0.0
CVE-2025-59884 -
Not used
0.0
CVE-2025-59879 -
Not used
0.0
CVE-2025-59883 -
Not used
0.0
CVE-2025-59878 -
Not used
0.0
CVE-2025-59877 -
Not used
0.0
CVE-2025-59876 -
Not used
5.3
CVE-2025-10807 - Campcodes Online Beauty Parlor Management System edit-customer-detailed.php sql injection
A security flaw has been discovered in Campcodes Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/edit-customer-detailed.php. The manipulation of the argument editid results in sql injection. The attack may be launched remotely. The exploit hβ¦
5.3
CVE-2025-10806 - Campcodes Online Beauty Parlor Management System bwdates-reports-details.php sql injection
A vulnerability was identified in Campcodes Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be initiated remotely. The exploit β¦
4.8
CVE-2025-43807 -
Stored cross-site scripting (XSS) vulnerability in the notifications widget in Liferay Portal 7.4.0 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.8, 2023.Q3.1 through 2023.Q3.10, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML via a craftedβ¦
6.5
CVE-2025-59413 - CubeCart Unauthorized Newsletter Unsubscription via force_unsubscribe Parameter
CubeCart is an ecommerce software solution. Prior to version 6.5.11, a logic flaw exists in the newsletter subscription endpoint that allows an attacker to unsubscribe any user without their consent. By changing the value of the force_unsubscribe parameter in the POST request to 1, an attacker can β¦