6.9

CVSS4.0

CVE-2025-14223 - code-projects Simple Leave Manager request.php sql injection

A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation of the argument staff_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to thโ€ฆ

๐Ÿ“… Published: Dec. 8, 2025, 8:02 a.m. ๐Ÿ”„ Last Modified: Jan. 7, 2026, 5:09 p.m.

5.1

CVSS3.1

CVE-2025-66322 -

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

๐Ÿ“… Published: Dec. 8, 2025, 8:01 a.m. ๐Ÿ”„ Last Modified: Dec. 9, 2025, 8:29 p.m.

5.1

CVSS3.1

CVE-2025-66321 -

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

๐Ÿ“… Published: Dec. 8, 2025, 7:50 a.m. ๐Ÿ”„ Last Modified: Dec. 9, 2025, 8:29 p.m.

5.1

CVSS3.1

CVE-2025-66320 -

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

๐Ÿ“… Published: Dec. 8, 2025, 7:47 a.m. ๐Ÿ”„ Last Modified: Dec. 9, 2025, 8:29 p.m.

7.1

CVSS4.0

CVE-2025-14255 - Galaxy Software Services๏ฝœVitals ESP - SQL Injection

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

๐Ÿ“… Published: Dec. 8, 2025, 7:43 a.m. ๐Ÿ”„ Last Modified: Jan. 15, 2026, 1:41 a.m.

7.1

CVSS4.0

CVE-2025-14254 - Galaxy Software Services๏ฝœVitals ESP - SQL Injection

Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

๐Ÿ“… Published: Dec. 8, 2025, 7:41 a.m. ๐Ÿ”„ Last Modified: Jan. 15, 2026, 1:42 a.m.

6.9

CVSS4.0

CVE-2025-14253 - Galaxy Software Services๏ฝœVitals ESP - Arbitrary File Read

Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files.

๐Ÿ“… Published: Dec. 8, 2025, 7:38 a.m. ๐Ÿ”„ Last Modified: Jan. 15, 2026, 1:42 a.m.

5.3

CVSS4.0

CVE-2025-14222 - code-projects Employee Profile Management System print_personnel_report.php sql injection

A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /print_personnel_report.php. This manipulation of the argument per_id causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.

๐Ÿ“… Published: Dec. 8, 2025, 7:32 a.m. ๐Ÿ”„ Last Modified: Feb. 24, 2026, 5:44 a.m.

5.1

CVSS4.0

CVE-2025-14221 - SourceCodester Online Banking System page cross site scripting

A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used.

๐Ÿ“… Published: Dec. 8, 2025, 7:02 a.m. ๐Ÿ”„ Last Modified: Dec. 9, 2025, 8:19 p.m.

5.3

CVSS4.0

CVE-2025-14220 - ORICO CD3510 File Upload path traversal

A security vulnerability has been detected in ORICO CD3510 1.9.12. This affects an unknown function of the component File Upload. The manipulation leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early aโ€ฆ

๐Ÿ“… Published: Dec. 8, 2025, 6:32 a.m. ๐Ÿ”„ Last Modified: Dec. 9, 2025, 10:26 a.m.
Total resulsts: 344690
Page 2332 of 34,469
ยซ previous page ยป next page
Filters