6.9
CVE-2025-6905 - code-projects Car Rental System signup.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Car Rental System 1.0. This issue affects some unknown processing of the file /signup.php. The manipulation of the argument fname leads to sql injection. The attack may be initiated remotely. The exploit has been disβ¦
6.8
CVE-2025-4407 - Application does not invalidate session after password reset
Insufficient Session Expiration vulnerability in ABB Lite Panel Pro.This issue affects Lite Panel Pro: through 1.0.1.
6.9
CVE-2025-6904 - code-projects Car Rental System add_cars.php sql injection
A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of the argument car_name leads to sql injection. The attack may be launched remotely. The exploit hβ¦
2.3
CVE-2025-40710 - Host Header Injection (HHI) in the Hotspot Shield VPN client
Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web applications through the VPN tunnel.Β Although such applications do not present this vulnerability per se, the use of the tunnel, together with a forged Hoβ¦
6.9
CVE-2025-6903 - code-projects Car Rental System approve.php sql injection
A vulnerability was found in code-projects Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploitβ¦
6.9
CVE-2025-6902 - code-projects Inventory Management System editUser.php sql injection
A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /php_action/editUser.php. The manipulation of the argument edituserName leads to sql injection. It is possible to launch the attack remotely. Tβ¦
7.5
CVE-2024-8419 - ifm: Improper Access Control vulnerability in AC4xxS devices
The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a fail-safe state over the network due to missing authentication.
6.9
CVE-2025-6901 - code-projects Inventory Management System removeUser.php sql injection
A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/removeUser.php. The manipulation of the argument userid leads to sql injection. The attack may be initiated remotely. The exploitβ¦
5.1
CVE-2025-41439 -
A reflected cross-site scripting vulnerability via a specific parameter exists in SLNX Help Documentation of RICOH Streamline NX. If this vulnerability is exploited, an arbitrary script may be executed in the web browser of the user who accessed the product.
0.0
CVE-2025-53416 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.