8.8

CVSS3.1

CVE-2025-60785 -

A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via a crafted HTML page.

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: Feb. 4, 2026, 8:19 p.m.

9.8

CVSS3.1

CVE-2025-63451 -

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php.

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: Nov. 7, 2025, 8:47 p.m.

6.5

CVSS3.1

CVE-2025-63293 -

FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to Insecure Permissions. A remote authenticated user can append comments or upload attachments to tickets for which they lack view or edit authorization, due to missing authorization checks in the ticketing/commenting API.

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: Nov. 14, 2025, 6:32 p.m.

8.7

CVSS3.1

CVE-2025-60503 -

A cross-site scripting (XSS) vulnerability exists in the administrative interface of ultimatefosters UltimatePOS 4.8 where input submitted in the purchase functionality is reflected without proper escaping in the admin log panel page in the 'reference No.' field. This flaw allows an authenticated a…

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: Feb. 3, 2026, 2:56 p.m.

4.6

CVSS3.1

CVE-2025-63442 -

Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting (XSS) via the Profile Section. The system fails to properly sanitize user input, allowing attackers to inject and execute arbitrary JavaScript when the input is displayed in the browser

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: Nov. 5, 2025, 6:18 p.m.

6.1

CVSS3.1

CVE-2025-63446 -

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_vendor.php.

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: Nov. 10, 2025, 4:03 p.m.

5.4

CVSS3.1

CVE-2025-63443 -

School Management System PHP v1.0 is vulnerable to Cross Site Scripting (XSS) in /login.php via the password parameter.

πŸ“… Published: Nov. 3, 2025, midnight πŸ”„ Last Modified: Feb. 3, 2026, 3:01 p.m.

6.9

CVSS4.0

CVE-2025-12606 - itsourcecode Online Loan Management System manage_borrower.php sql injection

A vulnerability was determined in itsourcecode Online Loan Management System 1.0. This issue affects some unknown processing of the file /manage_borrower.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disc…

πŸ“… Published: Nov. 2, 2025, 11:32 p.m. πŸ”„ Last Modified: Nov. 5, 2025, 4:07 p.m.

6.9

CVSS4.0

CVE-2025-12605 - itsourcecode Online Loan Management System manage_loan.php sql injection

A vulnerability was found in itsourcecode Online Loan Management System 1.0. This vulnerability affects unknown code of the file /manage_loan.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used.

πŸ“… Published: Nov. 2, 2025, 11:02 p.m. πŸ”„ Last Modified: Nov. 5, 2025, 4:07 p.m.

6.9

CVSS4.0

CVE-2025-12604 - itsourcecode Online Loan Management System load_fields.php sql injection

A vulnerability has been found in itsourcecode Online Loan Management System 1.0. This affects an unknown part of the file /load_fields.php. The manipulation of the argument loan_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be…

πŸ“… Published: Nov. 2, 2025, 9:32 p.m. πŸ”„ Last Modified: Nov. 5, 2025, 4:03 p.m.
Total resulsts: 349182
Page 3182 of 34,919
Β« previous page Β» next page
Filters