8.7
CVE-2025-7805 - Tenda FH451 PPTPUserSetting fromPptpUserSetting stack-based overflow
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit h…
5.1
CVE-2025-7803 - descreekert wx-discuz wx.php validToken cross site scripting
A vulnerability was found in descreekert wx-discuz up to 12bd4745c63ec203cb32119bf77ead4a923bf277. It has been classified as problematic. This affects the function validToken of the file /wx.php. The manipulation of the argument echostr leads to cross site scripting. It is possible to initiate the …
5.1
CVE-2025-7802 - PHPGurukul Complaint Management System complaint-search.php cross site scripting
A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument Search leads to cross site scripting. The attack may be launched remo…
5.4
CVE-2025-33014 - IBM Sterling B2B Integrator and IBM Sterling File Gateway link injection
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the vict…
6.9
CVE-2025-7801 - BossSoft CRM HNDCBas_customPrmSearchDtl.jsp sql injection
A vulnerability has been found in BossSoft CRM 6.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /crm/module/HNDCBas_customPrmSearchDtl.jsp. The manipulation of the argument cstid leads to sql injection. The attack can be launched remotely. The e…