5.1
CVE-2025-14642 - code-projects Computer Laboratory System technical_staff_pic.php unrestricted upload
A vulnerability has been found in code-projects Computer Laboratory System 1.0. Impacted is an unknown function of the file technical_staff_pic.php. Such manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the publiβ¦
5.1
CVE-2025-14641 - code-projects Computer Laboratory System admin_pic.php unrestricted upload
A flaw has been found in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing of the file admin/admin_pic.php. This manipulation of the argument image causes unrestricted upload. The attack may be initiated remotely. The exploit has been published and may be used.
6.9
CVE-2025-14640 - code-projects Student File Management System save_student.php sql injection
A flaw has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /admin/save_student.php. Executing manipulation of the argument stud_no can lead to sql injection. The attack may be launched remotely. The exploit has been published aβ¦
6.9
CVE-2025-14639 - itsourcecode Student Management System uprec.php sql injection
A vulnerability was detected in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /uprec.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used.
6.9
CVE-2025-14638 - itsourcecode Online Pet Shop Management System update_cnp.php sql injection
A security vulnerability has been detected in itsourcecode Online Pet Shop Management System 1.0. This issue affects some unknown processing of the file /pet1/update_cnp.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclβ¦
5.5
CVE-2025-14876 - Qemu-kvm: unbounded allocation in virtio-crypto
A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service (DoS) on the host system by causing the QEMU process to terminate unexpβ¦
6.9
CVE-2025-14637 - itsourcecode Online Pet Shop Management System addcnp.php sql injection
A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to thβ¦
6.3
CVE-2025-14636 - Tenda AX9 httpd image_check weak hash
A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exβ¦
6.9
CVE-2025-14623 - code-projects Student File Management System update_student.php sql injection
A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has beβ¦
6.9
CVE-2025-14622 - code-projects Student File Management System save_user.php sql injection
A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released β¦