6.9
CVE-2025-14668 - campcodes Advanced Online Examination System loginExe.php sql injection
A vulnerability was detected in campcodes Advanced Online Examination System 1.0. This affects an unknown function of the file /query/loginExe.php. Performing a manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now public β¦
6.9
CVE-2025-14667 - itsourcecode COVID Tracking System page sql injection
A security vulnerability has been detected in itsourcecode COVID Tracking System 1.0. The impacted element is an unknown function of the file /admin/?page=system_info. Such manipulation of the argument meta_value leads to sql injection. The attack may be performed from remote. The exploit has been β¦
6.9
CVE-2025-14666 - itsourcecode COVID Tracking System page sql injection
A weakness has been identified in itsourcecode COVID Tracking System 1.0. The affected element is an unknown function of the file /admin/?page=user. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been made availablβ¦
9.3
CVE-2025-14665 - Tenda WH450 HTTP Request DhcpListClient stack-based overflow
A security flaw has been discovered in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/DhcpListClient of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has bβ¦
6.9
CVE-2025-14664 - Campcodes Supplier Management System view_unit.php sql injection
A vulnerability was identified in Campcodes Supplier Management System 1.0. This issue affects some unknown processing of the file /admin/view_unit.php. The manipulation of the argument chkId[] leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available β¦
4.8
CVE-2025-14663 - code-projects Student File Management System update_student.php cross site scripting
A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/update_student.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed anβ¦
4.8
CVE-2025-14662 - code-projects Student File Management System Update User update_user.php cross site scripting
A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made β¦
6.9
CVE-2025-14661 - itsourcecode Student Managemen System advisers.php sql injection
A vulnerability has been found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the publicβ¦
6.3
CVE-2025-14660 - DecoCMS Mesh Workspace Domain api.ts createTool access control
A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can be β¦
8.7
CVE-2025-14659 - D-Link DIR-860LB1/DIR-868LB1 DHCP command injection
A vulnerability was detected in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an unknown function of the component DHCP Daemon. The manipulation of the argument Hostname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be usβ¦