5.1

CVSS4.0

CVE-2025-12610 - CodeAstro Gym Management System view-progress-report.php sql injection

A vulnerability was determined in CodeAstro Gym Management System 1.0. This affects an unknown part of the file /admin/view-progress-report.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and ma…

πŸ“… Published: Nov. 3, 2025, 1:32 a.m. πŸ”„ Last Modified: Feb. 24, 2026, 7:16 a.m.

5.1

CVSS4.0

CVE-2025-12609 - CodeAstro Gym Management System update-progress.php sql injection

A vulnerability was found in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/update-progress.php. Performing a manipulation of the argument id/ini_weight results in sql injection. The attack may be initiated remotely. The exploit has been…

πŸ“… Published: Nov. 3, 2025, 1:02 a.m. πŸ”„ Last Modified: Feb. 24, 2026, 7:16 a.m.

6.9

CVSS4.0

CVE-2025-12608 - itsourcecode Online Loan Management System manage_user.php sql injection

A security flaw has been discovered in itsourcecode Online Loan Management System 1.0. The affected element is an unknown function of the file /manage_user.php. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has be…

πŸ“… Published: Nov. 3, 2025, 12:32 a.m. πŸ”„ Last Modified: Nov. 5, 2025, 4:08 p.m.

6.9

CVSS4.0

CVE-2025-12607 - itsourcecode Online Loan Management System manage_payment.php sql injection

A vulnerability was identified in itsourcecode Online Loan Management System 1.0. Impacted is an unknown function of the file /manage_payment.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.

πŸ“… Published: Nov. 3, 2025, 12:02 a.m. πŸ”„ Last Modified: Nov. 5, 2025, 4:08 p.m.

5.5

CVSS3.1

CVE-2025-40107 - can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the `mcp251x` driver, which was fixed in commit 03c427147b2d ("can: mcp251x: fix resume…

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.8

CVSS3.1

CVE-2025-60892 -

An issue in Raspberry Pi Imager version 1.9.6 for Windows, affecting its OS customization feature. The imager's 'public-key authentication' setting unintentionally re-adds a user's id_rsa.pub key from their local Windows machine to the authorized_keys file on the Raspberry Pi, even after the user e…

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2025-29699 -

NetSurf 3.11 is vulnerable to Use After Free in dom_node_set_text_content function.

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: Nov. 5, 2025, 6:18 p.m.

7.3

CVSS3.1

CVE-2025-63441 -

Open Source Social Network (OSSN) 8.6 is vulnerable to Cross Site Scripting (XSS) via the parameter param` at endpoint u/administrator/friends.

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: Feb. 4, 2026, 8:18 p.m.

6.1

CVSS3.1

CVE-2025-63593 -

Grav CMS1.7.49.5 is vulnerable to Cross Site Scripting (XSS).

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: Nov. 7, 2025, 6:33 p.m.

5.4

CVSS3.1

CVE-2025-63449 -

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /orders.php.

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: Nov. 7, 2025, 8:44 p.m.
Total resulsts: 346528
Page 2915 of 34,653
Β« previous page Β» next page
Filters