5.1
CVE-2025-6287 - PHPGurukul COVID19 Testing Management System Take Action test-details.php cross site scripting
A vulnerability classified as problematic was found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /test-details.php of the component Take Action. The manipulation of the argument remark leads to cross site scripting. The β¦
5.1
CVE-2025-6286 - PHPGurukul COVID19 Testing Management System search-report-result.php redirect
A vulnerability classified as problematic has been found in PHPGurukul COVID19 Testing Management System 2021. Affected is an unknown function of the file /search-report-result.php. The manipulation of the argument q leads to open redirect. It is possible to launch the attack remotely. The exploit β¦
5.3
CVE-2025-6285 - PHPGurukul COVID19 Testing Management System search-report-result.php cross site scripting
A vulnerability was found in PHPGurukul COVID19 Testing Management System 2021. It has been rated as problematic. This issue affects some unknown processing of the file /search-report-result.php. The manipulation of the argument q leads to cross site scripting. The attack may be initiated remotely.β¦
5.3
CVE-2025-6284 - PHPGurukul Car Rental Portal cross-site request forgery
A vulnerability was found in PHPGurukul Car Rental Portal 3.0. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
5.1
CVE-2025-6283 - xataio Xata Agent route.ts GET path traversal
A vulnerability was found in xataio Xata Agent up to 0.3.0. It has been classified as problematic. This affects the function GET of the file apps/dbagent/src/app/api/evals/route.ts. The manipulation of the argument passed leads to path traversal. Upgrading to version 0.3.1 is able to address this iβ¦
5.1
CVE-2025-6282 - xlang-ai OpenAgents file.py create_upload_file path traversal
A vulnerability was found in xlang-ai OpenAgents up to ff2e46440699af1324eb25655b622c4a131265bb and classified as critical. Affected by this issue is the function create_upload_file of the file backend/api/file.py. The manipulation leads to path traversal. The exploit has been disclosed to the publβ¦
2.7
CVE-2025-47293 - PowSyBl Core XML Reader allows XXE and SSRF
PowSyBl (Power System Blocks) is a framework to build power system oriented software. Prior to version 6.7.2, in certain places, powsybl-core XML parsing is vulnerable to an XML external entity (XXE) attack and to a server-side request forgery (SSRF) attack. This allows an attacker to elevate theirβ¦
5.1
CVE-2025-6281 - OpenBMB XAgent community path traversal
A vulnerability has been found in OpenBMB XAgent up to 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /conv/community. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used.
5.1
CVE-2025-6280 - TransformerOptimus SuperAGI EmailToolKit read_email.py download_attachment path traversal
A vulnerability, which was classified as critical, was found in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function download_attachment of the file SuperAGI/superagi/helper/read_email.py of the component EmailToolKit. The manipulation of the argument filename leads to path traversal.β¦
5.1
CVE-2025-6279 - Upsonic Pickle add_tool cloudpickle.loads deserialization
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/add_tool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may bβ¦