723
accepted
305399SourceCodester Web-based Pharmacy Product Management System edit-photo.php unrestricted uploadVulDBVulDB04/08/202504/17/202505/15/2025CVE-2025-3765553722
accepted
305398SourceCodester Web-based Pharmacy Product Management System edit-product.php unrestricted uploadVulDBVulDB04/08/202504/17/202505/15/2025CVE-2025-3764553721
accepted
305397SourceCodester Phone Management System Password main buffer overflowVulDBVulDB04/08/202504/17/202504/19/2025CVE-2025-3763553650
accepted
305396PCMan FTP Server MPUT Command buffer overflowVulDBVulDB04/08/202504/17/202504/17/2025CVE-2025-3762553567
accepted
305076PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of service [Disputed]VulDBVulDB04/08/202504/16/202505/29/2025CVE-2025-3730553645
accepted
305075SourceCodester Web-based Pharmacy Product Management System Database Backup backup.php os command injectionVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3729553631
accepted
305074SourceCodester Simple Hotel Booking System login buffer overflowVulDBVulDB04/08/202504/16/202505/29/2025CVE-2025-3728553627
accepted
305073PCMan FTP Server STATUS Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3727552816
accepted
305072PCMan FTP Server CD Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3726552815
accepted
305071PCMan FTP Server MIC Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3725552814
accepted
305070PCMan FTP Server DIR Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3724552808
accepted
305069PCMan FTP Server MDTM Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3723552796
accepted
304985SourceCodester Web-based Pharmacy Product Management System edit-product.php sql injectionVulDBVulDB04/08/202504/16/202505/15/2025CVE-2025-3697553624
accepted
304984SourceCodester Web-based Pharmacy Product Management System search_stock. php sql injectionVulDBVulDB04/08/202504/16/202505/15/2025CVE-2025-3696553579
accepted
304983SourceCodester Web-based Pharmacy Product Management System Login sql injectionVulDBVulDB04/08/202504/16/202505/15/2025CVE-2025-3694553568
accepted
304982Tenda W12 httpd cgiWifiRadioSet stack-based overflowVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3693553526
accepted
304981SourceCodester Online Eyewear Shop Master.php cross site scriptingVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3692553520
accepted
304980mirweiye Seven Bears Library CMS Add Link server-side request forgeryVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3691553507
accepted
304979PHPGurukul Men Salon Management System edit-services.php sql injectionVulDBVulDB04/08/202504/16/202504/24/2025CVE-2025-3690553501
accepted
304978PHPGurukul Men Salon Management System edit-customer-detailed.php sql injectionVulDBVulDB04/08/202504/16/202505/29/2025CVE-2025-3689553500
accepted
304977mirweiye Seven Bears Library CMS Background Management Page cross site scriptingVulDBVulDB04/08/202504/16/202504/16/2025CVE-2025-3688553486
accepted
304976misstt123 oasys Sticky Notes cross-site request forgeryVulDBVulDB04/08/202504/16/202506/25/2025CVE-2025-3687553429
accepted
304975misstt123 oasys show image path traversalVulDBVulDB04/08/202504/16/202506/25/2025CVE-2025-3686553372
accepted
304974code-projects Patient Record Management System edit_fpatient.php sql injectionVulDBVulDB04/08/202504/16/202505/29/2025CVE-2025-3685553346
accepted
304973Xianqi Kindergarten Management System Child Management stu_list.php sql injectionVulDBVulDB04/08/202504/16/202504/24/2025CVE-2025-3684553239
accepted
304972PCMan FTP Server SIZE Command buffer overflowVulDBVulDB04/07/202504/16/202504/16/2025CVE-2025-3683552791
accepted
304971PCMan FTP Server PASV Command buffer overflowVulDBVulDB04/07/202504/16/202504/16/2025CVE-2025-3682552790
accepted
304970PCMan FTP Server MODE Command buffer overflowVulDBVulDB04/07/202504/16/202504/16/2025CVE-2025-3681552789
accepted
304969PCMan FTP Server LANG Command buffer overflowVulDBVulDB04/07/202504/16/202504/16/2025CVE-2025-3680552788
accepted
304968PCMan FTP Server HOST Command buffer overflowVulDBVulDB04/07/202504/16/202504/16/2025CVE-2025-3679552787
accepted
304967PCMan FTP Server HELP Command buffer overflowVulDBVulDB04/07/202504/16/202505/13/2025CVE-2025-3678552780
accepted
304966lm-sys fastchat apply_delta.py apply_delta_low_cpu_mem deserializationVulDBVulDB04/07/202504/16/202504/21/2025CVE-2025-3677552755
accepted
304965xxyopen Novel-Plus books sql injectionVulDBVulDB04/05/202504/16/202504/16/2025CVE-2025-3676551950
accepted
304964TOTOLINK A3700R cstecgi.cgi setL2tpServerCfg access controlVulDBVulDB04/04/202504/16/202504/16/2025CVE-2025-3675551304
accepted
304963TOTOLINK A3700R cstecgi.cgi setUrlFilterRules access controlVulDBVulDB04/04/202504/16/202504/16/2025CVE-2025-3674551302
accepted
304846TOTOLINK A3700R cstecgi.cgi setScheduleCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3668551300
accepted
304845TOTOLINK A3700R cstecgi.cgi setUPnPCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3667551299
accepted
304844TOTOLINK A3700R cstecgi.cgi setDdnsCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3666551298
accepted
304843TOTOLINK A3700R cstecgi.cgi setSmartQosCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3665551297
accepted
304842TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3664551296
accepted
304841TOTOLINK A3700R Password cstecgi.cgi setWiFiEasyGuestCfg access controlVulDBVulDB04/04/202504/15/202504/16/2025CVE-2025-3663551295
accepted
304679Xorbits Inference model.py load deserializationVulDBVulDB04/06/202504/15/202504/21/2025CVE-2025-3622552245
accepted
304672Demtec Graphytics visualization cross site scriptingVulDBVulDB04/04/202504/14/202504/15/2025CVE-2025-3613551172
accepted
304671Demtec Graphytics HTTP GET Parameter visualization cross site scriptingVulDBVulDB04/04/202504/14/202504/15/2025CVE-2025-3612551123
accepted
304648ZHENFENG13/code-projects My-Blog-layui authorImg upload unrestricted uploadVulDBVulDB04/04/202504/14/202504/15/2025CVE-2025-3593550912
accepted
304647ZHENFENG13/code-projects My-Blog-layui edit cross site scriptingVulDBVulDB04/04/202504/14/202504/15/2025CVE-2025-3592550910
accepted
304646ZHENFENG13/code-projects My-Blog-layui edit cross site scriptingVulDBVulDB04/04/202504/14/202504/15/2025CVE-2025-3591550909
accepted
304645Adianti Framework deserializationVulDBVulDB04/03/202504/14/202504/15/2025CVE-2025-3590550296
accepted
304644SourceCodester Music Class Enrollment System manage_class.php sql injectionVulDBVulDB04/03/202504/14/202504/15/2025CVE-2025-3589550267
accepted
304643joelittlejohn jsonschema2pojo JSON File SchemaRule.java apply stack-based overflowVulDBVulDB04/03/202504/14/202504/15/2025CVE-2025-3588550136
accepted
304642ZeroWdd/code-projects studentmanager getTeacherList improper authorizationVulDBVulDB04/03/202504/14/202506/06/2025CVE-2025-3587550129
accepted
304641westboy CicadasCMS JSP Parser upload unrestricted uploadVulDBVulDB04/03/202504/14/202504/14/2025CVE-2025-3585549981
accepted
304612Fannuo Enterprise Content Management System 凡诺企业网站管理系统 cms_chip.php sql injectionVulDBVulDB04/03/202504/14/202504/14/2025CVE-2025-3571549927
accepted
304611JamesZBL/code-projects db-hospital-drug ContentController.java save cross site scriptingVulDBVulDB04/03/202504/14/202506/26/2025CVE-2025-3570549923
accepted
304610JamesZBL/code-projects db-hospital-drug ShiroConfig.java improper authorizationVulDBVulDB04/03/202504/14/202504/14/2025CVE-2025-3569549920
accepted
304609Webkul Krayin CRM SVG File edit cross site scriptingVulDBVulDB04/02/202504/14/202506/26/2025CVE-2025-3568549591
accepted
304608veal98 小牛肉 Echo 开源社区系统 Ticket LoginTicketInterceptor.java preHandle improper authorizationVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3567549537
accepted
304607veal98 小牛肉 Echo 开源社区系统 uploadMdPic unrestricted uploadVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3566549509
accepted
304606huanfenz/code-projects StudentManager Announcement Management Section uploadArticle.do unrestricted uploadVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3565549316
accepted
304605huanfenz/code-projects StudentManager Teacher String improper authorizationVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3564549309
accepted
304604WuzhiCMS Setting index.php set code injectionVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3563549270
accepted
304603Yonyou YonBIP userfile FileInputStream path traversalVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3562549269
accepted
304602ghostxbh uzy-ssm-mall cross-site request forgeryVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3561549268
accepted
304601ghostxbh uzy-ssm-mall product cross site scriptingVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3560549261
accepted
304600ghostxbh uzy-ssm-mall 20 ForeProductListController sql injectionVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3559549260
accepted
304599ghostxbh uzy-ssm-mall uploadUserHeadImage unrestricted uploadVulDBVulDB04/02/202504/14/202504/14/2025CVE-2025-3558549259
accepted
304598ScriptAndTools eCommerce-website-in-PHP cross-site request forgeryVulDBVulDB04/04/202504/14/202504/19/2025CVE-2025-3557551053
accepted
304597ScriptAndTools eCommerce-website-in-PHP login.php excessive authenticationVulDBVulDB04/02/202504/14/202504/16/2025CVE-2025-3556549187
accepted
304596ScriptAndTools eCommerce-website-in-PHP login.php excessive authenticationVulDBVulDB04/02/202504/14/202504/16/2025CVE-2025-3555549168
accepted
304595phpshe api.php cross site scriptingVulDBVulDB04/01/202504/14/202504/14/2025CVE-2025-3554548411
accepted
304594phpshe admin.php pe_delete sql injectionVulDBVulDB04/01/202504/14/202504/14/2025CVE-2025-3553548265
accepted
304593Lingxing ERP UploadAjax.ashx unrestricted upload [False-Positive]VulDBVulDB04/01/202504/14/202505/05/2025CVE-2025-3552547881revoked
304592Lingxing ERP FileUpload.ashx DoUpload unrestricted upload [False-Positive]VulDBVulDB04/01/202504/14/202505/05/2025CVE-2025-3551547878revoked
304591wowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System detail improper authorizationVulDBVulDB04/01/202504/13/202504/14/2025CVE-2025-3550547789
accepted
304590Open Asset Import Library Assimp File MD3Loader.cpp ValidateSurfaceHeaderOffsets heap-based overflowVulDBVulDB03/31/202504/13/202504/14/2025CVE-2025-3549546414
accepted
304589Open Asset Import Library Assimp File types.h Set heap-based overflowVulDBVulDB03/31/202504/13/202505/14/2025CVE-2025-3548546413
accepted
304588frdel Agent-Zero get_work_dir_files path traversalVulDBVulDB03/30/202504/13/202504/14/2025CVE-2025-3547546220
accepted
304585H3C Magic BE18000 HTTP POST Request getLanguage FCGI_CheckStringIfContainsSemicolon command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3546524745
accepted
304584H3C Magic BE18000 HTTP POST Request setLanguage FCGI_CheckStringIfContainsSemicolon command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3545524744
accepted
304583H3C Magic BE18000 HTTP POST Request getCapabilityWeb FCGI_CheckStringIfContainsSemicolon command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3544524743
accepted
304582H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request setsyncpppoecfg FCGI_WizardProtoProcess command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3543524739
accepted
304581H3C Magic NX15/Magic NX400/Magic R3010 HTTP POST Request getsyncpppoecfg FCGI_WizardProtoProcess command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3542524738
accepted
304580H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getSpecs FCGI_WizardProtoProcess command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3541524737
accepted
304579H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getCapability FCGI_WizardProtoProcess command injectionVulDBVulDB03/21/202504/13/202504/14/2025CVE-2025-3540524734
accepted
304578H3C Magic BE18000 HTTP POST Request getBasicInfo FCGI_CheckStringIfContainsSemicolon command injectionVulDBVulDB03/17/202504/13/202504/14/2025CVE-2025-3539521814
accepted
304577D-Link DI-8100 jhttpd auth.asp auth_asp stack-based overflowVulDBVulDB03/20/202504/13/202504/13/2025CVE-2025-3538524224
accepted
304575Tutorials-Website Employee Management System update-user.php improper authorizationVulDBVulDB03/29/202504/12/202506/06/2025CVE-2025-3537545859
accepted
304574Tutorials-Website Employee Management System delete-user.php improper authorizationVulDBVulDB03/29/202504/12/202506/06/2025CVE-2025-3536545810
accepted
304573shuanx BurpAPIFinder BurpApiFinder.db denial of serviceVulDBVulDB03/28/202504/12/202504/13/2025CVE-2025-3535545457
accepted
304572PowerCreator CMS OpenPublicCourse.aspx sql injectionVulDBVulDB03/26/202504/12/202504/13/2025CVE-2025-3534543120
accepted
304571YouDianCMS index.html.Attackers cross site scriptingVulDBVulDB03/26/202504/12/202506/27/2025CVE-2025-3533543083
accepted
304570YouDianCMS index.html.Attackers cross site scriptingVulDBVulDB03/26/202504/12/202506/27/2025CVE-2025-3532543082
accepted
304569YouDianCMS index.html cross site scriptingVulDBVulDB03/26/202504/12/202506/27/2025CVE-2025-3531543080
accepted
304298Nababur Simple-User-Management-System register.php cross site scriptingVulDBVulDB03/28/202504/10/202504/10/2025CVE-2025-3489545504
accepted
303691opplus springboot-admin SysGeneratorController.java code deserializationVulDBVulDB03/28/202504/07/202504/07/2025CVE-2025-3413545374
accepted
303690mymagicpower AIAS InferController.java server-side request forgeryVulDBVulDB03/27/202504/07/202504/07/2025CVE-2025-3412544289
accepted
303689mymagicpower AIAS AsrController.java server-side request forgeryVulDBVulDB03/27/202504/07/202504/07/2025CVE-2025-3411544288
accepted
303688mymagicpower AIAS LocalStorageController.java unrestricted uploadVulDBVulDB03/27/202504/07/202504/07/2025CVE-2025-3410544243
accepted
303687Nothings stb stb_include_string stack-based overflowVulDBVulDB03/27/202504/07/202504/07/2025CVE-2025-3409544231
accepted
303686Nothings stb stb_dupreplace integer overflowVulDBVulDB03/27/202504/07/202504/08/2025CVE-2025-3408544230
accepted
303685Nothings stb stbhw_build_tileset_from_image out-of-boundsVulDBVulDB03/27/202504/07/202504/08/2025CVE-2025-3407544227
accepted
303684Nothings stb Header Array stbhw_build_tileset_from_image out-of-boundsVulDBVulDB03/27/202504/07/202504/08/2025CVE-2025-3406544226
accepted
303649FCJ Venture Builder appclientefiel HTTP GET Request ObterPedido resource injectionVulDBVulDB03/27/202504/07/202504/08/2025CVE-2025-3405544136
accepted
303648Vivotek NVR ND8422P/NVR ND9525P/NVR ND9541P HTML Form sensitive information in sourceVulDBVulDB03/26/202504/07/202504/08/2025CVE-2025-3403543589
accepted
303647Seeyon Zhiyuan Interconnect FE Collaborative Office Platform check.js%70 sql injectionVulDBVulDB03/25/202504/07/202504/08/2025CVE-2025-3402542343
accepted
303646ESAFENET CDG getLimitIPList.jsp sql injectionVulDBVulDB03/24/202504/07/202504/08/2025CVE-2025-3401525612
accepted
303645ESAFENET CDG UnChkMailApplication.jsp sql injectionVulDBVulDB03/24/202504/07/202504/08/2025CVE-2025-3400525611
accepted
303644ESAFENET CDG updateNotice.jsp sql injectionVulDBVulDB03/24/202504/07/202504/08/2025CVE-2025-3399525610
accepted
303643lenve VBlog WebSecurityConfig.java configure access controlVulDBVulDB03/24/202504/07/202504/08/2025CVE-2025-3398525609
accepted
303642YzmCMS message.tpl cross site scriptingVulDBVulDB03/22/202504/07/202504/08/2025CVE-2025-3397525203
accepted
303639mrcen springboot-ucan-admin Personal Settings Interface index cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3393
 
accepted
303638hailey888 oa_system Backend MailController.java save cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3392
 
accepted
303637hailey888 oa_system Backend AddrController. java outAddress cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3391
 
accepted
303636hailey888 oa_system Backend DaymanageController.java addandchangeday cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3390
 
accepted
303635hailey888 oa_system Backend InformManageController.java testMess cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3389
 
accepted
303634hailey888 oa_system Frontend LoginsController.java loginCheck cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3388
 
accepted
303633renrenio renren-security JSON cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3387
 
accepted
303632LinZhaoguan pb-cms Friendship Link admin#links cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3386
 
accepted
303631LinZhaoguan pb-cms Classification Management Page cross site scriptingVulDBVulDB04/07/202504/08/2025CVE-2025-3385
 
accepted
3036301000 Projects Human Resource Management System employee.php sql injectionVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3384552447
accepted
303629SourceCodester Web-based Pharmacy Product Management System search_sales.php sql injectionVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3383552388
accepted
303628joey-zhou xiaozhi-esp32-server-java update sql injectionVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3382552387
accepted
303627zhangyanbo2007 youkefu File Upload WebIMController.java path traversalVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3381552369
accepted
303626PCMan FTP Server FEAT Command buffer overflowVulDBVulDB04/07/202504/07/202504/23/2025CVE-2025-3380552342
accepted
303625PCMan FTP Server EPSV Command buffer overflowVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3379552341
accepted
303624PCMan FTP Server EPRT Command buffer overflowVulDBVulDB04/07/202504/07/202504/24/2025CVE-2025-3378552340
accepted
303623PCMan FTP Server ENC Command buffer overflowVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3377552339
accepted
303622PCMan FTP Server CONF Command buffer overflowVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3376552338
accepted
303621PCMan FTP Server CDUP Command buffer overflowVulDBVulDB04/07/202504/07/202504/07/2025CVE-2025-3375552337
accepted
303620PCMan FTP Server CCC Command buffer overflowVulDBVulDB04/07/202504/07/202504/24/2025CVE-2025-3374552336
accepted
303619PCMan FTP Server SITE CHMOD Command buffer overflowVulDBVulDB04/06/202504/07/202504/07/2025CVE-2025-3373552274
accepted
303618PCMan FTP Server MKDIR Command buffer overflowVulDBVulDB04/06/202504/07/202504/07/2025CVE-2025-3372552273
accepted
303617PCMan FTP Server DELETE Command buffer overflowVulDBVulDB04/06/202504/07/202504/07/2025CVE-2025-3371552270
accepted
303615PHPGurukul Men Salon Management System admin-profile.php sql injectionVulDBVulDB04/06/202504/07/202504/07/2025CVE-2025-3370552172
accepted
303614xxyopen Novel-Plus list sql injectionVulDBVulDB04/06/202504/07/202504/07/2025CVE-2025-3369552101
accepted
303567PHPGurukul Men Salon Management System add-services.php sql injectionVulDBVulDB04/06/202504/06/202504/06/2025CVE-2025-3353552239
accepted
303566PHPGurukul Old Age Home Management System edit-scdetails.php sql injectionVulDBVulDB04/06/202504/06/202504/06/2025CVE-2025-3352552171
accepted
303565PHPGurukul Old Age Home Management System login.php sql injectionVulDBVulDB04/06/202504/06/202504/06/2025CVE-2025-3351552130
accepted
303564PHPGurukul Old Age Home Management System view-enquiry.php sql injectionVulDBVulDB04/06/202504/06/202504/06/2025CVE-2025-3350552051
accepted
303563PCMan FTP Server SYST Command buffer overflowVulDBVulDB04/06/202504/06/202504/06/2025CVE-2025-3349552039
accepted
303562code-projects Patient Record Management System edit_dpatient.php sql injectionVulDBVulDB04/05/202504/06/202505/29/2025CVE-2025-3348551940
accepted
303561code-projects Patient Record Management System dental_pending.php sql injectionVulDBVulDB04/05/202504/06/202505/29/2025CVE-2025-3347551939
accepted
303560Tenda AC7 SetPptpServerCfg formSetPPTPServer buffer overflowVulDBVulDB04/05/202504/06/202505/27/2025CVE-2025-3346551927
accepted
303559codeprojects Online Restaurant Management System combo.php sql injectionVulDBVulDB04/05/202504/06/202504/30/2025CVE-2025-3345551919
accepted
303558codeprojects Online Restaurant Management System assign_save.php sql injectionVulDBVulDB04/05/202504/06/202504/30/2025CVE-2025-3344551918
accepted
303557codeprojects Online Restaurant Management System reservation_update.php sql injectionVulDBVulDB04/05/202504/06/202504/30/2025CVE-2025-3343551917
accepted
303556codeprojects Online Restaurant Management System payment_save.php sql injectionVulDBVulDB04/05/202504/06/202504/30/2025CVE-2025-3342551916
accepted
303555codeprojects Online Restaurant Management System reservation_view.php sql injectionVulDBVulDB04/05/202504/06/202504/30/2025CVE-2025-3341551915
accepted
303554codeprojects Online Restaurant Management System combo_update.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3340551914
accepted
303553codeprojects Online Restaurant Management System user_update.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3339551913
accepted
303552codeprojects Online Restaurant Management System user_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3338551912
accepted
303551codeprojects Online Restaurant Management System member_update.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3337551911
accepted
303550codeprojects Online Restaurant Management System member_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3336551910
accepted
303549codeprojects Online Restaurant Management System category_update.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3335551909
accepted
303548codeprojects Online Restaurant Management System category_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3334551908
accepted
303547codeprojects Online Restaurant Management System menu_update.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3333551907
accepted
303546codeprojects Online Restaurant Management System menu_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3332551906
accepted
303545codeprojects Online Restaurant Management System payment_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3331551905
accepted
303544codeprojects Online Restaurant Management System reservation_save.php sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3330551904
accepted
303543Consumer Comanda Mobile Restaurant Order cleartext transmissionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3329551790
accepted
303540Tenda AC1206 fast_setting_wifi_set form_fast_setting_wifi_set buffer overflowVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3328551893
accepted
303539iteaj iboot 物联网网关 File Upload batch cross site scriptingVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3327551871
accepted
303538iteaj iboot 物联网网关 File Upload upload cross site scriptingVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3326551870
accepted
303537iteaj iboot 物联网网关 Admin Password pwd access controlVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3325551869
accepted
303536godcheese/code-projects Nimrod FileRestController.java unrestricted uploadVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3324551864
accepted
303535godcheese/code-projects Nimrod ViewMenuCategoryRestController.java sql injectionVulDBVulDB04/05/202504/06/202504/07/2025CVE-2025-3323551863
accepted
303517Kenj_Frog 肯尼基蛙 company-financial-management 公司财务管理系统 ShangpinleixingController.java page sql injectionVulDBVulDB04/05/202504/06/2025CVE-2025-3318
 
accepted
303516fumiao opencms dataPage.jsp path traversalVulDBVulDB04/05/202504/21/2025CVE-2025-3317
 
accepted
303515PHPGurukul Men Salon Management System search-invoices.php sql injectionVulDBVulDB04/05/202504/05/202504/06/2025CVE-2025-3316551749
accepted
303512SourceCodester Apartment Visitor Management System view-report.php sql injectionVulDBVulDB04/04/202504/05/202505/15/2025CVE-2025-3315551262
accepted
303511SourceCodester Apartment Visitor Management System forgotpw.php sql injectionVulDBVulDB04/04/202504/05/202505/15/2025CVE-2025-3314551257
accepted
303510PHPGurukul Men Salon Management System add-customer.php sql injectionVulDBVulDB04/04/202504/05/202504/06/2025CVE-2025-3313550884
accepted
303509PHPGurukul Men Salon Management System add-customer-services.php sql injectionVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3312550199
accepted
303508PHPGurukul Men Salon Management System about-us.php sql injectionVulDBVulDB04/03/202504/05/202505/29/2025CVE-2025-3311550196
accepted
303507code-projects Blood Bank Management System delete.php sql injectionVulDBVulDB04/03/202504/05/202505/29/2025CVE-2025-3310550195
accepted
303506code-projects Blood Bank Management System campsdetails.php sql injectionVulDBVulDB04/03/202504/05/202505/29/2025CVE-2025-3309550194
accepted
303505code-projects Blood Bank Management System viewrequest.php sql injectionVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3308550193
accepted
303504code-projects Blood Bank Management System reset.php sql injectionVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3307550192
accepted
303503code-projects Blood Bank Management System don.php sql injectionVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3306550190
accepted
3035021902756969/code-projects IKUN_Library Borrow MvcConfig.java addInterceptors access controlVulDBVulDB04/03/202504/05/202504/06/2025CVE-2025-3305550186
accepted
303501code-projects Patient Record Management System dental_not.php sql injectionVulDBVulDB04/02/202504/05/202505/29/2025CVE-2025-3304549645
accepted
303500code-projects Patient Record Management System birthing_record.php sql injectionVulDBVulDB04/02/202504/05/202504/06/2025CVE-2025-3303549644
accepted
303494PHPGurukul Men Salon Management System appointment.php sql injectionVulDBVulDB04/03/202504/04/202504/05/2025CVE-2025-3299550185
accepted
303493SourceCodester Online Eyewear Shop Registration Master.php access controlVulDBVulDB04/03/202504/04/202504/05/2025CVE-2025-3298550010
accepted
303492SourceCodester Online Eyewear Shop Master.php cross site scriptingVulDBVulDB04/03/202504/04/202504/05/2025CVE-2025-3297549982
accepted
303491SourceCodester Online Eyewear Shop Users.php sql injectionVulDBVulDB04/03/202504/04/202504/05/2025CVE-2025-3296549932
accepted
303340qinguoyi TinyWebServer http_conn.cpp improper authenticationVulDBVulDB04/02/202504/04/202504/23/2025CVE-2025-3268549229
accepted
303339qinguoyi TinyWebServer http_conn.cpp sql injectionVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3267549228
accepted
303338qinguoyi TinyWebServer http_conn.cpp stack-based overflowVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3266549227
accepted
303337PHPGurukul e-Diary Management System add-category.php sql injectionVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3265549212
accepted
303329Tenda RX3 SetOnlineDevName formSetDeviceName stack-based overflowVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3259549199
accepted
303328PHPGurukul Old Age Home Management System search.php sql injectionVulDBVulDB04/02/202504/04/202505/29/2025CVE-2025-3258549186
accepted
303327xujiangfei admintwo updateSet cross-site request forgeryVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3257549011
accepted
303326xujiangfei admintwo updateSet access controlVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3256549009
accepted
303325xujiangfei admintwo home access controlVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3255548986
accepted
303324xujiangfei admintwo add server-side request forgeryVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3254548979
accepted
303323xujiangfei admintwo insertTree cross site scriptingVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3253548978
accepted
303322xujiangfei admintwo add cross site scriptingVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3252548976
accepted
303321xujiangfei admintwo updateSet cross site scriptingVulDBVulDB04/02/202504/04/202504/04/2025CVE-2025-3251548971
accepted
303320elunez eladmin Maintenance Management Module testConnect deserializationVulDBVulDB03/30/202504/04/202504/04/2025CVE-2025-3250546132
accepted
303319TOTOLINK A6000R mtkwifi.lua apcli_cancel_wps command injectionVulDBVulDB03/26/202504/04/202504/04/2025CVE-2025-3249543214
accepted
303272itsourcecode Library Management System Forgot.java search sql injectionVulDBVulDB04/01/202504/03/202504/03/2025CVE-2025-3245548087
accepted
303271SourceCodester Web-based Pharmacy Product Management System Create User Page add-admin.php unrestricted uploadVulDBVulDB04/01/202504/03/202505/15/2025CVE-2025-3244547916
accepted
303269code-projects Patient Record Management System dental_form.php sql injectionVulDBVulDB04/01/202504/03/202505/29/2025CVE-2025-3243547882
accepted
303268PHPGurukul e-Diary Management System search-result.php sql injectionVulDBVulDB04/01/202504/03/202505/29/2025CVE-2025-3242547719
accepted
303267zhangyanbo2007 youkefu XML Document CallCenterRouterController.java xml external entity referenceVulDBVulDB04/01/202504/03/202504/03/2025CVE-2025-3241547585
accepted
303266PHPGurukul Online Fire Reporting System search.php sql injectionVulDBVulDB03/31/202504/03/202504/03/2025CVE-2025-3240546615
accepted
303265PHPGurukul Online Fire Reporting System edit-guard-detail.php sql injectionVulDBVulDB03/31/202504/03/202504/03/2025CVE-2025-3239546598
accepted
303264PHPGurukul Online Fire Reporting System search-request.php sql injectionVulDBVulDB03/31/202504/03/202504/03/2025CVE-2025-3238546415
accepted
303263Tenda FH1202 wrlwpsset access controlVulDBVulDB03/31/202504/03/202504/03/2025CVE-2025-3237546368
accepted
303262Tenda FH1202 Web Management Interface VirSerDMZ access controlVulDBVulDB03/31/202504/03/202504/03/2025CVE-2025-3236546367
accepted
303261PHPGurukul Old Age Home Management System profile.php sql injectionVulDBVulDB03/30/202504/03/202504/27/2025CVE-2025-3235546223
accepted
303245PHPGurukul Zoo Management System aboutus.php sql injectionVulDBVulDB03/30/202504/03/202506/05/2025CVE-2025-3231546180
accepted
303244PHPGurukul Restaurant Table Booking System edit-subadmin.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3229546178
accepted
303181PHPGurukul e-Diary Management System dashboard.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3220546176
accepted
303180CodeCanyon Perfex CRM Project Discussions Module 2 cross site scriptingVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3219546171
accepted
303172PHPGurukul e-Diary Management System registration.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3217546168
accepted
303171PHPGurukul e-Diary Management System password-recovery.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3216546166
accepted
303170PHPGurukul Restaurant Table Booking System add-subadmin.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3215546164
accepted
303169JFinal CMS readTemplate engine.getTemplate path traversal [Disputed]VulDBVulDB04/02/202504/03/202504/04/2025CVE-2025-3214548985
accepted
303166PHPGurukul e-Diary Management System view-note.php sql injectionVulDBVulDB03/30/202504/03/202504/04/2025CVE-2025-3213546128
accepted
303165code-projects Patient Record Management System birthing_print.php sql injectionVulDBVulDB03/29/202504/03/202505/29/2025CVE-2025-3211545964
accepted
303164code-projects Patient Record Management System birthing_pending.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3210545962
accepted
303163code-projects Patient Record Management System add_patient.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3209545961
accepted
303162code-projects Patient Record Management System xray_print.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3208545960
accepted
303161code-projects Patient Record Management System birthing_form.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3207545934
accepted
303160code-projects Hospital Management System doctor-specilization.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3206545895
accepted
303159CodeAstro Student Grading System studentsubject.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3205545894
accepted
303158CodeAstro Car Rental System returncar.php sql injectionVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3204545893
accepted
303157Tenda W18E setModules formSetAccountList stack-based overflowVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3203545883
accepted
303156ageerle ruoyi-ai SysNoticeController.java improper authorizationVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3202545866
accepted
303152ageerle ruoyi-ai API Interface SysModelController.java improper authorizationVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3199545830
accepted
303151GNU Binutils objdump bucomm.c display_info memory leakVulDBVulDB03/29/202504/03/202504/04/2025CVE-2025-3198545773
accepted
303150Open Asset Import Library Assimp Malformed File MD2Loader.cpp InternReadFile stack-based overflowVulDBVulDB03/28/202504/03/202505/14/2025CVE-2025-3196545368
accepted
303149itsourcecode Online Blood Bank Management System bbms.php sql injectionVulDBVulDB03/27/202504/03/202504/04/2025CVE-2025-3195544147
accepted
303147PHPGurukul e-Diary Management System add-notes.php sql injectionVulDBVulDB03/27/202504/03/202504/04/2025CVE-2025-3188544110
accepted
303146PHPGurukul e-Diary Management System login.php sql injectionVulDBVulDB03/27/202504/03/202504/04/2025CVE-2025-3187544098
accepted
303145projectworlds Online Doctor Appointment Booking System invoice.php sql injectionVulDBVulDB03/27/202504/03/202504/04/2025CVE-2025-3186543846
accepted
303144projectworlds Online Doctor Appointment Booking System patientupdateprofile.php sql injectionVulDBVulDB03/27/202504/03/202504/15/2025CVE-2025-3185543845
accepted
303143projectworlds Online Doctor Appointment Booking System profile.php sql injectionVulDBVulDB03/27/202504/03/202504/15/2025CVE-2025-3184543844
accepted
303142projectworlds Online Doctor Appointment Booking System patientupdateprofile.php sql injectionVulDBVulDB03/27/202504/03/202504/15/2025CVE-2025-3183543843
accepted
303141projectworlds Online Doctor Appointment Booking System getschedule.php sql injectionVulDBVulDB03/27/202504/03/202504/15/2025CVE-2025-3182543842
accepted
303140projectworlds Online Doctor Appointment Booking System appointment.php sql injectionVulDBVulDB03/27/202504/03/202504/15/2025CVE-2025-3181543841
accepted
303139projectworlds Online Doctor Appointment Booking System deleteschedule.php sql injectionVulDBVulDB03/27/202504/03/202504/03/2025CVE-2025-3180543840
accepted
303138projectworlds Online Doctor Appointment Booking System deletepatient.php sql injectionVulDBVulDB03/27/202504/03/202504/03/2025CVE-2025-3179543839
accepted
303137projectworlds Online Doctor Appointment Booking System deleteappointment.php sql injectionVulDBVulDB03/27/202504/03/202504/03/2025CVE-2025-3178543838
accepted
303136FastCMS JWT hard-coded keyVulDBVulDB03/27/202504/03/202504/03/2025CVE-2025-3177543673
accepted
303135Project Worlds Online Lawyer Management System single_lawyer.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3176543278
accepted
303134Project Worlds Online Lawyer Management System save_user_edit_profile.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3175543277
accepted
303133Project Worlds Online Lawyer Management System searchLawyer.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3174543276
accepted
303132Project Worlds Online Lawyer Management System save_booking.php sql injectionVulDBVulDB03/26/202504/03/202505/18/2025CVE-2025-3173543275
accepted
303131Project Worlds Online Lawyer Management System lawyer_booking.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3172543274
accepted
303130Project Worlds Online Lawyer Management System approve_lawyer.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3171543273
accepted
303129Project Worlds Online Lawyer Management System admin_user.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3170543271
accepted
303128Projeqtor saveAttachment.php unrestricted uploadVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3169543250
accepted
303127PHPGurukul Time Table Generator System edit-class.php sql injectionVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3168543172
accepted
303113Tenda AC23 API Interface VerAPIMant denial of serviceVulDBVulDB03/26/202504/03/202504/03/2025CVE-2025-3167543150
accepted
303112code-projects Product Management System Search Product Menu search_item stack-based overflowVulDBVulDB03/25/202504/03/202504/03/2025CVE-2025-3166542668
accepted
303111thu-pacman chitu backend.py torch.load deserializationVulDBVulDB03/25/202504/03/202504/21/2025CVE-2025-3165542529
accepted
303110Tencent Music Entertainment SuperSonic H2 Database Connection testConnect code injectionVulDBVulDB03/25/202504/03/202504/03/2025CVE-2025-3164542528
accepted
303109InternLM LMDeploy conf.py open code injectionVulDBVulDB03/25/202504/03/202504/21/2025CVE-2025-3163542527
accepted
303108InternLM LMDeploy PT File utils.py load_weight_ckpt deserializationVulDBVulDB03/25/202504/03/202504/24/2025CVE-2025-3162542520
accepted
303107Tenda AC10 ShutdownSetAdd stack-based overflowVulDBVulDB03/25/202504/03/202504/03/2025CVE-2025-3161542437
accepted
303106Open Asset Import Library Assimp File SceneCombiner.cpp AddNodeHashes out-of-boundsVulDBVulDB03/25/202504/03/202505/14/2025CVE-2025-3160542248
accepted
303105Open Asset Import Library Assimp ASE File ASEParser.cpp ParseLV4MeshBonesVertices heap-based overflowVulDBVulDB03/25/202504/03/202505/14/2025CVE-2025-3159542247
accepted
303104Open Asset Import Library Assimp LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflowVulDBVulDB03/25/202504/03/202506/26/2025CVE-2025-3158542246
accepted
303101Intelbras WRN 150 Wireless Menu cross site scriptingVulDBVulDB02/15/202504/03/202504/03/2025CVE-2025-3157501902
accepted
303057caipeichao ThinkOX Search search.html cross site scriptingVulDBVulDB03/24/202504/02/202504/02/2025CVE-2025-3152525767
accepted
303056SourceCodester Gym Management System signup.php sql injectionVulDBVulDB03/24/202504/02/202505/15/2025CVE-2025-3151525633
accepted
303055itning Student Homework Management System cross-site request forgeryVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3150525408
accepted
303054itning Student Homework Management System Edit Job Page fileupload cross site scriptingVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3149525403
accepted
303053codeprojects Product Management System Login buffer overflowVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3148525395
accepted
303052PHPGurukul Boat Booking System add-subadmin.php sql injectionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3147525388
accepted
303051PHPGurukul Bus Pass Management System view-pass-detail.php sql injectionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3146525340
accepted
303050MindSpore mindspore.numpy.fft.rfft2 memory corruptionVulDBVulDB04/02/202504/02/2025CVE-2025-3145
 
accepted
303049MindSpore mindspore.numpy.fft.hfftn memory corruptionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3144525333
accepted
303048SourceCodester Apartment Visitor Management System visitor-entry.php sql injectionVulDBVulDB03/23/202504/02/202505/15/2025CVE-2025-3143525321
accepted
303047SourceCodester Apartment Visitor Management System add-apartment.php sql injectionVulDBVulDB03/23/202504/02/202505/15/2025CVE-2025-3142525320
accepted
303046SourceCodester Online Medicine Ordering System manage_category.php sql injectionVulDBVulDB03/23/202504/02/202504/06/2025CVE-2025-3141525309
accepted
303045SourceCodester Online Medicine Ordering System view_category.php sql injectionVulDBVulDB03/23/202504/02/202504/06/2025CVE-2025-3140525308
accepted
303044code-projects Bus Reservation System Login Form login buffer overflowVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3139525305
accepted
303043PHPGurukul Online Security Guards Hiring System edit-guard-detail.php sql injectionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3138525265
accepted
303042PHPGurukul Online Security Guards Hiring System changeimage.php sql injectionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3137525264
accepted
303041PyTorch CUDACachingAllocator.cpp torch.cuda.memory.caching_allocator_delete memory corruptionVulDBVulDB03/23/202504/02/202504/02/2025CVE-2025-3136525252
accepted
303040fcba_zzm ics-park Smart Park Management System update sql injectionVulDBVulDB03/22/202504/02/202504/02/2025CVE-2025-3135525136
accepted
303039code-projects Payroll Management System add_overtime.php sql injectionVulDBVulDB03/22/202504/02/202505/15/2025CVE-2025-3134525102
accepted
303014WonderCMS Theme Installation/Plugin Installation installUpdateModuleAction unrestricted upload [Disputed]VulDBVulDB03/22/202504/02/202504/02/2025CVE-2025-3123525101
accepted
303013WebAssembly wabt binary-reader-interp.cc BeginFunctionBody null pointer dereferenceVulDBVulDB03/22/202504/02/202504/02/2025CVE-2025-3122525091
accepted
303012PyTorch torch.jit.jit_module_from_flatbuffer memory corruptionVulDBVulDB03/22/202504/02/202505/28/2025CVE-2025-3121525049
accepted
303011SourceCodester Apartment Visitors Management System add-apartment.php sql injectionVulDBVulDB03/22/202504/02/202504/06/2025CVE-2025-3120524991
accepted
303010SourceCodester Online Tutor Portal manage_course.php sql injectionVulDBVulDB03/22/202504/02/202504/06/2025CVE-2025-3119524990
accepted
303009SourceCodester Online Tutor Portal view_course.php sql injectionVulDBVulDB03/22/202504/02/202504/06/2025CVE-2025-3118524985
accepted
302106oretnom23/SourceCodester Apartment Visitor Management System remove-apartment.php sql injectionVulDBVulDB03/22/202503/31/202505/28/2025CVE-2025-3045524983
accepted
302105GuoMinJim PersonManage login preHandle path traversalVulDBVulDB03/22/202503/31/202504/01/2025CVE-2025-3043524949
accepted
302104Project Worlds Online Time Table Generator updateprofile.php unrestricted uploadVulDBVulDB03/22/202503/31/202504/01/2025CVE-2025-3042524936
accepted
302103Project Worlds Online Time Table Generator updatestudent.php unrestricted uploadVulDBVulDB03/22/202503/31/202504/01/2025CVE-2025-3041524935
accepted
302102Project Worlds Online Time Table Generator add_student.php unrestricted uploadVulDBVulDB03/22/202503/31/202504/01/2025CVE-2025-3040524934
accepted
302100code-projects Payroll Management System add_employee.php sql injectionVulDBVulDB03/21/202503/31/202505/15/2025CVE-2025-3039524676
accepted
302099code-projects Payroll Management System view_account.php sql injectionVulDBVulDB03/21/202503/31/202505/15/2025CVE-2025-3038524636
accepted
302098yzk2356911358 StudentServlet-JSP cross-site request forgeryVulDBVulDB03/21/202503/31/202504/01/2025CVE-2025-3037524631
accepted
302097yzk2356911358 StudentServlet-JSP Student Management cross site scriptingVulDBVulDB03/21/202503/31/202504/01/2025CVE-2025-3036524630
accepted
302070SourceCodester Online Eyewear Shop Users.php sql injectionVulDBVulDB03/21/202503/31/202504/07/2025CVE-2025-3018524623
accepted
302069TA-Lib ta_regtest test_minmax.c setInputBuffer out-of-bounds writeVulDBVulDB03/21/202503/31/202504/01/2025CVE-2025-3017524603
accepted
302068Open Asset Import Library Assimp MDL File MDLMaterialLoader.cpp ParseTextureColorData resource consumptionVulDBVulDB03/21/202503/31/202504/17/2025CVE-2025-3016524593
accepted
302067Open Asset Import Library Assimp ASE File ASELoader.cpp BuildUniqueRepresentation out-of-boundsVulDBVulDB03/21/202503/31/202504/17/2025CVE-2025-3015524589
accepted
302060Khronos Group glslang Intermediate.cpp isConversionAllowed null pointer dereferenceVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3010524561
accepted
302059Jinher Network OA NetDiskProperty.aspx sql injectionVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3009524554
accepted
302058Novastar CX40 NetFilter Utility netconfig popen command injectionVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3008524869
accepted
302057Novastar CX40 NetFilter Utility netconfig getopt stack-based overflowVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3007524867
accepted
302056PHPGurukul e-Diary Management System edit-category.php sql injectionVulDBVulDB03/21/202503/30/202504/01/2025CVE-2025-3006524553
accepted
302054Sayski ForestBlog Friend Link cross site scriptingVulDBVulDB03/21/202503/30/202506/12/2025CVE-2025-3005524485
accepted
302053Sayski ForestBlog search cross site scriptingVulDBVulDB03/21/202503/30/202506/12/2025CVE-2025-3004524484
accepted
302052ESAFENET CDG UserAjax sql injectionVulDBVulDB03/20/202503/30/202504/01/2025CVE-2025-3003524230
accepted
302051Digital China DCME-520 mon_merge_stat_hist.php os command injectionVulDBVulDB03/20/202503/30/202504/01/2025CVE-2025-3002524225
accepted
302050PyTorch torch.lstm_cell memory corruptionVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-3001524212
accepted
302049PyTorch torch.jit.script memory corruptionVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-3000524197
accepted
302048PyTorch torch.nn.utils.rnn.unpack_sequence memory corruptionVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-2999524198
accepted
302047PyTorch torch.nn.utils.rnn.pad_packed_sequence memory corruptionVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-2998524151
accepted
302046zhangyanbo2007 youkefu url server-side request forgeryVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-2997524009
accepted
302045Tenda FH1202 Web Management Interface SysToolDDNS access controlVulDBVulDB03/20/202503/30/202504/08/2025CVE-2025-2996523419
accepted
302044Tenda FH1202 Web Management Interface SysToolChangePwd access controlVulDBVulDB03/20/202503/30/202504/08/2025CVE-2025-2995523418
accepted
302043Tenda FH1202 Web Management Interface qossetting access controlVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-2994523417
accepted
302042Tenda FH1202 default.cfg access controlVulDBVulDB03/20/202503/30/202503/30/2025CVE-2025-2993523416
accepted
302041Tenda FH1202 Web Management Interface AdvSetWrlsafeset access controlVulDBVulDB03/20/202503/30/202503/31/2025CVE-2025-2992523413
accepted
302040Tenda FH1202 Web Management Interface AdvSetWrlmacfilter access controlVulDBVulDB03/20/202503/30/202504/07/2025CVE-2025-2991523412
accepted
302039Tenda FH1202 Web Management Interface AdvSetWrlGstset access controlVulDBVulDB03/20/202503/30/202504/07/2025CVE-2025-2990523404
accepted
302038Tenda FH1202 Web Management Interface AdvSetWrl access controlVulDBVulDB03/20/202503/30/202504/07/2025CVE-2025-2989523402
accepted
302037code-projects Payroll Management System update_account.php sql injectionVulDBVulDB03/20/202503/30/202505/15/2025CVE-2025-2985523344
accepted
302036code-projects Payroll Management System delete.php sql injectionVulDBVulDB03/20/202503/30/202505/15/2025CVE-2025-2984523343
accepted
302035Legrand SMS PowerView os command injectionVulDBVulDB03/30/202503/31/2025CVE-2025-2983
 
accepted
302034Legrand SMS PowerView file inclusionVulDBVulDB03/30/202503/31/2025CVE-2025-2982
 
accepted
302033Legrand SMS PowerView cross site scriptingVulDBVulDB03/30/202503/31/2025CVE-2025-2981
 
accepted
302032Legrand SMS PowerView redirectVulDBVulDB03/19/202503/30/202504/03/2025CVE-2025-2980523212
accepted
302031WCMS Registration setregister cross site scriptingVulDBVulDB03/20/202503/30/202503/31/2025CVE-2025-2979523896
accepted
302030WCMS Article Publishing Page CKEditor unrestricted uploadVulDBVulDB03/19/202503/30/202503/31/2025CVE-2025-2978523093
accepted
302029GFI KerioConnect PDF File cross site scriptingVulDBVulDB03/19/202503/30/202503/31/2025CVE-2025-2977523016
accepted
302028GFI KerioConnect File Upload cross site scriptingVulDBVulDB03/30/202503/31/2025CVE-2025-2976
 
accepted
302027GFI KerioConnect Signature EditHtmlSource cross site scriptingVulDBVulDB03/19/202503/30/202503/31/2025CVE-2025-2975523009
accepted
302026CodeCanyon Perfex CRM Contracts contract cross site scriptingVulDBVulDB03/18/202503/30/202504/03/2025CVE-2025-2974522737
accepted
302025code-projects College Management System student.php unrestricted uploadVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2973522478
accepted
302024ConcreteCMS Page Attribute Display Block cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2972522423
accepted
302023ConcreteCMS List Block cross site scripting [False-Positive]VulDBVulDB03/18/202503/30/202504/08/2025CVE-2025-2971522421revoked
302022ConcreteCMS Switch Language Block cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2970522420
accepted
302021ConcreteCMS Feature Link Block save cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2969522419
accepted
302020ConcreteCMS Feature Block save cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2968522418
accepted
302019ConcreteCMS HTML Block save HTML injectionVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2967522417
accepted
302018ConcreteCMS Content Block save cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2966522416
accepted
302017ConcreteCMS Accordion Block save cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2965522415
accepted
302016ConcreteCMS FAQ Block save cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2964522414
accepted
302015ConcreteCMS Legacy Form Block addEditQuestion cross site scriptingVulDBVulDB03/18/202503/30/202503/31/2025CVE-2025-2963522413
accepted
302014opensolon org.noear.solon.core.handle.RenderManager aa render_mav path traversalVulDBVulDB03/18/202503/29/202503/31/2025CVE-2025-2961522380
accepted
302013TRENDnet TEW-637AP/TEW-638APB HTTP Request goahead sub_41DED0 null pointer dereferenceVulDBVulDB03/17/202503/29/202503/31/2025CVE-2025-2960521727
accepted
302012TRENDnet TEW-410APB HTTP Request httpd sub_4019A0 null pointer dereferenceVulDBVulDB03/17/202503/29/202503/31/2025CVE-2025-2959521725
accepted
302011TRENDnet TEW-818DRU HTTP Request httpd denial of serviceVulDBVulDB03/17/202503/29/202503/30/2025CVE-2025-2958521723
accepted
302010TRENDnet TEW-411BRP+ HTTP Request httpd sub_401DB0 null pointer dereferenceVulDBVulDB03/17/202503/29/202503/30/2025CVE-2025-2957521719
accepted
302009TRENDnet TI-G102i HTTP Request lighttpd plugins_call_handle_uri_raw null pointer dereferenceVulDBVulDB03/17/202503/29/202503/30/2025CVE-2025-2956521717
accepted
302008TOTOLINK A3000RU IBMS Configuration File ExportIbmsConfig.sh access controlVulDBVulDB03/17/202503/29/202503/30/2025CVE-2025-2955521567
accepted
302007mannaandpoem OpenManus File file_saver.py execute access controlVulDBVulDB03/17/202503/29/202503/30/2025CVE-2025-2954521545
accepted
302006PyTorch torch.mkldnn_max_pool2d denial of service [Disputed]VulDBVulDB03/16/202503/29/202504/22/2025CVE-2025-2953521279
accepted
302005Bluestar Micro Mall api.php unrestricted uploadVulDBVulDB03/29/202503/30/2025CVE-2025-2952
 
accepted
302004Bluestar Micro Mall data.php sql injectionVulDBVulDB03/16/202503/29/202503/30/2025CVE-2025-2951521162
accepted
301902ESAFENET CDG getFileTypeList.jsp sql injectionVulDBVulDB03/16/202503/28/202503/28/2025CVE-2025-2927521263
accepted
301901HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereferenceVulDBVulDB03/16/202503/28/202503/28/2025CVE-2025-2926521246
accepted
301900HDF5 H5MM.c H5MM_realloc double freeVulDBVulDB03/16/202503/28/202504/17/2025CVE-2025-2925521193
accepted
301899HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflowVulDBVulDB03/16/202503/28/202504/17/2025CVE-2025-2924521170
accepted
301898HDF5 H5Fint.c H5F_addr_encode_len heap-based overflowVulDBVulDB03/16/202503/28/202506/06/2025CVE-2025-2923521151
accepted
301897Netis WF-2404 BusyBox Shell cleartext storageVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2922521039
accepted
301896Netis WF-2404 passwd default passwordVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2921521038
accepted
301895Netis WF-2404 passwd weak hashVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2920521037
accepted
301894Netis WF-2404 UART hardware allows activation of test or debug logic at runtimeVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2919521036
accepted
301890ChestnutCMS read readFile path traversalVulDBVulDB03/15/202503/28/202506/10/2025CVE-2025-2917520933
accepted
301889Aishida Call Center System amr2mp3 command injectionVulDBVulDB03/14/202503/28/202503/28/2025CVE-2025-2916520604
accepted
301888HDF5 H5Faccum.c H5F__accum_free heap-based overflowVulDBVulDB03/15/202503/28/202503/28/2025CVE-2025-2915520899
accepted
301887HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflowVulDBVulDB03/15/202503/28/202506/06/2025CVE-2025-2914520880
accepted
301886HDF5 H5FL.c H5FL__blk_gc_list use after freeVulDBVulDB03/14/202503/28/202505/29/2025CVE-2025-2913520404
accepted
301885HDF5 H5Omessage.c H5O_msg_flush heap-based overflowVulDBVulDB03/13/202503/28/202505/29/2025CVE-2025-2912519966
accepted
301813Kentico CMS Additional Database Installation Wizard install.aspx cross site scriptingVulDBVulDB02/18/202503/27/202503/28/2025CVE-2025-2878503058
accepted
301502elunez eladmin upload checkFile deserializationVulDBVulDB03/18/202503/27/202503/27/2025CVE-2025-2855522504
accepted
301501code-projects Payroll Management System update_employee.php sql injectionVulDBVulDB03/18/202503/27/202505/15/2025CVE-2025-2854522479
accepted
301495SourceCodester Food Ordering Management System view_menu.php sql injectionVulDBVulDB03/18/202503/27/202503/27/2025CVE-2025-2852522402
accepted
301494UPX p_lx_elf.cpp un_DT_INIT heap-based overflowVulDBVulDB03/18/202503/27/202503/27/2025CVE-2025-2849522371
accepted
301493Codezips Gym Management System over_month.php sql injectionVulDBVulDB03/18/202503/27/202505/29/2025CVE-2025-2847522330
accepted
301492SourceCodester Online Eyewear Shop Registration Users.php registration sql injectionVulDBVulDB03/18/202503/27/202505/15/2025CVE-2025-2846522326
accepted
301471zhangyd-c OneBlog RestApiController.java autoLink server-side request forgeryVulDBVulDB03/17/202503/26/202503/27/2025CVE-2025-2835521815
accepted
301470zhangyd-c OneBlog HTTP Header redosVulDBVulDB03/17/202503/26/202503/27/2025CVE-2025-2833521813
accepted
301469mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 cross-site request forgeryVulDBVulDB03/17/202503/26/202503/27/2025CVE-2025-2832521460
accepted
301468mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 bookList getBookList sql injectionVulDBVulDB03/17/202503/26/202503/27/2025CVE-2025-2831521458
accepted
300862Open Asset Import Library Assimp MD5 File MD5Parser.cpp AI_MD5_PARSE_STRING_IN_QUOTATION heap-based overflowVulDBVulDB03/11/202503/24/202506/26/2025CVE-2025-2757517817
accepted
300861Open Asset Import Library Assimp AC3D File ACLoader.cpp ConvertObjectSection heap-based overflowVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2756517790
accepted
300860Open Asset Import Library Assimp AC3D File ACLoader.cpp ConvertObjectSection out-of-boundsVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2755517789
accepted
300859Open Asset Import Library Assimp AC3D File ACLoader.cpp ConvertObjectSection heap-based overflowVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2754517788
accepted
300858Open Asset Import Library Assimp LWS File LWSLoader.cpp MergeScenes out-of-boundsVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2753517787
accepted
300857Open Asset Import Library Assimp CSM File fast_atof.h fast_atoreal_move out-of-boundsVulDBVulDB03/11/202503/24/202503/24/2025CVE-2025-2752517786
accepted
300856Open Asset Import Library Assimp CSM File CSMLoader.cpp InternReadFile out-of-boundsVulDBVulDB03/11/202503/24/202506/26/2025CVE-2025-2751517785
accepted
300855Open Asset Import Library Assimp CSM File CSMLoader.cpp InternReadFile out-of-bounds writeVulDBVulDB03/11/202503/24/202506/26/2025CVE-2025-2750517783
accepted
300846zhijiantianya ruoyi-vue-pro Material Upload Interface upload-news-image path traversalVulDBVulDB03/13/202503/24/202503/24/2025CVE-2025-2744519694
accepted
300845zhijiantianya ruoyi-vue-pro Material Upload Interface upload-temporary path traversalVulDBVulDB03/13/202503/24/202503/24/2025CVE-2025-2743519692
accepted
300844zhijiantianya ruoyi-vue-pro Material Upload Interface upload-permanent path traversalVulDBVulDB03/13/202503/24/202503/24/2025CVE-2025-2742519691
accepted
300762PHPGurukul Old Age Home Management System eligibility.php sql injectionVulDBVulDB03/21/202503/24/202503/24/2025CVE-2025-2740524733
accepted
300761PHPGurukul Old Age Home Management System manage-services.php sql injectionVulDBVulDB03/20/202503/24/202503/24/2025CVE-2025-2739523400
accepted
300760PHPGurukul Old Age Home Management System manage-scdetails.php sql injectionVulDBVulDB03/19/202503/24/202503/24/2025CVE-2025-2738522931
accepted
300759PHPGurukul Old Age Home Management System contactus.php sql injectionVulDBVulDB03/19/202503/24/202503/24/2025CVE-2025-2737522898
accepted
300758PHPGurukul Old Age Home Management System bwdates-report-details.php sql injectionVulDBVulDB03/19/202503/24/202503/24/2025CVE-2025-2736522881
accepted
300757PHPGurukul Old Age Home Management System add-services.php sql injectionVulDBVulDB03/18/202503/24/202503/24/2025CVE-2025-2735522266
accepted
300756PHPGurukul Old Age Home Management System aboutus.php sql injectionVulDBVulDB03/18/202503/24/202503/24/2025CVE-2025-2734522265
accepted
300753mannaandpoem OpenManus Prompt python_execute.py os command injectionVulDBVulDB03/14/202503/24/202503/24/2025CVE-2025-2733520426
accepted
300752H3C Magic BE18000 HTTP POST Request getWifiNeighbour command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2732520499
accepted
300751H3C Magic BE18000 HTTP POST Request getDualbandSync command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2731520497
accepted
300750H3C Magic BE18000 HTTP POST Request getssidname command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2730520495
accepted
300749H3C Magic BE18000 HTTP POST Request networkSetup command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2729520494
accepted
300748H3C Magic NX30 Pro/Magic NX400 getNetworkConf command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2728520462
accepted
300747H3C Magic NX30 Pro HTTP POST Request getNetworkStatus command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2727520394
accepted
300746H3C Magic BE18000 HTTP POST Request esps command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2726520393
accepted
300745H3C Magic BE18000 HTTP POST Request auth command injectionVulDBVulDB03/14/202503/24/202504/11/2025CVE-2025-2725520390
accepted
300744GNOME libgsf sorting_key_copy out-of-bounds [False-Positive]VulDBVulDB03/13/202503/24/202504/22/2025CVE-2025-2724520184revoked
300743GNOME libgsf gsf_property_settings_collec heap-based overflow [False-Positive]VulDBVulDB03/13/202503/24/202504/22/2025CVE-2025-2723520183revoked
300742GNOME libgsf gsf_prop_settings_collect_va heap-based overflow [False-Positive]VulDBVulDB03/13/202503/24/202504/22/2025CVE-2025-2722520182revoked
300741GNOME libgsf gsf_base64_encode_simple heap-based overflow [False-Positive]VulDBVulDB03/13/202503/24/202504/22/2025CVE-2025-2721520181revoked
300740GNOME libgsf gsf_base64_encode_simple uninitialized variable [False-Positive]VulDBVulDB03/13/202503/24/202503/27/2025CVE-2025-2720520180revoked
300737D-Link DIR-823X HTTP POST Request diag_nslookup sub_41710C os command injectionVulDBVulDB03/11/202503/24/202503/25/2025CVE-2025-2717517958
accepted
300736China Mobile P22g-CIac Samba Path path traversalVulDBVulDB03/13/202503/24/202503/25/2025CVE-2025-2716519900
accepted
300735timschofield webERP Confirm Dispatch and Invoice Page ConfirmDispatch_Invoice.php cross site scriptingVulDBVulDB03/13/202503/24/202503/25/2025CVE-2025-2715519791
accepted
300734JoomlaUX JUX Real Estate addagent cross site scriptingVulDBVulDB03/10/202503/24/202503/25/2025CVE-2025-2714517638
accepted
300733Yonyou UFIDA ERP-NC top.jsp cross site scriptingVulDBVulDB03/24/202503/25/2025CVE-2025-2712
 
accepted
300732Yonyou UFIDA ERP-NC systop.jsp cross site scriptingVulDBVulDB03/10/202503/24/202503/25/2025CVE-2025-2711517309
accepted
300731Yonyou UFIDA ERP-NC menu.jsp cross site scriptingVulDBVulDB03/10/202503/24/202503/25/2025CVE-2025-2710517306
accepted
300730Yonyou UFIDA ERP-NC login.jsp cross site scriptingVulDBVulDB03/10/202503/24/202503/25/2025CVE-2025-2709517305
accepted
300729zhijiantianya ruoyi-vue-pro Backend File Upload Interface upload path traversalVulDBVulDB03/09/202503/24/202503/25/2025CVE-2025-2708517030
accepted
300728zhijiantianya ruoyi-vue-pro Front-End Store Interface upload path traversalVulDBVulDB03/09/202503/24/202503/25/2025CVE-2025-2707517029
accepted
300727Digiwin ERP UploadAjaxAPI.ashx unrestricted uploadVulDBVulDB03/07/202503/24/202503/25/2025CVE-2025-2706516293
accepted
300726Digiwin ERP FileUploadApi.ashx DoWebUpload unrestricted uploadVulDBVulDB03/07/202503/24/202503/24/2025CVE-2025-2705516291
accepted
300719Softwin WMX3 ImageAdd.ashx ImageAdd unrestricted uploadVulDBVulDB03/07/202503/23/202503/23/2025CVE-2025-2702516289
accepted
300718AMTT Hotel Broadband Operation System port_setup.php popen os command injectionVulDBVulDB03/07/202503/23/202503/24/2025CVE-2025-2701516089
accepted
300717michelson Dante Editor Insert Link cross site scriptingVulDBVulDB03/07/202503/23/202503/24/2025CVE-2025-2700515869
accepted
300716GetmeUK ContentTools Image cross site scriptingVulDBVulDB03/07/202503/23/202503/24/2025CVE-2025-2699515864
accepted
300711yiisoft Yii2 MockClass.php generate deserializationVulDBVulDB03/17/202503/23/202503/24/2025CVE-2025-2690521718
accepted
300710yiisoft Yii2 SortableIterator.php getIterator deserializationVulDBVulDB03/17/202503/23/202503/24/2025CVE-2025-2689521709
accepted
300709TOTOLINK A3000RU Syslog Configuration File ExportSyslog.sh access controlVulDBVulDB03/17/202503/23/202503/24/2025CVE-2025-2688521570
accepted
300708PHPGurukul eLearning System Image index.php unrestricted uploadVulDBVulDB03/17/202503/23/202503/24/2025CVE-2025-2687521454
accepted
300703mingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 Backend admin doFilter access controlVulDBVulDB03/17/202503/23/202503/24/2025CVE-2025-2686521449
accepted
300701PHPGurukul Bank Locker Management System search-report-details.php sql injectionVulDBVulDB03/17/202503/22/202503/24/2025CVE-2025-2684521453
accepted
300700PHPGurukul Bank Locker Management System profile.php sql injectionVulDBVulDB03/17/202503/22/202503/24/2025CVE-2025-2683521452
accepted
300699PHPGurukul Bank Locker Management System edit-subadmin.php sql injectionVulDBVulDB03/17/202503/22/202503/24/2025CVE-2025-2682521451
accepted
300698PHPGurukul Bank Locker Management System edit-locker.php sql injectionVulDBVulDB03/17/202503/22/202503/24/2025CVE-2025-2681521450
accepted
300697PHPGurukul Bank Locker Management System edit-assign-locker.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2680521448
accepted
300696PHPGurukul Bank Locker Management System contact-us.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2679521447
accepted
300695PHPGurukul Bank Locker Management System changeimage1.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2678521445
accepted
300694PHPGurukul Bank Locker Management System changeidproof.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2677521444
accepted
300693PHPGurukul Bank Locker Management System add-subadmin.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2676521443
accepted
300692PHPGurukul Bank Locker Management System add-lockertype.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2675521442
accepted
300691PHPGurukul Bank Locker Management System aboutus.php sql injectionVulDBVulDB03/17/202503/22/202503/27/2025CVE-2025-2674521441
accepted
300690code-projects Payroll Management System home_employee.php cross site scriptingVulDBVulDB03/16/202503/22/202503/27/2025CVE-2025-2673521244
accepted
300689code-projects Payroll Management System add_deductions.php sql injectionVulDBVulDB03/16/202503/22/202503/27/2025CVE-2025-2672521243
accepted
300688Yue Lao Blind Box 月老盲盒 Upload.php base64image unrestricted uploadVulDBVulDB03/16/202503/22/202503/24/2025CVE-2025-2671521169
accepted
300687PHPGurukul Online Security Guards Hiring System bwdates-reports-details.php sql injectionVulDBVulDB03/16/202503/22/202503/24/2025CVE-2025-2665521167
accepted
300686CodeZips Hospital Management System suadpeted.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2664520780
accepted
300685PHPGurukul Bank Locker Management System search-locker-details.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2663520436
accepted
300678Project Worlds Online Time Table Generator studentdashboard.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2662520503
accepted
300677Project Worlds Online Time Table Generator index.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2661520484
accepted
300676Project Worlds Online Time Table Generator index.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2660520483
accepted
300675Project Worlds Online Time Table Generator index.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2659520482
accepted
300674PHPGurukul Online Security Guards Hiring System search-request.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2658520250
accepted
300673projectworlds Apartment Visitors Management System front.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2657520237
accepted
300672PHPGurukul Zoo Management System login.php sql injectionVulDBVulDB03/14/202503/22/202503/23/2025CVE-2025-2656520234
accepted
300670SourceCodester AC Repair and Services System Users.php save_users sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2655520017
accepted
300669SourceCodester AC Repair and Services System manage_service.php sql injectionVulDBVulDB03/13/202503/22/202503/27/2025CVE-2025-2654520013
accepted
300668FoxCMS improper authorizationVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2653519927
accepted
300667SourceCodester Employee and Visitor Gate Pass Logging System exposure of information through directory listingVulDBVulDB03/13/202503/22/202503/27/2025CVE-2025-2652519876
accepted
300666SourceCodester Online Eyewear Shop admin exposure of information through directory listingVulDBVulDB03/13/202503/22/202505/15/2025CVE-2025-2651519873
accepted
300665PHPGurukul Medical Card Generation System download-medical-cards.php cross site scriptingVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2650519781
accepted
300664PHPGurukul Doctor Appointment Management System check-appointment.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2649519780
accepted
300663PHPGurukul Art Gallery Management System view-enquiry-detail.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2648519779
accepted
300662PHPGurukul Art Gallery Management System search.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2647519777
accepted
300661PHPGurukul Art Gallery Management System admin-profile.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2646519776
accepted
300660PHPGurukul Art Gallery Management System product.php cross site scriptingVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2645519775
accepted
300659PHPGurukul Art Gallery Management System add-art-product.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2644519773
accepted
300658PHPGurukul Art Gallery Management System edit-art-type-detail.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2643519772
accepted
300657PHPGurukul Art Gallery Management System edit-art-product-detail.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2642519769
accepted
300656PHPGurukul Art Gallery Management System edit-artist-detail.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2641519768
accepted
300641PHPGurukul Doctor Appointment Management System appointment-bwdates-reports-details.php sql injectionVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2640519644
accepted
300640JIZHICMS Article release.html improper authorizationVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2639519634
accepted
300639JIZHICMS Article release.html improper authorizationVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2638519633
accepted
300638JIZHICMS Account Profile Page userinfo.html improper authorizationVulDBVulDB03/13/202503/22/202503/23/2025CVE-2025-2637519632
accepted
300630PHPGurukul Art Gallery Management System art-enquiry.php sql injectionVulDBVulDB03/13/202503/21/202503/22/2025CVE-2025-2628519615
accepted
300629PHPGurukul Art Gallery Management System contactus.php sql injectionVulDBVulDB03/12/202503/21/202503/22/2025CVE-2025-2627519335
accepted
300628SourceCodester Kortex Lite Advocate Office Management System edit_case.php sql injectionVulDBVulDB03/12/202503/21/202503/22/2025CVE-2025-2626519307
accepted
300627westboy CicadasCMS page sql injectionVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2625519296
accepted
300626westboy CicadasCMS save sql injectionVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2624519295
accepted
300625westboy CicadasCMS save cross site scriptingVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2623519294
accepted
300624aizuda snail-job Workflow-Task Management Module check-node-expression getRuntime deserializationVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2622518999
accepted
300623D-Link DAP-1620 storage check_dws_cookie stack-based overflowVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2621518980
accepted
300622D-Link DAP-1620 Authentication storage mod_graph_auth_uri_handler stack-based overflowVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2620518969
accepted
300621D-Link DAP-1620 Cookie storage check_dws_cookie stack-based overflowVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2619518968
accepted
300620D-Link DAP-1620 Path api set_ws_action heap-based overflowVulDBVulDB03/12/202503/21/202503/27/2025CVE-2025-2618518963
accepted
300619yangyouwang 杨有旺 crud 简约后台管理系统 Department Page cross site scriptingVulDBVulDB03/21/202503/22/2025CVE-2025-2617
 
accepted
300618yangyouwang 杨有旺 crud 简约后台管理系统 Role Management Page cross site scriptingVulDBVulDB03/12/202503/21/202503/22/2025CVE-2025-2616518962
accepted
300591PHPGurukul Banquet Booking System view-user-queries.php sql injectionVulDBVulDB03/11/202503/21/202505/29/2025CVE-2025-2608518587
accepted
300590phplaozhang LzCMS-LaoZhangBoKeXiTong HTTP POST Request upimage.html unrestricted uploadVulDBVulDB03/11/202503/21/202503/22/2025CVE-2025-2607518021
accepted
300589SourceCodester Best Church Management Software soulwinning_crud.php unrestricted uploadVulDBVulDB03/11/202503/21/202503/22/2025CVE-2025-2606517974
accepted
300588SourceCodester Kortex Lite Advocate Office Management System edit_act.php sql injectionVulDBVulDB03/11/202503/21/202503/22/2025CVE-2025-2604517965
accepted
300587SourceCodester Kortex Lite Advocate Office Management System deactivate.php sql injectionVulDBVulDB03/11/202503/21/202503/22/2025CVE-2025-2603517963
accepted
300586SourceCodester Kortex Lite Advocate Office Management System deactivate_reg.php sql injectionVulDBVulDB03/11/202503/21/202505/15/2025CVE-2025-2602517960
accepted
300585SourceCodester Kortex Lite Advocate Office Management System activate_reg.php sql injectionVulDBVulDB03/11/202503/21/202505/15/2025CVE-2025-2601517959
accepted
300577FastCMS list sql injectionVulDBVulDB03/11/202503/21/202503/22/2025CVE-2025-2593517926
accepted
300575Open Asset Import Library Assimp CSMLoader.cpp InternReadFile heap-based overflowVulDBVulDB03/11/202503/21/202504/04/2025CVE-2025-2592517782
accepted
300574Open Asset Import Library Assimp MDLLoader.cpp InternReadFile_Quake1 divide by zeroVulDBVulDB03/11/202503/21/202504/04/2025CVE-2025-2591517781
accepted
300570code-projects Human Resource Management System recruitment.go UpdateRecruitmentById cross site scriptingVulDBVulDB03/10/202503/21/202503/21/2025CVE-2025-2590517344
accepted
300569code-projects Human Resource Management System Account.go Index improper authorizationVulDBVulDB03/10/202503/21/202503/22/2025CVE-2025-2589517343
accepted
300568Hercules Augeas fa.c re_case_expand null pointer dereferenceVulDBVulDB03/10/202503/21/202503/29/2025CVE-2025-2588517281
accepted
300567Jinher OA C6 IncentivePlanFulfillAppprove.aspx sql injectionVulDBVulDB03/07/202503/21/202503/22/2025CVE-2025-2587516025
accepted
300544WebAssembly wabt binary-reader-interp.cc GetReturnCallDropKeepCount heap-based overflowVulDBVulDB03/06/202503/21/202503/21/2025CVE-2025-2584515406
accepted
300543SimpleMachines SMF ManageNews.php cross site scripting [Disputed]VulDBVulDB03/01/202503/21/202504/21/2025CVE-2025-2583512001
accepted
300542SimpleMachines SMF ManageAttachments.php cross site scripting [Disputed]VulDBVulDB03/01/202503/21/202504/21/2025CVE-2025-2582511999
accepted
300541xmedcon DICOM File malloc integer underflowVulDBVulDB03/18/202503/20/202503/21/2025CVE-2025-2581522216
accepted
300170Audi UTR Dashcam Command API access controlVulDBVulDB03/03/202503/20/202503/21/2025CVE-2025-2557513393
accepted
300169Audi UTR Dashcam Video Stream hard-coded credentialsVulDBVulDB03/03/202503/20/202503/21/2025CVE-2025-2556513392
accepted
300168Audi Universal Traffic Recorder App FTP Credentials hard-coded passwordVulDBVulDB03/03/202503/20/202503/21/2025CVE-2025-2555513391
accepted
300167D-Link DIR-618/DIR-605L formVirtualServ access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2553516795
accepted
300166D-Link DIR-618/DIR-605L formTcpipSetup access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2552516794
accepted
300165D-Link DIR-618/DIR-605L formSetPortTr access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2551516793
accepted
300164D-Link DIR-618/DIR-605L DDNS Service formSetDDNS access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2550516792
accepted
300163D-Link DIR-618/DIR-605L formSetPassword access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2549516791
accepted
300162D-Link DIR-618/DIR-605L formSetDomainFilter access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2548516790
accepted
300161D-Link DIR-618/DIR-605L formAdvNetwork access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2547516789
accepted
300160D-Link DIR-618/DIR-605L Firewall Service formAdvFirewall access controlVulDBVulDB03/08/202503/20/202503/21/2025CVE-2025-2546516788
accepted
299997Dromara ujcms Edit Template File Page WebFileTemplateController.java update cross site scriptingVulDBVulDB03/10/202503/18/202503/18/2025CVE-2025-2491517269
accepted
299996Dromara ujcms File Upload WebFileUploadController.java upload cross site scriptingVulDBVulDB03/10/202503/18/202503/18/2025CVE-2025-2490517267
accepted
299966PHPGurukul Company Visitor Management System Sign In index.php sql injectionVulDBVulDB03/10/202503/17/202503/18/2025CVE-2025-2473517266
accepted
299965PHPGurukul Apartment Visitors Management System Sign In index.php sql injectionVulDBVulDB03/10/202503/17/202503/18/2025CVE-2025-2472517264
accepted
299964PHPGurukul Boat Booking System boat-details.php sql injectionVulDBVulDB03/09/202503/17/202503/18/2025CVE-2025-2471517113
accepted
299917猫宁i Morning cross-site request forgeryVulDBVulDB03/09/202503/17/202503/18/2025CVE-2025-2420517009
accepted
299916code-projects Real Estate Property Management System InsertFeedback.php sql injectionVulDBVulDB03/09/202503/17/202504/08/2025CVE-2025-2419516999
accepted
299897China Mobile P22g-CIac CLI su Command default credentialsVulDBVulDB03/17/202503/17/2025CVE-2025-2398
 
accepted
299896China Mobile P22g-CIac Telnet Service improper authorizationVulDBVulDB03/05/202503/17/202503/18/2025CVE-2025-2397514957
accepted
299892code-projects Online Class and Exam Scheduling System salut_del.php sql injectionVulDBVulDB03/08/202503/16/202503/18/2025CVE-2025-2393516917
accepted
299891code-projects Online Class and Exam Scheduling System activate.php sql injectionVulDBVulDB03/08/202503/16/202503/18/2025CVE-2025-2392516912
accepted
299890code-projects Blood Bank Management System Admin Login Page admin_login.php sql injectionVulDBVulDB03/08/202503/16/202503/18/2025CVE-2025-2391516910
accepted
299889code-projects Blood Bank Management System add_donor.php sql injectionVulDBVulDB03/08/202503/16/202503/16/2025CVE-2025-2390516908
accepted
299888code-projects Blood Bank Management System add_city.php sql injectionVulDBVulDB03/08/202503/16/202503/16/2025CVE-2025-2389516906
accepted
299887Keytop 路内停车收费系统 API getParks improper authenticationVulDBVulDB03/08/202503/16/202503/16/2025CVE-2025-2388516710
accepted
299886SourceCodester Online Food Ordering System ajax.php sql injectionVulDBVulDB03/08/202503/16/202503/16/2025CVE-2025-2387516681
accepted
299885PHPGurukul Local Services Search Engine Management System serviceman-search.php sql injectionVulDBVulDB03/08/202503/16/202503/26/2025CVE-2025-2386516546
accepted
299884code-projects Modern Bag login.php sql injectionVulDBVulDB03/08/202503/16/202504/08/2025CVE-2025-2385516544
accepted
299883code-projects Real Estate Property Management System Parameter InsertCustomer.php sql injectionVulDBVulDB03/07/202503/16/202503/26/2025CVE-2025-2384516282
accepted
299882PHPGurukul Doctor Appointment Management System search.php sql injectionVulDBVulDB03/07/202503/16/202503/26/2025CVE-2025-2383515913
accepted
299881PHPGurukul Online Banquet Booking System booking-search.php sql injectionVulDBVulDB03/07/202503/16/202505/26/2025CVE-2025-2382515911
accepted
299880PHPGurukul Curfew e-Pass Management System search-pass.php sql injectionVulDBVulDB03/07/202503/16/202503/16/2025CVE-2025-2381515896
accepted
299879PHPGurukul Apartment Visitors Management System admin-profile.php sql injectionVulDBVulDB03/07/202503/16/202503/16/2025CVE-2025-2380515873
accepted
299878PHPGurukul Apartment Visitors Management System create-pass.php sql injectionVulDBVulDB03/07/202503/16/202503/16/2025CVE-2025-2379515872
accepted
299877PHPGurukul Medical Card Generation System download-medical-cards.php sql injectionVulDBVulDB03/07/202503/16/202503/17/2025CVE-2025-2378515822
accepted
299876SourceCodester Vehicle Management System confirmbooking.php cross site scriptingVulDBVulDB03/07/202503/16/202505/15/2025CVE-2025-2377515797
accepted
299875viames Pair Framework PHP Object UserRemember.php getCookieContent deserializationVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2376515735
accepted
299874PHPGurukul Human Metapneumovirus Testing Management System Admin Profile Page profile.php cross site scriptingVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2375515444
accepted
299873PHPGurukul Human Metapneumovirus Testing Management System profile.php sql injectionVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2374515429
accepted
299872PHPGurukul Human Metapneumovirus Testing Management System check_availability.php sql injectionVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2373515408
accepted
299871PHPGurukul Human Metapneumovirus Testing Management System Password Recovery Page password-recovery.php sql injectionVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2372515389
accepted
299870PHPGurukul Human Metapneumovirus Testing Management System Registered Mobile Number Search registered-user-testing.php cross site scriptingVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2371515347
accepted
299869TOTOLINK EX1800T cstecgi.cgi setWiFiExtenderConfig stack-based overflowVulDBVulDB03/06/202503/16/202504/08/2025CVE-2025-2370515329
accepted
299868TOTOLINK EX1800T cstecgi.cgi setPasswordCfg stack-based overflowVulDBVulDB03/06/202503/16/202504/08/2025CVE-2025-2369515328
accepted
299867WebAssembly wabt Malformed File binary-reader-interp.cc OnExport heap-based overflowVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2368515327
accepted
299866Oiwtech OIW-2431APGN-HP Personal Script Submenu formScript os command injectionVulDBVulDB03/06/202503/16/202503/17/2025CVE-2025-2367515126
accepted
299865gougucms Add Department Page add cross site scriptingVulDBVulDB03/05/202503/16/202503/17/2025CVE-2025-2366515044
accepted
299864crmeb_java WeChatMessageController.java webHook xml external entity referenceVulDBVulDB03/03/202503/16/202503/17/2025CVE-2025-2365513285
accepted
299863lenve VBlog ArticleService.java addNewArticle cross site scriptingVulDBVulDB03/05/202503/16/202503/17/2025CVE-2025-2364514763
accepted
299862lenve VBlog ArticleController.java uploadImg path traversalVulDBVulDB03/05/202503/16/202503/17/2025CVE-2025-2363514721
accepted
299861PHPGurukul Pre-School Enrollment System contact-us.php sql injectionVulDBVulDB03/05/202503/16/202503/17/2025CVE-2025-2362514464
accepted
299860Mercurial SCM Web Interface cross site scriptingVulDBVulDB03/04/202503/16/202503/22/2025CVE-2025-2361514024
accepted
299827D-Link DIR-823G UPnP Service HNAP1 SetUpnpSettings improper authorizationVulDBVulDB03/04/202503/15/202503/17/2025CVE-2025-2360513751
accepted
299826D-Link DIR-823G DDNS Service HNAP1 SetDDNSSettings improper authorizationVulDBVulDB03/04/202503/15/202503/17/2025CVE-2025-2359513750
accepted
299825Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System HTTP Header Service.asmx sql injectionVulDBVulDB03/04/202503/15/202503/17/2025CVE-2025-2358513708
accepted
299824DCMTK dcmjpls JPEG-LS Decoder memory corruptionVulDBVulDB03/04/202503/15/202506/23/2025CVE-2025-2357513692
accepted
299823BlackVue App API deviceDelete get request method with sensitive query stringsVulDBVulDB03/15/202503/17/2025CVE-2025-2356
 
accepted
299822BlackVue App API Endpoint credentials storageVulDBVulDB03/03/202503/15/202503/17/2025CVE-2025-2355513351
accepted
299821VAM Virtual Airlines Manager index.php cross site scriptingVulDBVulDB03/03/202503/15/202503/17/2025CVE-2025-2354513287
accepted
299820VAM Virtual Airlines Manager HTTP GET Parameter index.php sql injectionVulDBVulDB03/03/202503/15/202503/17/2025CVE-2025-2353513284
accepted
299819StarSea99 starsea-mall Backend save cross site scriptingVulDBVulDB03/03/202503/15/202503/17/2025CVE-2025-2352513137
accepted
299818DayCloud StudentManage Login Endpoint adminScoreUrl sql injectionVulDBVulDB03/03/202503/15/202503/17/2025CVE-2025-2351512793
accepted
299816IROAD Dash Cam FX2 upload_file unrestricted uploadVulDBVulDB03/15/202503/17/2025CVE-2025-2350
 
accepted
299815IROAD Dash Cam FX2 Password Hash passwd weak password hashVulDBVulDB03/15/202503/17/2025CVE-2025-2349
 
accepted
299814IROAD Dash Cam FX2 HTTP/RTSP event information disclosureVulDBVulDB03/15/202503/17/2025CVE-2025-2348
 
accepted
299813IROAD Dash Cam FX2 Device Registration default passwordVulDBVulDB03/15/202503/17/2025CVE-2025-2347
 
accepted
299812IROAD Dash Cam X5/Dash Cam X6 Domain origin validationVulDBVulDB03/15/202503/18/2025CVE-2025-2346
 
accepted
299811IROAD Dash Cam X5/Dash Cam X6 improper authorizationVulDBVulDB03/08/202503/15/202503/18/2025CVE-2025-2345516883
accepted
299810IROAD Dash Cam X5/Dash Cam X6 API Endpoint missing authenticationVulDBVulDB03/08/202503/15/202503/18/2025CVE-2025-2344516882
accepted
299809IROAD Dash Cam X5/Dash Cam X6 Device Pairing hard-coded credentialsVulDBVulDB03/08/202503/15/202503/18/2025CVE-2025-2343516881
accepted
299808IROAD X5 Mobile App API Endpoint hard-coded credentialsVulDBVulDB03/02/202503/15/202503/18/2025CVE-2025-2342512419
accepted
299807IROAD Dash Cam X5 SSID default credentialsVulDBVulDB03/02/202503/15/202503/18/2025CVE-2025-2341512418
accepted
299806otale Tale Blog Site Settings save saveOptions cross site scriptingVulDBVulDB03/05/202503/15/202503/16/2025CVE-2025-2340514793
accepted
299805otale Tale Blog logs improper authenticationVulDBVulDB02/28/202503/15/202503/16/2025CVE-2025-2339511578
accepted
299802tbeu matio io.c strdup_vprintf heap-based overflowVulDBVulDB02/27/202503/15/202503/16/2025CVE-2025-2338510781
accepted
299801tbeu matio mat.c Mat_VarPrint heap-based overflowVulDBVulDB02/27/202503/15/202503/16/2025CVE-2025-2337510779
accepted
299800Drivin Soluções API registerSchool cross site scriptingVulDBVulDB02/26/202503/15/202503/16/2025CVE-2025-2335509834
accepted
299799274056675 springboot-openai-chatgpt Chat History chat deleteChat access controlVulDBVulDB02/23/202503/15/202503/16/2025CVE-2025-2334505688
accepted
299752274056675 springboot-openai-chatgpt Number of Question questionCou updateQuestionCou behavioral workflowVulDBVulDB02/23/202503/14/202503/15/2025CVE-2025-2323505695
accepted
299751274056675 springboot-openai-chatgpt OpenController.java hard-coded credentialsVulDBVulDB02/23/202503/14/202503/15/2025CVE-2025-2322505694
accepted
299750274056675 springboot-openai-chatgpt addData logic errorVulDBVulDB02/23/202503/14/202503/15/2025CVE-2025-2321505690
accepted
299749274056675 springboot-openai-chatgpt User submit improper authorizationVulDBVulDB02/23/202503/14/202503/15/2025CVE-2025-2320505689
accepted
299723HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflowVulDBVulDB03/05/202503/14/202505/29/2025CVE-2025-2310514533
accepted
299722HDF5 Type Conversion Logic H5T__bit_copy heap-based overflowVulDBVulDB03/05/202503/14/202505/29/2025CVE-2025-2309514532
accepted
299721HDF5 Scale-Offset Filter H5Z__scaleoffset_decompress_one_byte heap-based overflowVulDBVulDB03/05/202503/14/202505/29/2025CVE-2025-2308514531
accepted
299292Odyssey CMS reCAPTCHA odyssey_contact_form.php key managementVulDBVulDB03/02/202503/11/202503/12/2025CVE-2025-2220512367
accepted
299291LoveCards LoveCardsV2 image unrestricted uploadVulDBVulDB03/11/202503/12/2025CVE-2025-2219
 
accepted
299290LoveCards LoveCardsV2 Setting other access controlVulDBVulDB03/02/202503/11/202503/12/2025CVE-2025-2218512351
accepted
299289zzskzy Warehouse Refinement Management System getAdyData.ashx ProcessRequest sql injectionVulDBVulDB03/02/202503/11/202503/12/2025CVE-2025-2217512333
accepted
299288zzskzy Warehouse Refinement Management System SaveCrash.ashx UploadCrash unrestricted uploadVulDBVulDB03/02/202503/11/202503/12/2025CVE-2025-2216512330
accepted
299287Doufox s=doudou path traversalVulDBVulDB03/02/202503/11/202503/12/2025CVE-2025-2215512316
accepted
299285Microweber Settings index.php cross site scriptingVulDBVulDB03/01/202503/11/202503/12/2025CVE-2025-2214512032
accepted
299284Castlenet CBW383G2N Wireless Menu wlanPrimaryNetwork.asp cross site scriptingVulDBVulDB03/01/202503/11/202503/12/2025CVE-2025-2213511882
accepted
299283Castlenet CBW383G2N RgSwInfo.asp cross site scriptingVulDBVulDB03/01/202503/11/202503/12/2025CVE-2025-2212511873
accepted
299282aitangbao springboot-manager add cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2211511741
accepted
299281aitangbao springboot-manager add cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2210511740
accepted
299280aitangbao springboot-manager add cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2209511739
accepted
299279aitangbao springboot-manager Filename upload cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2208511738
accepted
299278aitangbao springboot-manager dept cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2207511737
accepted
299277aitangbao springboot-manager permission cross site scriptingVulDBVulDB02/28/202503/11/202505/26/2025CVE-2025-2206511736
accepted
299221MRCMS org.marker.mushroom.controller.FileController upload.do upload cross site scriptingVulDBVulDB02/28/202503/11/202504/10/2025CVE-2025-2196511735
accepted
299220MRCMS org.marker.mushroom.controller.FileController rename.do rename cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2195511733
accepted
299219MRCMS org.marker.mushroom.controller.FileController list.do list cross site scriptingVulDBVulDB02/28/202503/11/202504/10/2025CVE-2025-2194511732
accepted
299218MRCMS org.marker.mushroom.controller.FileController delete.do delete path traversalVulDBVulDB02/28/202503/11/202504/10/2025CVE-2025-2193511724
accepted
299217Stoque Zeev.it Login Page server-side request forgeryVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2192511708
accepted
299216Claro A7600-A1 Ping6 Diagnóstico form2pingv6.cgi cross site scriptingVulDBVulDB02/28/202503/11/202503/11/2025CVE-2025-2191511700
accepted
299206libzvbi search.c vbi_search_new integer overflowVulDBVulDB03/03/202503/11/202503/22/2025CVE-2025-2177512803
accepted
299205libzvbi io-sim.c vbi_capture_sim_load_caption integer overflowVulDBVulDB03/03/202503/11/202503/22/2025CVE-2025-2176512802
accepted
299204libzvbi _vbi_strndup_iconv integer overflowVulDBVulDB03/03/202503/11/202503/22/2025CVE-2025-2175512801
accepted
299203libzvbi conv.c vbi_strndup_iconv_ucs2 integer overflowVulDBVulDB03/03/202503/11/202503/22/2025CVE-2025-2174512800
accepted
299202libzvbi conv.c vbi_strndup_iconv_ucs2 uninitialized pointerVulDBVulDB03/03/202503/11/202503/22/2025CVE-2025-2173512798
accepted
299064HDF5 h5 File H5SM.c H5SM_delete heap-based overflowVulDBVulDB02/27/202503/10/202503/21/2025CVE-2025-2153510819
accepted
299063Open Asset Import Library Assimp File BaseImporter.cpp ConvertToUTF8 heap-based overflowVulDBVulDB02/27/202503/10/202505/14/2025CVE-2025-2152510818
accepted
299062Open Asset Import Library Assimp File ParsingUtils.h GetNextLine stack-based overflowVulDBVulDB02/27/202503/10/202505/29/2025CVE-2025-2151510582
accepted
299060PyTorch Quantized Sigmoid Module nnq_Sigmoid initializationVulDBVulDB02/25/202503/10/202506/23/2025CVE-2025-2149506563
accepted
299059PyTorch Tuple torch.ops.profiler._call_end_callbacks_on_jit_fut memory corruptionVulDBVulDB02/24/202503/10/202506/23/2025CVE-2025-2148505959
accepted
299058Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System file accessVulDBVulDB02/25/202503/10/202503/10/2025CVE-2025-2147506593
accepted
299053ftcms edit cross site scriptingVulDBVulDB02/28/202503/09/202503/10/2025CVE-2025-2133511627
accepted
299052ftcms Search ajax_all_lists sql injectionVulDBVulDB02/28/202503/09/202503/10/2025CVE-2025-2132511614
accepted
299051dayrui XunRuiCMS Friendly Links cross site scriptingVulDBVulDB02/28/202503/09/202503/10/2025CVE-2025-2131511411
accepted
299050OpenXE Ticket Bearbeiten Page cross site scriptingVulDBVulDB02/28/202503/09/202503/10/2025CVE-2025-2130511529
accepted
299049Mage AI insecure default initialization of resource [Disputed]VulDBVulDB02/27/202503/09/202503/09/2025CVE-2025-2129510690
accepted
299040JoomlaUX JUX Real Estate realties cross site scriptingVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2127509891
accepted
299039JoomlaUX JUX Real Estate GET Parameter realties sql injectionVulDBVulDB02/26/202503/08/202503/21/2025CVE-2025-2126509884
accepted
299038Control iD RH iD PDF Document companyId resource injectionVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2125509856
accepted
299037Control iD RH iD API change_password cross site scriptingVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2124509845
accepted
299036GeSHi CSS cssgen.php get_var cross site scriptingVulDBVulDB02/26/202503/08/202506/23/2025CVE-2025-2123507418
accepted
299035Thinkware Car Dashcam F800 Pro Connection denial of serviceVulDBVulDB03/08/202505/29/2025CVE-2025-2122
 
accepted
299034Thinkware Car Dashcam F800 Pro File Storage access controlVulDBVulDB02/26/202503/08/202505/29/2025CVE-2025-2121507328
accepted
299033Thinkware Car Dashcam F800 Pro Configuration File hostapd.conf cleartext storage in a file or on diskVulDBVulDB02/26/202503/08/202505/29/2025CVE-2025-2120507327
accepted
299032Thinkware Car Dashcam F800 Pro Device Registration default credentialsVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2119507326
accepted
299013Quantico Tecnologia PRMV Login Endpoint login.php sql injectionVulDBVulDB02/25/202503/08/202503/09/2025CVE-2025-2118506948
accepted
299012Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System reportCenter.do electricDocList sql injectionVulDBVulDB02/26/202503/08/202503/09/2025CVE-2025-2117508302
accepted
299011Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do server-side request forgeryVulDBVulDB02/19/202503/08/202503/09/2025CVE-2025-2116503719
accepted
299010zzskzy Warehouse Refinement Management System AcceptZip.ashx ProcessRequest unrestricted uploadVulDBVulDB02/25/202503/08/202503/09/2025CVE-2025-2115506655
accepted
299009Shenzhen Sixun Software Sixun Shanghui Group Business Management System Reset Password Interface OperatorStop.asp improper authorizationVulDBVulDB02/25/202503/08/202503/09/2025CVE-2025-2114506591
accepted
299006AT Software Solutions ATSVD Esqueceu a senha sql injectionVulDBVulDB02/24/202503/08/202503/09/2025CVE-2025-2113506341
accepted
299005user-xiangpeng yaoqishan MediaInfoService.java getMediaLisByFilter sql injectionVulDBVulDB02/24/202503/08/202503/08/2025CVE-2025-2112506085
accepted
298955TOTOLINK EX1800T cstecgi.cgi setRptWizardCfg stack-based overflowVulDBVulDB03/06/202503/07/202503/08/2025CVE-2025-2097515326
accepted
298954TOTOLINK EX1800T cstecgi.cgi setRebootScheCfg os command injectionVulDBVulDB03/06/202503/07/202503/08/2025CVE-2025-2096515322
accepted
298953TOTOLINK EX1800T cstecgi.cgi setDmzCfg os command injectionVulDBVulDB03/06/202503/07/202503/08/2025CVE-2025-2095515321
accepted
298952TOTOLINK EX1800T cstecgi.cgi setWiFiExtenderConfig os command injectionVulDBVulDB03/06/202503/07/202503/08/2025CVE-2025-2094515319
accepted
298951PHPGurukul Online Library Management System change-password.php password recoveryVulDBVulDB03/06/202503/07/202503/08/2025CVE-2025-2093515207
accepted
298904PHPGurukul Pre-School Enrollment System Sub Admin add-subadmin.php access controlVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2090515017
accepted
298903StarSea99 starsea-mall com.siro.mall.controller.mall.UserController updateInfo updateUserInfo access controlVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2089514977
accepted
298902PHPGurukul Pre-School Enrollment System profile.php sql injectionVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2088514974
accepted
298901StarSea99 starsea-mall update cross site scriptingVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2087514960
accepted
298900StarSea99 starsea-mall update cross site scriptingVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2086514959
accepted
298899StarSea99 starsea-mall save cross site scriptingVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2085514958
accepted
298896PHPGurukul Human Metapneumovirus Testing Management System Search Report Page search-report.php cross site scriptingVulDBVulDB03/05/202503/07/202503/07/2025CVE-2025-2084514804
accepted
298823projectworlds Life Insurance Management System search.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2067514762
accepted
298822projectworlds Life Insurance Management System updateAgent.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2066514759
accepted
298821projectworlds Life Insurance Management System editAgent.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2065514758
accepted
298820projectworlds Life Insurance Management System deletePayment.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2064514751
accepted
298819projectworlds Life Insurance Management System deleteNominee.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2063514749
accepted
298818projectworlds Life Insurance Management System clientStatus.php sql injectionVulDBVulDB03/05/202503/06/202505/15/2025CVE-2025-2062514722
accepted
298816code-projects Online Ticket Reservation System passenger.php cross site scriptingVulDBVulDB03/05/202503/06/202505/29/2025CVE-2025-2061514529
accepted
298815PHPGurukul Emergency Ambulance Hiring Portal admin-profile.php sql injectionVulDBVulDB03/05/202503/06/202503/06/2025CVE-2025-2060514523
accepted
298814PHPGurukul Emergency Ambulance Hiring Portal booking-details.php sql injectionVulDBVulDB03/05/202503/06/202503/06/2025CVE-2025-2059514522
accepted
298813PHPGurukul Emergency Ambulance Hiring Portal search.php sql injectionVulDBVulDB03/05/202503/06/202503/06/2025CVE-2025-2058514462
accepted
298812PHPGurukul Emergency Ambulance Hiring Portal about-us.php sql injectionVulDBVulDB03/05/202503/06/202503/06/2025CVE-2025-2057514461
accepted
298807code-projects Blood Bank Management System edit_state.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2054514346
accepted
298806PHPGurukul Apartment Visitors Management System visitor-detail.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2053514234
accepted
298805PHPGurukul Apartment Visitors Management System forgot-password.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2052514218
accepted
298804PHPGurukul Apartment Visitors Management System search-visitor.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2051514191
accepted
298801PHPGurukul User Registration & Login and User Management System login.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2050514115
accepted
298800code-projects Blood Bank System AB+.php cross site scriptingVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2049514089
accepted
298797PHPGurukul Art Gallery Management System search.php cross site scriptingVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2047514015
accepted
298796SourceCodester Best Employee Management System print1.php sql injectionVulDBVulDB03/04/202503/06/202503/06/2025CVE-2025-2046513971
accepted
298789code-projects Blood Bank Management System delete_bloodGroup.php sql injectionVulDBVulDB03/04/202503/06/202505/14/2025CVE-2025-2044513653
accepted
298787LinZhaoguan pb-cms Add New Topic admin#themes deserializationVulDBVulDB03/03/202503/06/202503/06/2025CVE-2025-2043513243
accepted
298786huang-yk student-manage cross-site request forgeryVulDBVulDB03/03/202503/06/202503/06/2025CVE-2025-2042512940
accepted
298784s-a-zhd Ecommerce-Website-using-PHP shop.php sql injectionVulDBVulDB03/03/202503/06/202503/06/2025CVE-2025-2041512709
accepted
298783zhijiantianya ruoyi-vue-pro deploy special elements used in a template engineVulDBVulDB03/03/202503/06/202503/06/2025CVE-2025-2040512574
accepted
298782code-projects Blood Bank Management System delete_members.php sql injectionVulDBVulDB03/03/202503/06/202505/14/2025CVE-2025-2039512564
accepted
298781code-projects Blood Bank Management System upload exposure of information through directory listingVulDBVulDB03/03/202503/06/202505/14/2025CVE-2025-2038512558
accepted
298780code-projects Blood Bank Management System delete_requester.php sql injectionVulDBVulDB03/03/202503/06/202505/14/2025CVE-2025-2037512550
accepted
298779s-a-zhd Ecommerce-Website-using-PHP details.php sql injectionVulDBVulDB03/02/202503/06/202503/06/2025CVE-2025-2036512405
accepted
298778s-a-zhd Ecommerce-Website-using-PHP customer_register.php unrestricted uploadVulDBVulDB03/02/202503/06/202503/06/2025CVE-2025-2035512404
accepted
298777PHPGurukul Pre-School Enrollment System edit-class.php sql injectionVulDBVulDB03/02/202503/06/202503/22/2025CVE-2025-2034512292
accepted
298776code-projects Blood Bank Management System view_donor.php sql injectionVulDBVulDB03/01/202503/06/202505/14/2025CVE-2025-2033512164
accepted
298774ChestnutCMS rename renameFile path traversalVulDBVulDB03/01/202503/06/202505/13/2025CVE-2025-2032512030
accepted
298773ChestnutCMS upload uploadFile unrestricted uploadVulDBVulDB03/01/202503/06/202505/13/2025CVE-2025-2031512029
accepted
298772Seeyon Zhiyuan Interconnect FE Collaborative Office Platform addUser.jsp sql injectionVulDBVulDB02/23/202503/06/202503/10/2025CVE-2025-2030505638
accepted
298770MicroDicom DICOM Viewer mDicom.exe memory corruptionVulDBVulDB02/25/202503/06/202503/06/2025CVE-2025-2029506579
accepted
298568code-projects Blood Bank Management System donor.php cross site scriptingVulDBVulDB03/01/202503/04/202503/05/2025CVE-2025-1967512163
accepted
298567PHPGurukul Pre-School Enrollment System index.php sql injectionVulDBVulDB03/01/202503/04/202503/05/2025CVE-2025-1966512039
accepted
298566projectworlds Online Hotel Booking login.php sql injectionVulDBVulDB02/28/202503/04/202503/05/2025CVE-2025-1965511473
accepted
298565projectworlds Online Hotel Booking booknow.php sql injectionVulDBVulDB02/28/202503/04/202503/05/2025CVE-2025-1964511471
accepted
298564projectworlds Online Hotel Booking reservation.php sql injectionVulDBVulDB02/28/202503/04/202503/05/2025CVE-2025-1963511466
accepted
298563projectworlds Online Hotel Booking addroom.php sql injectionVulDBVulDB02/28/202503/04/202503/05/2025CVE-2025-1962511426
accepted
298561SourceCodester Best Church Management Software web_crud.php sql injectionVulDBVulDB02/27/202503/04/202503/05/2025CVE-2025-1961510865
accepted
298560Codezips Gym Management System change_s_pwd.php sql injectionVulDBVulDB02/27/202503/04/202504/02/2025CVE-2025-1959510782
accepted
298559aaluoxiang oa_system address-mapper.xml sql injectionVulDBVulDB02/27/202503/04/202503/05/2025CVE-2025-1958510750
accepted
298558code-projects Blood Bank System o+.php cross site scriptingVulDBVulDB02/27/202503/04/202503/08/2025CVE-2025-1957510705
accepted
298557code-projects Shopping Portal Login index.php sql injectionVulDBVulDB02/27/202503/04/202503/05/2025CVE-2025-1956510696
accepted
298556code-projects Online Class and Exam Scheduling System profile.php cross site scriptingVulDBVulDB02/27/202503/04/202503/04/2025CVE-2025-1955510689
accepted
298555PHPGurukul Human Metapneumovirus Testing Management System login.php sql injectionVulDBVulDB02/27/202503/04/202503/04/2025CVE-2025-1954510360
accepted
298543vLLM AIBrix Prefix Caching hash.go random valuesVulDBVulDB02/27/202503/04/202503/04/2025CVE-2025-1953509958
accepted
298542PHPGurukul Restaurant Table Booking System password-recovery.php sql injectionVulDBVulDB02/27/202503/04/202503/04/2025CVE-2025-1952509955
accepted
298541ZZCMS URL register_nodb.php cross site scriptingVulDBVulDB02/26/202503/04/202503/04/2025CVE-2025-1949508909
accepted
298521hzmanyun Education and Training System UploadImageController.java scorm command injectionVulDBVulDB02/25/202503/04/202503/04/2025CVE-2025-1947506659
accepted
298520hzmanyun Education and Training System exportPDF command injectionVulDBVulDB02/25/202503/04/202503/04/2025CVE-2025-1946506657
accepted
298513Open5GS AMF nsmf-handler.c amf_nsmf_pdusession_handle_update_sm_context denial of serviceVulDBVulDB02/24/202503/04/202506/23/2025CVE-2025-1925506038
accepted
298426PHPGurukul Restaurant Table Booking System profile.php sql injectionVulDBVulDB02/26/202503/03/202503/04/2025CVE-2025-1906508915
accepted
298425SourceCodester Employee Management System employee.php cross site scriptingVulDBVulDB02/26/202503/03/202503/04/2025CVE-2025-1905508301
accepted
298424code-projects Blood Bank System A+.php cross site scriptingVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1904506868
accepted
298421Codezips Online Shopping Website cart_add.php sql injectionVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1903506667
accepted
298420PHPGurukul Student Record System password-recovery.php sql injectionVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1902506623
accepted
298419PHPGurukul Restaurant Table Booking System check_availability.php sql injectionVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1901506612
accepted
298418PHPGurukul Restaurant Table Booking System add-table.php sql injectionVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1900506609
accepted
298417Tenda TX3 setPptpUserList buffer overflowVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1899506607
accepted
298416Tenda TX3 openSchedWifi buffer overflowVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1898506606
accepted
298415Tenda TX3 SetNetControlList buffer overflowVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1897506604
accepted
298414Tenda TX3 SetStaticRouteCfg buffer overflowVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1896506602
accepted
298413Tenda TX3 setMacFilterCfg buffer overflowVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1895506601
accepted
298412PHPGurukul Restaurant Table Booking System search-result.php sql injectionVulDBVulDB02/25/202503/03/202503/04/2025CVE-2025-1894506592
accepted
298411Open5GS AMF gmm-sm.c gmm_state_authentication denial of serviceVulDBVulDB02/24/202503/03/202503/04/2025CVE-2025-1893505952
accepted
298410shishuocms Directory Deletion Page add.json cross site scriptingVulDBVulDB02/23/202503/03/202503/06/2025CVE-2025-1892505754
accepted
298409shishuocms cross-site request forgeryVulDBVulDB02/23/202503/03/202503/06/2025CVE-2025-1891505741
accepted
298408shishuocms ManageUpLoadAction.java handleRequest unrestricted uploadVulDBVulDB02/23/202503/03/202503/05/2025CVE-2025-1890505736
accepted
298196i-Drive i11/i12 Device Setting improper access control for register interfaceVulDBVulDB02/27/202503/03/202503/03/2025CVE-2025-1882510955
accepted
298195i-Drive i11/i12 Video Footage/Live Video Stream access controlVulDBVulDB02/27/202503/03/202503/03/2025CVE-2025-1881510952
accepted
298194i-Drive i11/i12 Device Pairing authentication bypassVulDBVulDB02/27/202503/03/202503/03/2025CVE-2025-1880510951
accepted
298193i-Drive i11/i12 APK hard-coded credentialsVulDBVulDB02/27/202503/03/202503/03/2025CVE-2025-1879510950
accepted
298192i-Drive i11/i12 WiFi default passwordVulDBVulDB02/27/202503/03/202503/03/2025CVE-2025-1878510949
accepted
298191D-Link DAP-1562 HTTP POST Request pure_auth_check null pointer dereferenceVulDBVulDB02/25/202503/03/202503/03/2025CVE-2025-1877506526
accepted
298190D-Link DAP-1562 HTTP Header http_request_parse stack-based overflowVulDBVulDB02/24/202503/03/202503/03/2025CVE-2025-1876506106
accepted
298127PHPGurukul News Portal login.php sql injectionVulDBVulDB02/24/202503/02/202503/03/2025CVE-2025-1859506350
accepted
298126Codezips Online Shopping Website success.php sql injectionVulDBVulDB02/24/202503/02/202506/24/2025CVE-2025-1858506315
accepted
298125PHPGurukul Nipah Virus Testing Management System check_availability.php sql injectionVulDBVulDB02/24/202503/02/202506/24/2025CVE-2025-1857506120
accepted
298124Codezips Gym Management System gen_invoice.php sql injectionVulDBVulDB02/24/202503/02/202506/24/2025CVE-2025-1856506107
accepted
298123PHPGurukul Online Shopping Portal product-details.php sql injectionVulDBVulDB02/24/202503/02/202506/24/2025CVE-2025-1855506066
accepted
298122Codezips Gym Management System del_member.php sql injectionVulDBVulDB02/24/202503/02/202506/24/2025CVE-2025-1854506053
accepted
298121Tenda AC8 Parameter SetIpMacBind sub_49E098 stack-based overflowVulDBVulDB02/22/202503/02/202503/03/2025CVE-2025-1853505374
accepted
298120Totolink EX1800T cstecgi.cgi loginAuth buffer overflowVulDBVulDB02/22/202503/02/202503/03/2025CVE-2025-1852505362
accepted
298119Tenda AC7 SetFirewallCfg formSetFirewallCfg stack-based overflowVulDBVulDB02/22/202503/02/202503/03/2025CVE-2025-1851505271
accepted
298118Codezips College Management System university.php sql injectionVulDBVulDB02/28/202503/02/202503/03/2025CVE-2025-1850511626
accepted
298117zj1983 zz import_data_todb server-side request forgeryVulDBVulDB02/22/202503/02/202505/26/2025CVE-2025-1849505346
accepted
298116zj1983 zz import_data_check server-side request forgeryVulDBVulDB02/22/202503/02/202505/26/2025CVE-2025-1848505345
accepted
298115zj1983 zz improper authorizationVulDBVulDB02/22/202503/02/202505/26/2025CVE-2025-1847505303
accepted
298114zj1983 zz File ZfileAction.java deleteLocalFile denial of serviceVulDBVulDB02/21/202503/02/202505/29/2025CVE-2025-1846505097
accepted
298111ESAFENET DSM examExportPDF command injectionVulDBVulDB02/21/202503/02/202505/29/2025CVE-2025-1845505009
accepted
298110ESAFENET CDG backupLogDetail.jsp sql injectionVulDBVulDB02/21/202503/02/202505/29/2025CVE-2025-1844505008
accepted
298109Mini-Tmall ProductMapper.java select sql injectionVulDBVulDB02/21/202503/02/202503/03/2025CVE-2025-1843504958
accepted
298108FITSTATS Technologies AthleteMonitoring login.php cross site scriptingVulDBVulDB02/20/202503/02/202503/03/2025CVE-2025-1842504603
accepted
298107ESAFENET CDG ClientSortLog.jsp sql injectionVulDBVulDB02/20/202503/02/202505/29/2025CVE-2025-1841504385
accepted
298106ESAFENET CDG updateorg.jsp sql injectionVulDBVulDB02/20/202503/02/202506/06/2025CVE-2025-1840504384
accepted
298104Incorta Edit Insight csv injectionVulDBVulDB02/18/202503/02/202503/03/2025CVE-2025-1836503070
accepted
298102osuuu LightPicture Api.php upload unrestricted uploadVulDBVulDB02/21/202503/01/202503/03/2025CVE-2025-1835505007
accepted
298101zj1983 zz resolve unrestricted uploadVulDBVulDB02/21/202503/01/202505/26/2025CVE-2025-1834504842
accepted
298100zj1983 zz HTTP Request Customer_noticeAction.java sendNotice server-side request forgeryVulDBVulDB02/21/202503/01/202505/26/2025CVE-2025-1833504833
accepted
298099zj1983 zz ZroleAction.java getUserList sql injectionVulDBVulDB02/21/202503/01/202505/26/2025CVE-2025-1832504814
accepted
298098zj1983 zz ZorgAction.java GetDBUser sql injectionVulDBVulDB02/21/202503/01/202505/26/2025CVE-2025-1831504806
accepted
298097zj1983 zz Customer Information cross site scriptingVulDBVulDB02/21/202503/01/202505/26/2025CVE-2025-1830504790
accepted
298096TOTOLINK X18 cstecgi.cgi setMtknatCfg os command injectionVulDBVulDB02/21/202503/01/202503/02/2025CVE-2025-1829504983
accepted
298094zj1983 zz ZorgAction.java getUserOrgForUserId sql injectionVulDBVulDB02/20/202503/01/202505/26/2025CVE-2025-1821504537
accepted
298093zj1983 zz ZworkflowAction.java getOaWid sql injectionVulDBVulDB02/20/202503/01/202505/26/2025CVE-2025-1820504478
accepted
298092Tenda AC7 1200M telnet TendaTelnet os command injectionVulDBVulDB02/20/202503/01/202503/02/2025CVE-2025-1819504429
accepted
298091zj1983 zz ZfileAction.upload unrestricted uploadVulDBVulDB02/20/202503/01/202505/26/2025CVE-2025-1818504304
accepted
298090Mini-Tmall Admin Name admin cross site scriptingVulDBVulDB02/20/202503/01/202503/04/2025CVE-2025-1817504302
accepted
298089FFmpeg IAMF File iamf_parse.c audio_element_obu memory leakVulDBVulDB02/25/202503/01/202505/30/2025CVE-2025-1816506575
accepted
298083pbrong hrms resource.go HrmsDB improper authorizationVulDBVulDB02/25/202503/01/202503/04/2025CVE-2025-1815506544
accepted
298082Tenda AC6 WifiExtraSet stack-based overflowVulDBVulDB02/25/202503/01/202503/02/2025CVE-2025-1814506532
accepted
298081zj1983 zz cross-site request forgeryVulDBVulDB02/20/202503/01/202505/29/2025CVE-2025-1813504281
accepted
298080zj1983 zz SuperZ.java GetUserOrg sql injectionVulDBVulDB02/20/202503/01/202506/06/2025CVE-2025-1812504273
accepted
298069AT Software Solutions ATSVD Login Endpoint login.aspx sql injectionVulDBVulDB02/20/202503/01/202503/04/2025CVE-2025-1811504099
accepted
298068Pixsoft Vivaz Login Endpoint servlet cross site scriptingVulDBVulDB02/18/202503/01/202503/04/2025CVE-2025-1810503323
accepted
298067Pixsoft Sol Login Endpoint servlet sql injectionVulDBVulDB02/18/202503/01/202503/04/2025CVE-2025-1809503275
accepted
298066Pixsoft E-Saphira Login Endpoint servlet sql injectionVulDBVulDB02/18/202503/01/202503/04/2025CVE-2025-1808503260
accepted
298065Eastnets PaymentSafe Edit Manual Reply directRouter.rfc cross site scriptingVulDBVulDB02/17/202503/01/202504/09/2025CVE-2025-1807502668
accepted
298064Eastnets PaymentSafe URL Default.aspx improper authorizationVulDBVulDB02/17/202503/01/202504/09/2025CVE-2025-1806502539
accepted
298040Blizzard Battle.Net profapi.dll uncontrolled search pathVulDBVulDB01/18/202503/01/202503/07/2025CVE-2025-1804485034
accepted
298030D-Link DAR-7000 HTTP POST Request sxh_vpnlic.php get_ip_addr_details command injectionVulDBVulDB02/18/202502/28/202503/04/2025CVE-2025-1800502971
accepted
298029Zorlan SkyCaiji Tool.php previewAction server-side request forgeryVulDBVulDB02/17/202502/28/202503/04/2025CVE-2025-1799502650
accepted
298028Hunan Zhonghe Baiyi Information Technology Baiyiyun Asset Management and Operations System anyUserBoundHouse.php sql injectionVulDBVulDB02/17/202502/28/202503/04/2025CVE-2025-1797502649
accepted
298012Zorlan SkyCaiji Tool.php fileAction unrestricted uploadVulDBVulDB02/17/202502/28/202506/13/2025CVE-2025-1791502648
accepted
298011rizinorg rizin utf8.c rz_utf8_encode heap-based overflowVulDBVulDB02/17/202502/28/202503/04/2025CVE-2025-1788502345
accepted
298007rizinorg rizin pdb.c msf_stream_directory_free buffer overflowVulDBVulDB02/17/202502/28/202503/04/2025CVE-2025-1786502317
accepted
297832LinZhaoguan pb-cms Logout cross-site request forgeryVulDBVulDB02/17/202502/27/202502/27/2025CVE-2025-1745502342
accepted
297831zyx0814 Pichome index.php path traversalVulDBVulDB02/16/202502/27/202502/27/2025CVE-2025-1743502168
accepted
297830pihome-shc PiHome home.php cross site scriptingVulDBVulDB02/17/202502/27/202503/24/2025CVE-2025-1742502501
accepted
297829b1gMail Admin Page users.php deserializationVulDBVulDB02/23/202502/27/202502/27/2025CVE-2025-1741505838
accepted
296731hzmanyun Education and Training System pdf2swf os command injectionVulDBVulDB02/13/202502/25/202502/25/2025CVE-2025-1676500507
accepted
296696Lumsoft ERP ASPX File UploadAjaxAPI.ashx unrestricted uploadVulDBVulDB02/13/202502/24/202502/25/2025CVE-2025-1646500501
accepted
296695Benner Connecta EditarLogado resource injectionVulDBVulDB02/14/202502/24/202502/25/2025CVE-2025-1645501406
accepted
296694Benner ModernaNet SG_Gravar cross-site request forgeryVulDBVulDB02/13/202502/24/202502/25/2025CVE-2025-1644500575
accepted
296693Benner ModernaNet SG_AlterarSenha cross-site request forgeryVulDBVulDB02/13/202502/24/202502/25/2025CVE-2025-1643500574
accepted
296692Benner ModernaNet GetImageMedico resource injectionVulDBVulDB02/12/202502/24/202502/25/2025CVE-2025-1642499877
accepted
296691Benner ModernaNet GetHorariosDoDia sql injectionVulDBVulDB02/12/202502/24/202502/24/2025CVE-2025-1641499875
accepted
296690Benner ModernaNet JS_CarregaCombo sql injectionVulDBVulDB02/12/202502/24/202502/24/2025CVE-2025-1640499115
accepted
296619libarchive bsdunzip.c list null pointer dereferenceVulDBVulDB02/07/202502/24/202503/22/2025CVE-2025-1632496460
accepted
296610Excitel Broadband Private my Excitel App One-Time Password excessive authenticationVulDBVulDB02/15/202502/23/202502/24/2025CVE-2025-1629501868
accepted
296608vTiger CRM index.php cross site scriptingVulDBVulDB02/15/202502/23/202503/03/2025CVE-2025-1618501840
accepted
296607Netis WF2780 Wireless 2.4G Menu cross site scriptingVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1617501472
accepted
296606FiberHome AN5506-01A ONU GPON Diagnosis os command injectionVulDBVulDB02/14/202502/23/202502/28/2025CVE-2025-1616501483
accepted
296605FiberHome AN5506-01A ONU GPON NAT Submenu cross site scriptingVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1615501408
accepted
296604FiberHome AN5506-01A ONU GPON Port Forwarding Submenu portForwardingCfg cross site scriptingVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1614501365
accepted
296603FiberHome AN5506-01A ONU GPON URL Filtering Submenu URL_filterCfg cross site scriptingVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1613501349
accepted
296602Edimax BR-6288ACL wireless5g_basic.asp cross site scriptingVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1612501309
accepted
296601ShopXO Template ThemeAdminService.php injectionVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1611501211
accepted
296600LB-LINK AC1900 Router set_blacklist websGetVar os command injectionVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1610501024
accepted
296599LB-LINK AC1900 Router set_cmd websGetVar os command injectionVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1609501023
accepted
296598LB-LINK AC1900 Router set_manpwd websGetVar os command injectionVulDBVulDB02/14/202502/23/202502/24/2025CVE-2025-1608501022
accepted
296597SourceCodester Best Employee Management System salary_slip.php authorizationVulDBVulDB02/11/202502/23/202505/15/2025CVE-2025-1607498432
accepted
296596SourceCodester Best Employee Management System backups.php information disclosureVulDBVulDB02/11/202502/23/202502/24/2025CVE-2025-1606498421
accepted
296594SourceCodester Best Church Management Software profile_crud.php path traversalVulDBVulDB02/11/202502/22/202502/24/2025CVE-2025-1599498188
accepted
296593SourceCodester Best Church Management Software asset_crud.php unrestricted uploadVulDBVulDB02/11/202502/22/202502/24/2025CVE-2025-1598497891
accepted
296592SourceCodester Best Church Management Software redirect.php cross site scriptingVulDBVulDB02/11/202502/22/202502/28/2025CVE-2025-1597497883
accepted
296591SourceCodester Best Church Management Software fpassword.php sql injectionVulDBVulDB02/11/202502/22/202502/28/2025CVE-2025-1596497868
accepted
296590Anhui Xufan Information Technology EasyCVR getbaseconfig information disclosureVulDBVulDB02/10/202502/22/202502/24/2025CVE-2025-1595497485
accepted
296589FFmpeg AAC Encoder aacenc_tns.c ff_aac_search_for_tns stack-based overflowVulDBVulDB02/08/202502/22/202506/04/2025CVE-2025-1594496929
accepted
296577SourceCodester Best Employee Management System Profile Picture unrestricted uploadVulDBVulDB02/21/202502/22/202502/28/2025CVE-2025-1593505212
accepted
296576SourceCodester Best Employee Management System Add Role Page Role.php cross site scriptingVulDBVulDB02/21/202502/22/202502/28/2025CVE-2025-1592505210
accepted
296575SourceCodester Employee Management System Department Page department.php cross site scriptingVulDBVulDB02/19/202502/22/202502/23/2025CVE-2025-1591504048
accepted
296574SourceCodester E-Learning System List of Lessons Page index.php unrestricted uploadVulDBVulDB02/19/202502/22/202502/23/2025CVE-2025-1590504045
accepted
296573SourceCodester E-Learning System User Registration register.php cross site scriptingVulDBVulDB02/19/202502/22/202502/23/2025CVE-2025-1589504039
accepted
296572PHPGurukul Online Nurse Hiring System manage-nurse.php path traversalVulDBVulDB02/22/202502/22/202502/23/2025CVE-2025-1588505441
accepted
296567SourceCodester Telecom Billing Management System Add New Record main.cpp addrecords buffer overflowVulDBVulDB02/22/202502/22/202505/15/2025CVE-2025-1587505363
accepted
296566code-projects Blood Bank System A-.php cross site scriptingVulDBVulDB02/21/202502/22/202502/25/2025CVE-2025-1586505124
accepted
296561otale header.html OptionsService cross site scriptingVulDBVulDB02/21/202502/22/202502/23/2025CVE-2025-1585504937
accepted
296560opensolon Solon StaticMappings.java path traversalVulDBVulDB02/20/202502/22/202502/23/2025CVE-2025-1584504454
accepted
296559PHPGurukul Online Nurse Hiring System search-report-details.php sql injectionVulDBVulDB02/20/202502/22/202502/23/2025CVE-2025-1583504452
accepted
296558PHPGurukul Online Nurse Hiring System all-request.php sql injectionVulDBVulDB02/20/202502/22/202502/23/2025CVE-2025-1582504451
accepted
296557PHPGurukul Online Nurse Hiring System book-nurse.php sql injectionVulDBVulDB02/20/202502/22/202502/23/2025CVE-2025-1581504450
accepted
296556PHPGurukul Nipah Virus Testing Management System search-report-result.php sql injectionVulDBVulDB02/20/202502/22/202502/23/2025CVE-2025-1580504234
accepted
296555code-projects Blood Bank System user.php cross site scriptingVulDBVulDB02/18/202502/22/202502/23/2025CVE-2025-1579502876
accepted
296553PHPGurukul/Campcodes Online Shopping Portal search-result.php sql injectionVulDBVulDB02/17/202502/22/202505/16/2025CVE-2025-1578502391
accepted
296552code-projects Blood Bank System prostatus.php cross site scriptingVulDBVulDB02/16/202502/22/202502/23/2025CVE-2025-1577502087
accepted
296551code-projects Real Estate Property Management System ajax_state.php sql injectionVulDBVulDB02/16/202502/22/202502/23/2025CVE-2025-1576502071
accepted
296550Harpia DiagSystem atualatendimento_jpeg.php resource injectionVulDBVulDB02/08/202502/22/202502/23/2025CVE-2025-1575497083
accepted
296508OFCMS cross-site request forgeryVulDBVulDB02/13/202502/21/202506/05/2025CVE-2025-1557500269
accepted
296507westboy CicadasCMS Template Management system deserializationVulDBVulDB02/12/202502/21/202502/22/2025CVE-2025-1556499520
accepted
296506hzmanyun Education and Training System saveImage unrestricted uploadVulDBVulDB02/08/202502/21/202502/22/2025CVE-2025-1555496932
accepted
296502pankajindevops scale project cross site scriptingVulDBVulDB01/28/202502/21/202502/22/2025CVE-2025-1553491216
accepted
296494iteachyou Dreamer CMS edit cross site scriptingVulDBVulDB02/10/202502/21/202502/21/2025CVE-2025-1548497602
accepted
296491BDCOM Behavior Management and Auditing System operate.mds log_operate_clear os command injectionVulDBVulDB02/10/202502/21/202502/21/2025CVE-2025-1546497558
accepted
296490dingfanzu CMS loadShopInfo.php sql injectionVulDBVulDB02/10/202502/21/202502/21/2025CVE-2025-1544497477
accepted
296489iteachyou Dreamer CMS ueditor-1.4.3.3 path traversalVulDBVulDB02/09/202502/21/202502/21/2025CVE-2025-1543497329
accepted
296480D-Link DAP-1320 storagein.pd-XXXXXX replace_special_char stack-based overflowVulDBVulDB02/10/202502/21/202502/21/2025CVE-2025-1539497496
accepted
296479D-Link DAP-1320 api set_ws_action heap-based overflowVulDBVulDB02/09/202502/21/202502/21/2025CVE-2025-1538497301
accepted
296477Harpia DiagSystem atualatendimento_jpeg.php sql injectionVulDBVulDB02/09/202502/21/202502/21/2025CVE-2025-1537497125
accepted
296476Raisecom Multi-Service Intelligent Gateway Request Parameter vpn_template_style.php os command injectionVulDBVulDB02/08/202502/21/202502/21/2025CVE-2025-1536497021
accepted
296475Baiyi Cloud Asset Management System admin.ticket.close.php sql injectionVulDBVulDB02/08/202502/21/202502/21/2025CVE-2025-1535496969
accepted
296238lmxcms Maintenance db.inc.php code injectionVulDBVulDB02/08/202502/19/202502/19/2025CVE-2025-1465496877
accepted
296237Baiyi Cloud Asset Management System admin.house.collect.php sql injectionVulDBVulDB02/04/202502/19/202502/19/2025CVE-2025-1464494807
accepted
296135Synway SMG Gateway Management Software 9-12ping.php command injectionVulDBVulDB02/04/202502/18/202502/19/2025CVE-2025-1448494788
accepted
296134kasuganosoras Pigeon index.php server-side request forgeryVulDBVulDB02/16/202502/18/202502/19/2025CVE-2025-1447501978
accepted
296023D-Link DIR-816 index.html cross site scriptingVulDBVulDB02/14/202502/17/202502/17/2025CVE-2025-1392501351
accepted
295989code-projects Real Estate Property Management System ajax_city.php sql injectionVulDBVulDB02/16/202502/16/202502/18/2025CVE-2025-1381502070
accepted
295988Codezips Gym Management System del_plan.php sql injectionVulDBVulDB02/16/202502/16/202502/17/2025CVE-2025-1380501980
accepted
295987code-projects Real Estate Property Management System CustomerReport.php sql injectionVulDBVulDB02/14/202502/16/202502/17/2025CVE-2025-1379501070
accepted
295986radare2 rasm2 rasm2.c memory corruptionVulDBVulDB02/11/202502/16/202502/22/2025CVE-2025-1378498499
accepted
295985GNU elfutils eu-strip strip.c gelf_getsymshndx denial of serviceVulDBVulDB02/10/202502/16/202503/25/2025CVE-2025-1377497539
accepted
295984GNU elfutils eu-strip elf_strptr.c elf_strptr denial of serviceVulDBVulDB02/10/202502/16/202505/07/2025CVE-2025-1376497538
accepted
295983code-projects Real Estate Property Management System search.php sql injectionVulDBVulDB02/12/202502/16/202502/17/2025CVE-2025-1374499767
accepted
295982FFmpeg MOV Parser mov.c mov_read_trak null pointer dereferenceVulDBVulDB02/08/202502/16/202506/04/2025CVE-2025-1373496930
accepted
295981GNU elfutils eu-readelf readelf.c print_string_section buffer overflowVulDBVulDB02/07/202502/16/202503/25/2025CVE-2025-1372496485
accepted
295978GNU elfutils eu-read readelf.c handle_dynamic_symtab null pointer dereferenceVulDBVulDB02/07/202502/16/202503/25/2025CVE-2025-1371496484
accepted
295977GNU elfutils eu-readelf readelf.c process_symtab buffer overflowVulDBVulDB02/07/202502/16/202503/25/2025CVE-2025-1365496483
accepted
295976MicroWorld eScan Antivirus Autoscan USB epsdaemon sprintf os command injectionVulDBVulDB02/16/202502/17/2025CVE-2025-1370
 
accepted
295975MicroWord eScan Antivirus USB Password os command injectionVulDBVulDB02/07/202502/16/202502/17/2025CVE-2025-1369496482
accepted
295972MicroWord eScan Antivirus mwav.conf ReadConfiguration buffer overflowVulDBVulDB02/16/202502/17/2025CVE-2025-1368
 
accepted
295971MicroWord eScan Antivirus USB Password sprintf buffer overflowVulDBVulDB02/16/202506/28/2025CVE-2025-1367
 
accepted
295970MicroWord eScan Antivirus VirusPopUp strcpy stack-based overflowVulDBVulDB02/16/202502/17/2025CVE-2025-1366
 
accepted
295969MicroWord eScan Antivirus USB Protection Service passPrompt stack-based overflowVulDBVulDB02/07/202502/16/202502/17/2025CVE-2025-1364496481
accepted
295968Internet Web Solutions Sublime CRM HTTP POST Request inicio.php cross site scriptingVulDBVulDB02/07/202502/15/202502/17/2025CVE-2025-1360496469
accepted
295967SIAM Industria de Automação e Monitoramento qrcode.jsp cross site scriptingVulDBVulDB02/06/202502/15/202502/17/2025CVE-2025-1359496171
accepted
295966Pix Software Vivaz cross-site request forgeryVulDBVulDB02/06/202502/15/202502/17/2025CVE-2025-1358496141
accepted
295965Seventh D-Guard HTTP GET Request path traversalVulDBVulDB02/06/202502/15/202502/16/2025CVE-2025-1357496137
accepted
295964needyamin Library Card System card.php sql injectionVulDBVulDB02/06/202502/15/202502/25/2025CVE-2025-1356496087
accepted
295963needyamin Library Card System Add Picture signup.php unrestricted uploadVulDBVulDB02/06/202502/15/202502/25/2025CVE-2025-1355496075
accepted
295961Kong Insomnia profapi.dll untrusted search path [Disputed]VulDBVulDB02/06/202502/15/202502/26/2025CVE-2025-1353496010
accepted
295960GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruptionVulDBVulDB02/06/202502/15/202504/11/2025CVE-2025-1352495965
accepted
295959PMWeb Setting weak passwordVulDBVulDB02/05/202502/15/202502/16/2025CVE-2025-1341495635
accepted
295956TOTOLINK X18 cstecgi.cgi setPasswordCfg stack-based overflowVulDBVulDB02/05/202502/15/202502/16/2025CVE-2025-1340495368
accepted
295955TOTOLINK X18 cstecgi.cgi setL2tpdConfig os command injectionVulDBVulDB02/05/202502/15/202502/16/2025CVE-2025-1339495367
accepted
295954NUUO Camera handle_config.php print_file command injectionVulDBVulDB02/03/202502/15/202502/16/2025CVE-2025-1338493912
accepted
295953Eastnets PaymentSafe BIC Search cross site scriptingVulDBVulDB02/02/202502/15/202504/09/2025CVE-2025-1337493686
accepted
295951CmsEasy image_admin.php deleteimg_action path traversalVulDBVulDB02/02/202502/15/202502/28/2025CVE-2025-1336493685
accepted
295950CmsEasy file_admin.php deleteimg_action path traversalVulDBVulDB02/02/202502/15/202502/28/2025CVE-2025-1335493682
accepted
295942FastCMS Template Menu menu cross site scriptingVulDBVulDB02/15/202502/16/2025CVE-2025-1332
 
accepted
295219olajowon Loggrove page os command injectionVulDBVulDB02/11/202502/21/2025CVE-2025-1229
 
accepted
295218olajowon Loggrove Logfile Update page path traversalVulDBVulDB02/11/202502/21/2025CVE-2025-1228
 
accepted
295217ywoa AddressDao.xml selectList sql injectionVulDBVulDB02/11/202506/06/2025CVE-2025-1227
 
accepted
295216ywoa setup.jsp improper authorizationVulDBVulDB02/11/202506/06/2025CVE-2025-1226
 
accepted
295211ywoa WXCallBack Interface XMLParse.java extract xml external entity referenceVulDBVulDB02/11/202506/06/2025CVE-2025-1225
 
accepted
295210ywoa UserMapper.xml listNameBySql sql injectionVulDBVulDB02/11/202506/06/2025CVE-2025-1224
 
accepted
295175ywoa OaNoticeMapper.xml selectNoticeList sql injectionVulDBVulDB02/11/202506/06/2025CVE-2025-1216
 
accepted
295174vim main.c memory corruptionVulDBVulDB02/10/202502/11/202503/21/2025CVE-2025-1215497546
accepted
295173pihome-shc PiHome Role-Based Access Control user_accounts.php authorizationVulDBVulDB02/10/202502/10/202502/13/2025CVE-2025-1214497533
accepted
295172pihome-shc PiHome index.php cross site scriptingVulDBVulDB02/10/202502/10/202502/13/2025CVE-2025-1213497521
accepted
295147code-projects Wazifa System control.php sql injectionVulDBVulDB02/09/202502/10/202502/11/2025CVE-2025-1210497357
accepted
295146code-projects Wazifa System search_resualts.php searchuser cross site scriptingVulDBVulDB02/09/202502/10/202502/11/2025CVE-2025-1209497356
accepted
295145code-projects Wazifa System Profile.php cross site scriptingVulDBVulDB02/09/202502/10/202502/21/2025CVE-2025-1208497355
accepted
295144phjounin TFTPD64 DNS denial of serviceVulDBVulDB02/09/202502/10/202502/10/2025CVE-2025-1207497249
accepted
295143Codezips Gym Management System viewdetailroutine.php sql injectionVulDBVulDB02/08/202502/10/202502/21/2025CVE-2025-1206496961
accepted
295110SourceCodester Best Church Management Software edit_slider.php sql injectionVulDBVulDB02/08/202502/10/202502/10/2025CVE-2025-1202496954
accepted
295109SourceCodester Best Church Management Software profile_crud.php sql injectionVulDBVulDB02/08/202502/10/202502/10/2025CVE-2025-1201496951
accepted
295108SourceCodester Best Church Management Software slider_crud.php sql injectionVulDBVulDB02/08/202502/10/202502/10/2025CVE-2025-1200496950
accepted
295107SourceCodester Best Church Management Software role_crud.php sql injectionVulDBVulDB02/08/202502/10/202502/10/2025CVE-2025-1199496946
accepted
295105code-projects Real Estate Property Management System load_user-profile.php sql injectionVulDBVulDB02/08/202502/10/202502/25/2025CVE-2025-1197496856
accepted
295104code-projects Real Estate Property Management System search.php cross site scriptingVulDBVulDB02/08/202502/10/202502/21/2025CVE-2025-1196496855
accepted
295103code-projects Real Estate Property Management System EditCategory cross site scriptingVulDBVulDB02/08/202502/10/202502/21/2025CVE-2025-1195496854
accepted
295098SourceCodester Multi Restaurant Table Reservation System select-menu.php sql injectionVulDBVulDB02/07/202502/10/202502/12/2025CVE-2025-1192496730
accepted
295097SourceCodester Multi Restaurant Table Reservation System approve-reject.php sql injectionVulDBVulDB02/07/202502/10/202502/12/2025CVE-2025-1191496729
accepted
295096code-projects Job Recruitment load_user-profile.php cross site scriptingVulDBVulDB02/07/202502/10/202502/14/2025CVE-2025-1190496670
accepted
2950951000 Projects Attendance Tracking Management System chart1.php sql injectionVulDBVulDB02/07/202502/10/202502/12/2025CVE-2025-1189496452
accepted
295094Codezips Gym Management System updateroutine.php sql injectionVulDBVulDB02/07/202502/10/202502/12/2025CVE-2025-1188496409
accepted
295093code-projects Police FIR Record Management System Delete Record stack-based overflowVulDBVulDB02/06/202502/10/202503/03/2025CVE-2025-1187495921
accepted
295090dayrui XunRuiCMS Api.php deserializationVulDBVulDB02/06/202502/10/202502/12/2025CVE-2025-1186495820
accepted
295089pihome-shc PiHome ajax.php sql injectionVulDBVulDB02/05/202502/10/202502/12/2025CVE-2025-1185495548
accepted
295088pihome-shc PiHome ajax.php sql injectionVulDBVulDB02/05/202502/10/202502/12/2025CVE-2025-1184495413
accepted
295087CodeZips Gym Management System more-userprofile.php sql injectionVulDBVulDB02/05/202502/10/202502/12/2025CVE-2025-1183495410
accepted
295086GNU Binutils ld elflink.c bfd_elf_reloc_symbol_deleted_p memory corruptionVulDBVulDB02/05/202502/10/202502/17/2025CVE-2025-1182495407
accepted
295084GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory corruptionVulDBVulDB02/05/202502/10/202504/26/2025CVE-2025-1181495402
accepted
295083GNU Binutils ld elf-eh-frame.c _bfd_elf_write_section_eh_frame memory corruptionVulDBVulDB02/05/202502/10/202503/06/2025CVE-2025-1180495381
accepted
295082GNU Binutils ld libbfd.c bfd_putl64 memory corruptionVulDBVulDB02/05/202502/10/202503/04/2025CVE-2025-1179495376
accepted
295081GNU Binutils ld libbfd.c bfd_putl64 memory corruptionVulDBVulDB02/05/202502/10/202504/12/2025CVE-2025-1178495369
accepted
295080dayrui XunRuiCMS Linkage.php import_add deserializationVulDBVulDB02/05/202502/10/202502/10/2025CVE-2025-1177495366
accepted
295079GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflowVulDBVulDB02/05/202502/10/202504/12/2025CVE-2025-1176495329
accepted
2950781000 Projects Bookstore Management System Add Book Page process_book_add.php cross site scriptingVulDBVulDB02/05/202502/10/202502/28/2025CVE-2025-1174495318
accepted
2950771000 Projects Bookstore Management System process_users_del.php sql injectionVulDBVulDB02/05/202502/10/202502/28/2025CVE-2025-1173495309
accepted
2950761000 Projects Bookstore Management System addtocart.php sql injectionVulDBVulDB02/05/202502/10/202502/28/2025CVE-2025-1172495183
accepted
295075code-projects Real Estate Property Management System CustomerReport.php cross site scriptingVulDBVulDB02/04/202502/10/202502/28/2025CVE-2025-1171494830
accepted
295074code-projects Real Estate Property Management System Category.php cross site scriptingVulDBVulDB02/04/202502/10/202502/10/2025CVE-2025-1170494829
accepted
295073SourceCodester Image Compressor Tool compressor.php cross site scriptingVulDBVulDB02/04/202502/10/202503/04/2025CVE-2025-1169494775
accepted
295072SourceCodester Contact Manager with Export to VCF delete-contact.php sql injectionVulDBVulDB02/04/202502/10/202503/04/2025CVE-2025-1168494766
accepted
295070Mayuri K Employee Management System Update_User.php sql injectionVulDBVulDB02/04/202502/10/202505/26/2025CVE-2025-1167494725
accepted
295069SourceCodester Food Menu Manager update.php unrestricted uploadVulDBVulDB02/04/202502/10/202505/15/2025CVE-2025-1166494567
accepted
295068Lumsoft ERP FileUploadApi.ashx DoWebUpload unrestricted uploadVulDBVulDB02/04/202502/10/202502/10/2025CVE-2025-1165494516
accepted
295067code-projects Police FIR Record Management System Add Record stack-based overflowVulDBVulDB02/03/202502/10/202502/10/2025CVE-2025-1164494009
accepted
295066code-projects Vehicle Parking Management System Authentication login stack-based overflowVulDBVulDB02/03/202502/10/202502/10/2025CVE-2025-1163494008
accepted
295065code-projects Job Recruitment load\_user-profile.php sql injectionVulDBVulDB02/03/202502/10/202505/29/2025CVE-2025-1162494007
accepted
295064SourceCodester Employee Management System index.php default credentialsVulDBVulDB02/03/202502/10/202503/03/2025CVE-2025-1160493860
accepted
295063CampCodes School Management Software academic-calendar cross site scriptingVulDBVulDB02/02/202502/10/202502/10/2025CVE-2025-1159493687
accepted
295062ESAFENET CDG addPolicyToSafetyGroup.jsp sql injectionVulDBVulDB02/02/202502/10/202502/10/2025CVE-2025-1158493644
accepted
295061Allims lab.online model_recuperar_senha.php sql injectionVulDBVulDB02/01/202502/10/202502/10/2025CVE-2025-1157493492
accepted
295060Pix Software Vivaz servlet sql injectionVulDBVulDB02/01/202502/10/202502/10/2025CVE-2025-1156493482
accepted
295059Webkul QloApps Your Location Search stores cross site scriptingVulDBVulDB01/31/202502/10/202502/10/2025CVE-2025-1155492777
accepted
295058xxyopen Novel books sql injectionVulDBVulDB01/31/202502/10/202502/10/2025CVE-2025-1154492531
accepted
295057GNU Binutils format.c bfd_set_format memory corruptionVulDBVulDB01/27/202502/10/202503/06/2025CVE-2025-1153489991
accepted
295056GNU Binutils ld xstrdup.c xstrdup memory leakVulDBVulDB02/10/202503/06/2025CVE-2025-1152
 
accepted
295055GNU Binutils ld xmemdup.c xmemdup memory leakVulDBVulDB02/10/202503/06/2025CVE-2025-1151
 
accepted
295054GNU Binutils ld libbfd.c bfd_malloc memory leakVulDBVulDB02/10/202503/12/2025CVE-2025-1150
 
accepted
295053GNU Binutils ld xmalloc.c xstrdup memory leakVulDBVulDB02/10/202503/06/2025CVE-2025-1149
 
accepted
295052GNU Binutils ld ldelfgen.c link_order_scan memory leakVulDBVulDB01/20/202502/10/202504/05/2025CVE-2025-1148485747
accepted
295051GNU Binutils nm nm.c internal_strlen buffer overflowVulDBVulDB01/19/202502/10/202504/05/2025CVE-2025-1147485254
accepted
295023CoinRemitter sql injectionVulDBVulDB01/31/202502/07/202502/08/2025CVE-2025-1117492685
accepted
295022Dreamvention Live AJAX Search Free live_search.searchresults search sql injectionVulDBVulDB01/30/202502/07/202502/08/2025CVE-2025-1116492051
accepted
295021RT-Thread lwp_syscall.c sys_timer_settime information disclosureVulDBVulDB01/27/202502/07/202502/16/2025CVE-2025-1115489903
accepted
295020newbee-mall Add Category Page save cross site scriptingVulDBVulDB01/26/202502/07/202502/08/2025CVE-2025-1114489744
accepted
295019taisan tarzan-cms Add Theme admin#themes upload deserializationVulDBVulDB02/07/202502/08/2025CVE-2025-1113
 
accepted
294939CmsEasy database_admin.php restore_action path traversalVulDBVulDB01/29/202502/07/202502/07/2025CVE-2025-1106491518
accepted
294938SiberianCMS HTTP GET Request flat cross site scriptingVulDBVulDB01/28/202502/07/202502/07/2025CVE-2025-1105491207
accepted
294934D-Link DHP-W310AV authentication spoofingVulDBVulDB01/27/202502/07/202502/07/2025CVE-2025-1104489958
accepted
294933D-Link DIR-823X HTTP POST Request set_wifi_blacklists null pointer dereferenceVulDBVulDB01/26/202502/07/202502/07/2025CVE-2025-1103489603
accepted
294862Safetytest Cloud-Master Server static path traversalVulDBVulDB01/28/202502/06/202502/07/2025CVE-2025-1086491021
accepted
294861Animati PACS login cross site scriptingVulDBVulDB01/27/202502/06/202502/07/2025CVE-2025-1085489857
accepted
294860Mindskip xzs-mysql 学之思开源考试系统 cross-site request forgeryVulDBVulDB01/26/202502/06/202502/07/2025CVE-2025-1084489644
accepted
294859Mindskip xzs-mysql 学之思开源考试系统 CORS cross-domain policyVulDBVulDB01/26/202502/06/202502/07/2025CVE-2025-1083489634
accepted
294858Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scriptingVulDBVulDB01/26/202502/06/202502/07/2025CVE-2025-1082489633
accepted
294857Bharti Airtel Xstream Fiber WiFi Password weak credentialsVulDBVulDB01/24/202502/06/202502/06/2025CVE-2025-1081488582
accepted
294844AppHouseKitchen AlDente Charge Limiter XPC Service com.apphousekitchen.aldente-pro.helper shouldAcceptNewConnection improper authorizationVulDBVulDB01/31/202502/06/202502/06/2025CVE-2025-1078492529
accepted
294834Webkul QloApps URL mylogout cross-site request forgeryVulDBVulDB01/29/202502/06/202502/06/2025CVE-2025-1074491600
accepted
294365MaxD Lightning Module deserializationVulDBVulDB01/26/202502/02/202502/03/2025CVE-2025-0974489672
accepted
294364CmsEasy index.php backAll_action path traversalVulDBVulDB01/22/202502/02/202503/01/2025CVE-2025-0973487649
accepted
294363Zenvia Movidesk New Ticket cross site scriptingVulDBVulDB01/23/202502/02/202502/06/2025CVE-2025-0972488106
accepted
294362Zenvia Movidesk Profile Editing EditProfile cross site scriptingVulDBVulDB01/21/202502/02/202502/06/2025CVE-2025-0971486023
accepted
294361Zenvia Movidesk Login Yago Martins redirectVulDBVulDB01/20/202502/02/202502/06/2025CVE-2025-0970485985
accepted
294359code-projects Chat System add_chatroom.php sql injectionVulDBVulDB01/31/202502/01/202502/02/2025CVE-2025-0967492911
accepted
294356code-projects Job Recruitment load_job-details.php cross site scriptingVulDBVulDB01/30/202502/01/202505/29/2025CVE-2025-0961491789
accepted
294305itsourcecode Tailoring Management System staffview.php sql injectionVulDBVulDB01/31/202502/01/2025CVE-2025-0950
 
accepted
294304itsourcecode Tailoring Management System partview.php sql injectionVulDBVulDB01/31/202502/01/2025CVE-2025-0949
 
accepted
294303itsourcecode Tailoring Management System incview.php sql injectionVulDBVulDB01/31/202502/01/2025CVE-2025-0948
 
accepted
294302itsourcecode Tailoring Management System expview.php sql injectionVulDBVulDB01/31/202505/14/2025CVE-2025-0947
 
accepted
294301itsourcecode Tailoring Management System templatedelete.php sql injectionVulDBVulDB01/31/202502/07/2025CVE-2025-0946
 
accepted
294300itsourcecode Tailoring Management System typedelete.php sql injectionVulDBVulDB01/31/202502/07/2025CVE-2025-0945
 
accepted
294299itsourcecode Tailoring Management System customerview.php sql injectionVulDBVulDB01/31/202502/07/2025CVE-2025-0944
 
accepted
294298itsourcecode Tailoring Management System deldoc.php sql injectionVulDBVulDB01/24/202501/31/202502/07/2025CVE-2025-0943488498
accepted
294243code-projects Job Recruitment _call_job_search_ajax.php sql injectionVulDBVulDB01/30/202501/31/202501/31/2025CVE-2025-0934491802
accepted
294127code-projects Chat System addnewmember.php sql injectionVulDBVulDB01/29/202501/30/202501/31/2025CVE-2025-0882491463
accepted
294126Codezips Gym Management System saveroutine.php sql injectionVulDBVulDB01/25/202501/30/202504/24/2025CVE-2025-0881489192
accepted
294125Codezips Gym Management System updateplan.php sql injectionVulDBVulDB01/24/202501/30/202502/26/2025CVE-2025-0880488716
accepted
294068code-projects Simple Plugins Car Rental Management approve.php sql injectionVulDBVulDB01/24/202501/30/202502/22/2025CVE-2025-0874488538
accepted
294067itsourcecode Tailoring Management System customeredit.php sql injectionVulDBVulDB01/23/202501/30/202502/07/2025CVE-2025-0873487984
accepted
294066itsourcecode Tailoring Management System addpayment.php sql injectionVulDBVulDB01/23/202501/30/202502/07/2025CVE-2025-0872487953
accepted
294057Maybecms Add Article index.php cross site scriptingVulDBVulDB01/23/202501/30/202502/07/2025CVE-2025-0871487930
accepted
294056Axiomatic Bento4 Ap4DataBuffer.h GetData heap-based overflowVulDBVulDB01/30/202503/01/2025CVE-2025-0870
 
accepted
294055Cianet ONU GW24AC Login cross site scriptingVulDBVulDB01/27/202501/30/202502/07/2025CVE-2025-0869489867
accepted
294012CampCodes School Management Software Staff edit-staff improper authorizationVulDBVulDB01/22/202501/29/202501/30/2025CVE-2025-0849487618
accepted
294011Tenda A18 HTTP POST Request SetCmdlineRun stack-based overflowVulDBVulDB01/20/202501/29/202501/30/2025CVE-2025-0848485802
accepted
2940101000 Projects Employee Task Management System Login index.php sql injectionVulDBVulDB01/20/202501/29/202501/30/2025CVE-2025-0847485762
accepted
2940091000 Projects Employee Task Management System AdminLogin.php sql injectionVulDBVulDB01/20/202501/29/202501/30/2025CVE-2025-0846485756
accepted
294001needyamin Library Card System Registration Page signup.php cross site scriptingVulDBVulDB01/20/202501/29/202502/07/2025CVE-2025-0844485558
accepted
294000needyamin Library Card System Admin Panel admindashboard.php sql injectionVulDBVulDB01/20/202501/29/202504/16/2025CVE-2025-0843485553
accepted
293999needyamin Library Card System Login admin.php sql injectionVulDBVulDB01/20/202501/29/202502/26/2025CVE-2025-0842485540
accepted
293998Aridius XYZ News loadMore deserializationVulDBVulDB01/19/202501/29/202501/29/2025CVE-2025-0841485445
accepted
293997GNU Binutils objdump.c disassemble_bytes stack-based overflowVulDBVulDB01/19/202501/29/202502/16/2025CVE-2025-0840485255
accepted
293924Codezips Gym Management System submit_plan_new.php sql injectionVulDBVulDB01/19/202501/28/202501/29/2025CVE-2025-0803485218
accepted
293923SourceCodester Best Employee Management System Administrative Endpoint View_user.php access controlVulDBVulDB01/18/202501/28/202501/29/2025CVE-2025-0802485005
accepted
293922SourceCodester Online Courseware Edit Teacher saveeditt.php cross site scriptingVulDBVulDB01/18/202501/28/202502/07/2025CVE-2025-0800484935
accepted
293921MicroWorld eScan Antivirus Quarantine rtscanner os command injectionVulDBVulDB01/18/202501/28/202501/29/2025CVE-2025-0798484718
accepted
293920MicroWorld eScan Antivirus Quarantine Microworld default permissionVulDBVulDB01/17/202501/28/202501/29/2025CVE-2025-0797484329
accepted
293919ESAFENET CDG todolistjump.jsp cross site scriptingVulDBVulDB01/16/202501/28/202505/14/2025CVE-2025-0795483349
accepted
293918ESAFENET CDG todoDetail.jsp cross site scriptingVulDBVulDB01/16/202501/28/202505/14/2025CVE-2025-0794483347
accepted
293917ESAFENET CDG todoDetail.jsp sql injectionVulDBVulDB01/16/202501/28/202505/14/2025CVE-2025-0793483346
accepted
293916ESAFENET CDG sdTodoDetail.jsp sql injectionVulDBVulDB01/16/202501/28/202505/24/2025CVE-2025-0792483345
accepted
293915ESAFENET CDG sdDoneDetail.jsp sql injectionVulDBVulDB01/16/202501/28/202505/24/2025CVE-2025-0791483344
accepted
293914ESAFENET CDG doneDetail.jsp cross site scriptingVulDBVulDB01/16/202501/28/202505/24/2025CVE-2025-0790483343
accepted
293913ESAFENET CDG doneDetail.jsp sql injectionVulDBVulDB01/16/202501/28/202505/24/2025CVE-2025-0789483342
accepted
293912ESAFENET CDG content_top.jsp sql injectionVulDBVulDB01/16/202501/28/202505/16/2025CVE-2025-0788483341
accepted
293911ESAFENET CDG appDetail.jsp cross site scriptingVulDBVulDB01/16/202501/28/202505/16/2025CVE-2025-0787483340
accepted
293910ESAFENET CDG appDetail.jsp sql injectionVulDBVulDB01/16/202501/28/202505/16/2025CVE-2025-0786483339
accepted
293909ESAFENET CDG SysConfig.jsp cross site scriptingVulDBVulDB01/16/202501/28/202505/16/2025CVE-2025-0785483338
accepted
293908Intelbras InControl Registered User usuario cleartext transmissionVulDBVulDB01/16/202501/28/202501/28/2025CVE-2025-0784483835
accepted
293907pankajindevops scale API Endpoint access controlVulDBVulDB01/13/202501/28/202501/28/2025CVE-2025-0783480350
accepted
293903code-projects Job Recruitment _call_job_search_ajax.php cross site scriptingVulDBVulDB01/27/202501/28/202502/07/2025CVE-2025-0806490056
accepted
293518Axiomatic Bento4 mp42aac ReadPartial heap-based overflowVulDBVulDB01/16/202501/27/202503/01/2025CVE-2025-0753483326
accepted
293517Axiomatic Bento4 mp42aac ReadBits heap-based overflowVulDBVulDB01/16/202501/27/202503/01/2025CVE-2025-0751483315
accepted
293512y_project RuoYi Whitelist getBeanName deserializationVulDBVulDB01/15/202501/27/202505/14/2025CVE-2025-0734482823
accepted
293511Postman profapi.dll untrusted search pathVulDBVulDB01/14/202501/27/202501/27/2025CVE-2025-0733481185
accepted
293510Discord profapi.dll untrusted search pathVulDBVulDB01/14/202501/27/202501/27/2025CVE-2025-0732481209
accepted
293508TP-Link TL-SG108E HTTP GET Request usr_account_set.cgi get request method with sensitive query stringsVulDBVulDB01/10/202501/27/202501/27/2025CVE-2025-0730478465
accepted
293507TP-Link TL-SG108E clickjackingVulDBVulDB01/09/202501/27/202502/08/2025CVE-2025-0729478451
accepted
293482needyamin image_gallery Cover Image gallery.php unrestricted uploadVulDBVulDB01/15/202501/26/202504/16/2025CVE-2025-0722482822
accepted
293481needyamin image_gallery view.php cross site scriptingVulDBVulDB01/15/202501/26/202504/16/2025CVE-2025-0721482812
accepted
293480Microword eScan Antivirus Folder Watch List rtscanner removeExtraSlashes stack-based overflowVulDBVulDB01/15/202501/26/202501/27/2025CVE-2025-0720482371
accepted
293238CampCodes School Management Software Notice Board Page notice-list cross site scriptingVulDBVulDB01/18/202501/24/202502/09/2025CVE-2025-0710484934
accepted
293237Dcat-Admin Roles Page roles cross site scriptingVulDBVulDB01/16/202501/24/202505/08/2025CVE-2025-0709483364
accepted
293236fumiao opencms Add Model Management Page addOrUpdate cross site scriptingVulDBVulDB01/15/202501/24/202502/09/2025CVE-2025-0708482662
accepted
293235Rise Group Rise Mode Temp CPU Startup CRYPTBASE.dll untrusted search pathVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0707481088
accepted
293234JoeyBling bootplus admin.html cross site scriptingVulDBVulDB01/14/202501/24/202502/09/2025CVE-2025-0706480845
accepted
293233JoeyBling bootplus QrCodeController.java qrCode redirectVulDBVulDB01/14/202501/24/202502/09/2025CVE-2025-0705480844
accepted
293232JoeyBling bootplus QrCodeController.java qrCode resource consumptionVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0704480843
accepted
293231JoeyBling bootplus SysFileController.java path traversalVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0703480842
accepted
293230JoeyBling bootplus SysFileController.java unrestricted uploadVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0702480841
accepted
293229JoeyBling bootplus list sql injectionVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0701480839
accepted
293228JoeyBling bootplus list sql injectionVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0700480838
accepted
293227JoeyBling bootplus list sql injectionVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0699480836
accepted
293226JoeyBling bootplus list sql injectionVulDBVulDB01/14/202501/24/202501/24/2025CVE-2025-0698480827
accepted
293223Telstra Smart Modem Gen 2 HTTP Header injectionVulDBVulDB01/13/202501/24/202501/24/2025CVE-2025-0697480045
accepted
292737CampCodes School Management Software Attachment resource injectionVulDBVulDB01/18/202501/21/202501/22/2025CVE-2025-0625484917
accepted
292600itsourcecode Farm Management System add-pig.php unrestricted uploadVulDBVulDB01/18/202501/19/202501/20/2025CVE-2025-0582484909
accepted
292599CampCodes School Management Software Chat History send cross site scriptingVulDBVulDB01/18/202501/19/202502/09/2025CVE-2025-0581484895
accepted
292598Shiprocket Module REST API Module rest_api authorizationVulDBVulDB01/07/202501/19/202501/20/2025CVE-2025-0580476832
accepted
292597Shiprocket Module REST API Module restapi sql injectionVulDBVulDB01/07/202501/19/202501/20/2025CVE-2025-0579476831
accepted
292596Facile Sistemas Cloud Apps Password Reset forgotpassword cross site scriptingVulDBVulDB01/07/202501/19/202502/09/2025CVE-2025-0578476305
accepted
292541Mobotix M15 player cross site scriptingVulDBVulDB01/06/202501/19/202502/09/2025CVE-2025-0576475602
accepted
292540Union Bank of India Vyom Rooting Detection protection mechanismVulDBVulDB01/07/202501/19/202501/20/2025CVE-2025-0575475733
accepted
292528Epic Games Launcher Installer profapi.dll untrusted search pathVulDBVulDB01/14/202501/18/202501/19/2025CVE-2025-0567481104
accepted
292527Tenda AC15 SetDevNetName formSetDevNetName stack-based overflowVulDBVulDB01/17/202501/18/202501/19/2025CVE-2025-0566484418
accepted
292526ZZCMS index.php sql injectionVulDBVulDB01/17/202501/18/202501/19/2025CVE-2025-0565484333
accepted
292525code-projects Fantasy-Cricket authenticate.php sql injectionVulDBVulDB01/17/202501/18/202502/28/2025CVE-2025-0564484186
accepted
292524code-projects Fantasy-Cricket update.php sql injectionVulDBVulDB01/17/202501/18/202502/28/2025CVE-2025-0563484185
accepted
292523Codezips Gym Management System health_status_entry.php sql injectionVulDBVulDB01/17/202501/18/202502/28/2025CVE-2025-0562484184
accepted
292522itsourcecode Farm Management System add-pig.php sql injectionVulDBVulDB01/16/202501/18/202501/19/2025CVE-2025-0561483396
accepted
292494CampCodes School Management Software Photo Gallery Page photo-gallery cross site scriptingVulDBVulDB01/14/202501/17/202502/28/2025CVE-2025-0560480688
accepted
292493Campcodes School Management Software Create Id Card Page create-id-card cross site scriptingVulDBVulDB01/13/202501/17/202502/28/2025CVE-2025-0559480306
accepted
292492TDuckCloud tduck-platform QueryProThemeRequest.java QueryProThemeRequest sql injectionVulDBVulDB01/04/202501/17/202501/18/2025CVE-2025-0558474613
accepted
292491Hyland Alfresco Community Edition URL s cross site scriptingVulDBVulDB01/03/202501/17/202502/09/2025CVE-2025-0557474306
accepted
292433Codezips Gym Management System edit_member.php sql injectionVulDBVulDB01/13/202501/17/202502/26/2025CVE-2025-0541480220
accepted
292432itsourcecode Tailoring Management System expadd.php sql injectionVulDBVulDB01/13/202501/17/202501/18/2025CVE-2025-0540480063
accepted
292422code-projects Tourism Management System manage-pages.php cross site scriptingVulDBVulDB01/12/202501/17/202502/22/2025CVE-2025-0538479895
accepted
292421code-projects Car Rental Management System manage-pages.php cross site scriptingVulDBVulDB01/12/202501/17/202502/22/2025CVE-2025-0537479864
accepted
2924201000 Projects Attendance Tracking Management System edit_action.php sql injectionVulDBVulDB01/11/202501/17/202502/26/2025CVE-2025-0536479251
accepted
292419Codezips Gym Management System edit_mem_submit.php sql injectionVulDBVulDB01/11/202501/17/202501/18/2025CVE-2025-0535479159
accepted
2924181000 Projects Campaign Management System Platform for Women loginnew.php sql injectionVulDBVulDB01/11/202501/17/202501/18/2025CVE-2025-0534479128
accepted
2924171000 Projects Campaign Management System Platform for Women sc_login.php sql injectionVulDBVulDB01/11/202501/17/202501/18/2025CVE-2025-0533479119
accepted
292416Codezips Gym Management System new_submit.php sql injectionVulDBVulDB01/11/202501/17/202501/18/2025CVE-2025-0532479100
accepted
292415code-projects Chat System leaveroom.php sql injectionVulDBVulDB01/10/202501/17/202501/17/2025CVE-2025-0531478688
accepted
292414code-projects Job Recruitment _feedback_system.php cross site scriptingVulDBVulDB01/10/202501/17/202502/10/2025CVE-2025-0530478674
accepted
292413code-projects Train Ticket Reservation System Login Form stack-based overflowVulDBVulDB01/09/202501/17/202501/17/2025CVE-2025-0529478447
accepted
292412Tenda AC8/AC10/AC18 HTTP Request telnet command injectionVulDBVulDB01/09/202501/17/202501/17/2025CVE-2025-0528478175
accepted
292411code-projects Admission Management System signupconfirm.php sql injectionVulDBVulDB01/09/202501/17/202501/17/2025CVE-2025-0527477899
accepted
291937D-Link DIR-823X FUN_00412244 null pointer dereferenceVulDBVulDB01/06/202501/15/202501/16/2025CVE-2025-0492475301
accepted
291936Fanli2012 native-php-cms cat_dodel.php sql injectionVulDBVulDB01/06/202501/15/202502/27/2025CVE-2025-0491475260
accepted
291935Fanli2012 native-php-cms article_dodel.php sql injectionVulDBVulDB01/06/202501/15/202501/16/2025CVE-2025-0490475258
accepted
291934Fanli2012 native-php-cms friendlink_dodel.php sql injectionVulDBVulDB01/06/202501/15/202501/16/2025CVE-2025-0489475256
accepted
291933Fanli2012 native-php-cms product_list.php sql injectionVulDBVulDB01/06/202501/15/202501/15/2025CVE-2025-0488475255
accepted
291932Fanli2012 native-php-cms cat_edit.php sql injectionVulDBVulDB01/06/202501/15/202502/27/2025CVE-2025-0487475254
accepted
291931Fanli2012 native-php-cms login.php sql injectionVulDBVulDB01/06/202501/15/202502/27/2025CVE-2025-0486475249
accepted
291930Fanli2012 native-php-cms sysconfig_doedit.php cross site scriptingVulDBVulDB01/06/202501/15/202502/27/2025CVE-2025-0485475247
accepted
291929Fanli2012 native-php-cms Backend sysconfig_doedit.php improper authorizationVulDBVulDB01/06/202501/15/202502/27/2025CVE-2025-0484475245
accepted
291928Fanli2012 native-php-cms jump.php cross site scriptingVulDBVulDB01/06/202501/15/202505/13/2025CVE-2025-0483475240
accepted
291927Fanli2012 native-php-cms user_recoverpwd.php default credentialsVulDBVulDB01/06/202501/15/202501/15/2025CVE-2025-0482475237
accepted
291924D-Link DIR-878 HTTP POST Request dllog.cgi information disclosureVulDBVulDB01/05/202501/15/202501/15/2025CVE-2025-0481475011
accepted
291915wuzhicms config.php test server-side request forgeryVulDBVulDB01/05/202501/15/202505/13/2025CVE-2025-0480474965
accepted
291482AquilaCMS categories deserializationVulDBVulDB01/03/202501/14/202501/14/2025CVE-2025-0465474285
accepted
291481SourceCodester Task Reminder System Maintenance Section cross site scriptingVulDBVulDB01/03/202501/14/202502/13/2025CVE-2025-0464474280
accepted
291480Shanghai Lingdang Information Technology Lingdang CRM index.php unrestricted uploadVulDBVulDB01/03/202501/14/202501/14/2025CVE-2025-0463474255
accepted
291479Shanghai Lingdang Information Technology Lingdang CRM index.php sql injectionVulDBVulDB01/03/202501/14/202501/14/2025CVE-2025-0462474254
accepted
291478Shanghai Lingdang Information Technology Lingdang CRM index.php path traversalVulDBVulDB01/03/202501/14/202501/14/2025CVE-2025-0461474252
accepted
291477Blog Botz for Journal Theme blog_add unrestricted uploadVulDBVulDB01/03/202501/14/202501/14/2025CVE-2025-0460474089
accepted
291476libretro RetroArch Startup profapi.dll untrusted search pathVulDBVulDB01/02/202501/14/202501/14/2025CVE-2025-0459474011
accepted
291475Virtual Computer Vysual RH Solution Login Panel index.php cross site scriptingVulDBVulDB01/02/202501/14/202502/13/2025CVE-2025-0458473865
accepted
291286liujianview gymxmjpa MenberConntroller.java MenberDaoInpl sql injectionVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0410473426
accepted
291285liujianview gymxmjpa MembertypeController.java MembertypeDaoImpl sql injectionVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0409473425
accepted
291284liujianview gymxmjpa LoosController.java LoosDaoImpl sql injectionVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0408473423
accepted
291283liujianview gymxmjpa EquipmentController.java EquipmentDaoImpl sql injectionVulDBVulDB01/02/202501/12/202501/14/2025CVE-2025-0407473422
accepted
291282liujianview gymxmjpa SubjectController.java SubjectDaoImpl sql injectionVulDBVulDB01/02/202501/12/202501/14/2025CVE-2025-0406473417
accepted
291281liujianview gymxmjpa GoodsController.java GoodsDaoImpl sql injectionVulDBVulDB01/02/202501/12/202501/14/2025CVE-2025-0405473411
accepted
291280liujianview gymxmjpa CoachController.java CoachController sql injectionVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0404473385
accepted
2912781902756969 reggie Phone Number Validation sendMsg information disclosureVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0403473325
accepted
2912771902756969 reggie CommonController.java upload unrestricted uploadVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0402473324
accepted
2912761902756969 reggie CommonController.java download path traversalVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0401473322
accepted
291275StarSea99 starsea-mall update cross site scriptingVulDBVulDB01/02/202501/12/202502/13/2025CVE-2025-0400473321
accepted
291274StarSea99 starsea-mall uploadController.java UploadController unrestricted uploadVulDBVulDB01/02/202501/12/202501/13/2025CVE-2025-0399473319
accepted
291271longpi1 warehouse Backend updateInport cross site scriptingVulDBVulDB01/02/202501/11/202502/13/2025CVE-2025-0398473316
accepted
291270reckcn SPPanAdmin edit cross site scriptingVulDBVulDB01/02/202501/11/202502/13/2025CVE-2025-0397473287
accepted
291269exelban stats XPC Service shouldAcceptNewConnection command injectionVulDBVulDB01/01/202501/11/202501/12/2025CVE-2025-0396473229
accepted
291126Guangzhou Huayi Intelligent Technology Jeewms graphReportController.do datagridGraph sql injectionVulDBVulDB01/10/202501/11/2025CVE-2025-0392
 
accepted
291125Guangzhou Huayi Intelligent Technology Jeewms CgFormBuildController. java saveOrUpdate sql injectionVulDBVulDB01/10/202501/11/2025CVE-2025-0391
 
accepted
291124Guangzhou Huayi Intelligent Technology Jeewms wmOmNoticeHController.do path traversalVulDBVulDB01/10/202501/11/2025CVE-2025-0390
 
accepted
290862Tenda AC6 GetParentControlInfo stack-based overflowVulDBVulDB01/08/202501/08/202503/22/2025CVE-2025-0349477048
accepted
290861CampCodes DepEd Equipment Inventory System add_employee.php cross site scriptingVulDBVulDB01/08/202501/08/202505/29/2025CVE-2025-0348476908
accepted
290860code-projects Admission Management System Login index.php sql injectionVulDBVulDB01/08/202501/08/202502/27/2025CVE-2025-0347476898
accepted
290859code-projects Content Management System Publish News Page publishnews.php unrestricted uploadVulDBVulDB01/07/202501/08/202502/27/2025CVE-2025-0346476728
accepted
290858leiyuxi cy-fast listData sql injectionVulDBVulDB01/07/202501/08/202501/08/2025CVE-2025-0345475748
accepted
290857leiyuxi cy-fast listData sql injectionVulDBVulDB01/07/202501/08/202501/08/2025CVE-2025-0344475747
accepted
290829CampCodes Computer Laboratory Management System edit cross site scriptingVulDBVulDB01/08/202501/08/202503/03/2025CVE-2025-0342476897
accepted
290828CampCodes Computer Laboratory Management System edit unrestricted uploadVulDBVulDB01/08/202501/08/202503/05/2025CVE-2025-0341476884
accepted
290827code-projects Cinema Seat Reservation System deleteBooking.php sql injectionVulDBVulDB01/07/202501/08/202502/27/2025CVE-2025-0340476707
accepted
290826code-projects Online Bike Rental HTTP GET Request vehical-details.php cross site scriptingVulDBVulDB01/07/202501/08/202503/03/2025CVE-2025-0339475731
accepted
290823Codezips Project Management System teacher.php sql injectionVulDBVulDB01/06/202501/08/202501/08/2025CVE-2025-0336475493
accepted
290822code-projects Online Bike Rental System Change Image unrestricted uploadVulDBVulDB01/06/202501/08/202501/08/2025CVE-2025-0335475365
accepted
290821leiyuxi cy-fast listData sql injectionVulDBVulDB01/06/202501/08/202501/09/2025CVE-2025-0334475302
accepted
290820leiyuxi cy-fast listData sql injectionVulDBVulDB01/06/202501/08/202501/09/2025CVE-2025-0333475297
accepted
290819YunzMall HTTP POST Request ResetpwdController.php changePwd password recoveryVulDBVulDB12/29/202401/08/202501/09/2025CVE-2025-0331471663
accepted
290792KaiYuanTong ECT Platform HTTP POST Request runCode.php command injectionVulDBVulDB12/28/202401/08/202501/09/2025CVE-2025-0328470601
accepted
290450code-projects Online Book Shop subcat.php cross site scriptingVulDBVulDB01/06/202501/07/202502/15/2025CVE-2025-0301475287
accepted
290449code-projects Online Book Shop subcat.php sql injectionVulDBVulDB01/06/202501/07/202505/29/2025CVE-2025-0300475286
accepted
290448code-projects Online Book Shop search_result.php sql injectionVulDBVulDB01/06/202501/07/202504/08/2025CVE-2025-0299475285
accepted
290447code-projects Online Book Shop process_login.php sql injectionVulDBVulDB01/06/202501/07/202504/08/2025CVE-2025-0298475159
accepted
290446code-projects Online Book Shop detail.php sql injectionVulDBVulDB01/06/202501/07/202504/17/2025CVE-2025-0297475138
accepted
290445code-projects Online Book Shop booklist.php sql injectionVulDBVulDB01/06/202501/07/202501/07/2025CVE-2025-0296475135
accepted
290444code-projects Online Book Shop booklist.php cross site scriptingVulDBVulDB01/06/202501/07/202502/15/2025CVE-2025-0295475134
accepted
290443SourceCodester Home Clean Services Management System process.php sql injectionVulDBVulDB01/05/202501/07/202501/07/2025CVE-2025-0294475076
accepted
290229Codezips Project Management System course.php sql injectionVulDBVulDB01/04/202501/04/202501/11/2025CVE-2025-0233474673
accepted
290228Codezips Blood Bank Management System successadmin.php sql injectionVulDBVulDB01/04/202501/04/202501/11/2025CVE-2025-0232474597
accepted
290227Codezips Gym Management System submit_payments.php sql injectionVulDBVulDB01/04/202501/04/202501/11/2025CVE-2025-0231474596
accepted
290226code-projects Responsive Hotel Site print.php sql injectionVulDBVulDB01/04/202501/04/202501/11/2025CVE-2025-0230474581
accepted
290225code-projects Travel Management System enquiry.php sql injectionVulDBVulDB01/04/202501/04/202501/11/2025CVE-2025-0229474572
accepted
290218code-projects Local Storage Todo App index.html cross site scriptingVulDBVulDB01/02/202501/04/202502/15/2025CVE-2025-0228474049
accepted
290217Tsinghua Unigroup Electronic Archives System downLoad.html information disclosureVulDBVulDB01/03/202501/04/202501/05/2025CVE-2025-0227474266
accepted
290216Tsinghua Unigroup Electronic Archives System downLoad.html download information disclosureVulDBVulDB01/03/202501/04/202501/05/2025CVE-2025-0226474265
accepted
290215Tsinghua Unigroup Electronic Archives System exampleDownload.html path traversalVulDBVulDB01/03/202501/04/202501/05/2025CVE-2025-0225474264
accepted
290203Provision-ISR SH-4050A-2 server.js information disclosureVulDBVulDB12/20/202401/04/202501/05/2025CVE-2025-0224467085
accepted
290202IObit Protected Folder IOCTL IURegistryFilter.sys 0x8001E010 null pointer dereferenceVulDBVulDB12/20/202401/04/202501/05/2025CVE-2025-0223466963
accepted
290201IObit Protected Folder IOCTL IUProcessFilter.sys 0x8001E004 null pointer dereferenceVulDBVulDB12/20/202401/04/202501/05/2025CVE-2025-0222466956
accepted
290200IOBit Protected Folder IOCTL pffilter.sys 0x22200c null pointer dereferenceVulDBVulDB12/20/202401/04/202501/05/2025CVE-2025-0221466955
accepted
290199Trimble SPS851 Ethernet Configuration Menu cross site scriptingVulDBVulDB12/17/202401/04/202502/15/2025CVE-2025-0220464943
accepted
290198Trimble SPS851 Receiver Status Identity Tab cross site scriptingVulDBVulDB12/17/202401/04/202502/15/2025CVE-2025-0219464906
accepted
290159TMD Custom Header Menu index.php sql injectionVulDBVulDB01/03/202501/03/202501/04/2025CVE-2025-0214474299
accepted
290158Campcodes Project Management System update_forms.php unrestricted uploadVulDBVulDB01/03/202501/03/202501/11/2025CVE-2025-0213474200
accepted
290157Campcodes Student Grading System view_students.php sql injectionVulDBVulDB01/03/202501/03/202501/11/2025CVE-2025-0212474168
accepted
290156Campcodes School Faculty Scheduling System index.php file inclusionVulDBVulDB01/03/202501/03/202501/11/2025CVE-2025-0211474115
accepted
290155Campcodes School Faculty Scheduling System ajax.php sql injectionVulDBVulDB01/03/202501/03/202501/11/2025CVE-2025-0210474112
accepted
290145code-projects Online Shoe Store summary.php sql injectionVulDBVulDB01/02/202501/03/202501/11/2025CVE-2025-0208474038
accepted
290144code-projects Online Shoe Store login.php sql injectionVulDBVulDB01/02/202501/03/202501/11/2025CVE-2025-0207474035
accepted
290143code-projects Online Shoe Store index.php access controlVulDBVulDB01/02/202501/03/202501/04/2025CVE-2025-0206474033
accepted
290142code-projects Online Shoe Store details2.php sql injectionVulDBVulDB01/02/202501/03/202501/04/2025CVE-2025-0205474032
accepted
290141code-projects Online Shoe Store details.php sql injectionVulDBVulDB01/02/202501/03/202501/04/2025CVE-2025-0204474031
accepted
290140code-projects Student Management System DbFunction.php showSubject1 sql injectionVulDBVulDB01/02/202501/03/202501/04/2025CVE-2025-0203473410
accepted
290139TCS BaNCS REPORTS_SHOW_FILE.jsp file inclusion [Disputed]VulDBVulDB12/27/202401/03/202501/22/2025CVE-2025-0202469455
accepted
290138code-projects Point of Sales and Inventory Management System update_account.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0201473418
accepted
290137code-projects Point of Sales and Inventory Management System search_num.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0200473386
accepted
290136code-projects Point of Sales and Inventory Management System minus_cart.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0199473384
accepted
290135code-projects Point of Sales and Inventory Management System search_result.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0198473383
accepted
290134code-projects Point of Sales and Inventory Management System search.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0197473362
accepted
290133code-projects Point of Sales and Inventory Management System plist.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0196473350
accepted
290132code-projects Point of Sales and Inventory Management System del_product.php sql injectionVulDBVulDB01/02/202501/03/202502/26/2025CVE-2025-0195473349
accepted
290105code-projects Point of Sales and Inventory Management System add_cart.php sql injectionVulDBVulDB01/02/202501/02/202501/03/2025CVE-2025-0176473347
accepted
290104code-projects Online Shop view.php cross site scriptingVulDBVulDB01/02/202501/02/202502/26/2025CVE-2025-0175473333
accepted
290103code-projects Point of Sales and Inventory Management System Parameter search_result2.php sql injectionVulDBVulDB01/02/202501/02/202502/26/2025CVE-2025-0174473330
accepted
289940SourceCodester Online Eyewear Shop view_order.php sql injectionVulDBVulDB01/01/202501/02/202501/02/2025CVE-2025-0173473163
accepted
289939code-projects Chat System deleteroom.php sql injectionVulDBVulDB01/01/202501/02/202501/02/2025CVE-2025-0172473153
accepted
289938code-projects Chat System deleteuser.php sql injectionVulDBVulDB01/01/202501/02/202501/02/2025CVE-2025-0171473143
accepted
289917code-projects Job Recruitment _feedback_system.php sql injectionVulDBVulDB01/01/202501/01/202502/26/2025CVE-2025-0168473107
accepted

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!