7.5
CVE-2025-37098 -
A path traversal vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.
6.9
CVE-2025-6958 - Campcodes Employee Management System edit.php sql injection
A vulnerability was found in Campcodes Employee Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /edit.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed toβ¦
6.9
CVE-2025-6957 - Campcodes Employee Management System eprocess.php sql injection
A vulnerability was found in Campcodes Employee Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /process/eprocess.php. The manipulation of the argument mailuid leads to sql injection. The attack can be initiated remotely. The exploit has β¦
7.5
CVE-2025-37097 -
A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an unauthenticated denial of service
6.9
CVE-2025-6956 - Campcodes Employee Management System changepassemp.php sql injection
A vulnerability was found in Campcodes Employee Management System 1.0. It has been classified as critical. This affects an unknown part of the file /changepassemp.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been diβ¦
6.9
CVE-2025-6955 - Campcodes Employee Management System aprocess.php sql injection
A vulnerability was found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /process/aprocess.php. The manipulation of the argument mailuid leads to sql injection. The attack may be launched remotely. The exploitβ¦
6.9
CVE-2025-6954 - Campcodes Employee Management System applyleave.php sql injection
A vulnerability has been found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /applyleave.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploitβ¦
8.7
CVE-2025-6953 - TOTOLINK A3002RU HTTP POST Request formParentControl buffer overflow
A vulnerability, which was classified as critical, was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possibβ¦
9.1
CVE-2025-49029 - WordPress Custom Login And Signup Widget plugin <= 1.0 - Arbitrary Code Execution vulnerability
Improper Control of Generation of Code ('Code Injection') vulnerability in bitto.Kazi Custom Login And Signup Widget allows Code Injection.This issue affects Custom Login And Signup Widget: from n/a through 1.0.
4.8
CVE-2025-36582 -
Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.