8.7

CVSS4.0

CVE-2025-7805 - Tenda FH451 PPTPUserSetting fromPptpUserSetting stack-based overflow

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit h…

📅 Published: July 18, 2025, 7:32 p.m. 🔄 Last Modified: July 18, 2025, 7:32 p.m.

5.1

CVSS4.0

CVE-2025-7803 - descreekert wx-discuz wx.php validToken cross site scripting

A vulnerability was found in descreekert wx-discuz up to 12bd4745c63ec203cb32119bf77ead4a923bf277. It has been classified as problematic. This affects the function validToken of the file /wx.php. The manipulation of the argument echostr leads to cross site scripting. It is possible to initiate the …

📅 Published: July 18, 2025, 7:14 p.m. 🔄 Last Modified: July 18, 2025, 7:14 p.m.

5.1

CVSS4.0

CVE-2025-7802 - PHPGurukul Complaint Management System complaint-search.php cross site scripting

A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument Search leads to cross site scripting. The attack may be launched remo…

📅 Published: July 18, 2025, 7:02 p.m. 🔄 Last Modified: July 18, 2025, 7:15 p.m.

5.4

CVSS3.1

CVE-2025-33014 - IBM Sterling B2B Integrator and IBM Sterling File Gateway link injection

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the vict…

📅 Published: July 18, 2025, 6:51 p.m. 🔄 Last Modified: July 18, 2025, 7:15 p.m.

6.9

CVSS4.0

CVE-2025-7801 - BossSoft CRM HNDCBas_customPrmSearchDtl.jsp sql injection

A vulnerability has been found in BossSoft CRM 6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /crm/module/HNDCBas_customPrmSearchDtl.jsp. The manipulation of the argument cstid leads to sql injection. The attack can be launched remotely. The e…

📅 Published: July 18, 2025, 6:44 p.m. 🔄 Last Modified: July 18, 2025, 7:15 p.m.
Load More Vulnerability
avatar

Mehmet Ince

@mdisec

CVE stats coming here

avatar

Nuri Çilengir

@ncilengir

CVE stats coming here

avatar

@aydinnyunus

CVE stats coming here

avatar

Seyit Sigirci

@h3xecute

CVE stats coming here

avatar

Ali İltizar

@iltosec

CVE stats coming here

avatar

@b3rsec

CVE stats coming here

avatar

Nicat Abbasov

@scan9

CVE stats coming here

avatar

Mücahit İç

@mucahic

CVE stats coming here

avatar

@arslan

CVE stats coming here