6.1
CVE-2025-63446 -
Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_vendor.php.
5.4
CVE-2025-63443 -
School Management System PHP v1.0 is vulnerable to Cross Site Scripting (XSS) in /login.php via the password parameter.
6.9
CVE-2025-12606 - itsourcecode Online Loan Management System manage_borrower.php sql injection
A vulnerability was determined in itsourcecode Online Loan Management System 1.0. This issue affects some unknown processing of the file /manage_borrower.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly discβ¦
6.9
CVE-2025-12605 - itsourcecode Online Loan Management System manage_loan.php sql injection
A vulnerability was found in itsourcecode Online Loan Management System 1.0. This vulnerability affects unknown code of the file /manage_loan.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used.
6.9
CVE-2025-12604 - itsourcecode Online Loan Management System load_fields.php sql injection
A vulnerability has been found in itsourcecode Online Loan Management System 1.0. This affects an unknown part of the file /load_fields.php. The manipulation of the argument loan_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may beβ¦
5.1
CVE-2025-12598 - SourceCodester Best House Rental Management System admin_class.php save_tenant sql injection
A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this issue is the function save_tenant of the file /admin_class.php. Executing manipulation of the argument firstname can lead to sql injection. The attack can be launched remotely. The exploit has been pubβ¦
5.1
CVE-2025-12597 - SourceCodester Best House Rental Management System admin_class.php save_category sql injection
A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by this vulnerability is the function save_category of the file /admin_class.php. Performing manipulation of the argument Name results in sql injection. The attack can be initiated remotely. The exploitβ¦
8.7
CVE-2025-12596 - Tenda AC23 saveParentControlInfo buffer overflow
A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function saveParentControlInfo of the file /goform/saveParentControlInfo. Such manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosβ¦
8.7
CVE-2025-12595 - Tenda AC23 SetVirtualServerCfg formSetVirtualSer buffer overflow
A weakness has been identified in Tenda AC23 16.03.07.52. This impacts the function formSetVirtualSer of the file /goform/SetVirtualServerCfg. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the puβ¦
5.1
CVE-2025-12594 - code-projects Simple Online Hotel Reservation System add_account.php sql injection
A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/add_account.php. The manipulation of the argument Name results in sql injection. The attack may be performed from remote. The exploit has been releaseβ¦