4.6
CVE-2025-8079 - Reflected XSS in AkΔ±llΔ± Ticaret Software Technologies' Smart Trade E-Commerce
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AkΔ±llΔ± Ticaret Software Technologies Ltd. Co. Smart Trade E-Commerce allows Reflected XSS.This issue affects Smart Trade E-Commerce: before 4.5.0.0.1.
5.3
CVE-2025-10790 - SourceCodester Simple Forum Discussion System ajax.php sql injection
A security flaw has been discovered in SourceCodester Simple Forum Discussion System 1.0. This affects an unknown function of the file /ajax.php?action=save_category. The manipulation of the argument Description results in sql injection. The attack can be executed remotely. The exploit has been relβ¦
0.0
CVE-2025-59811 -
Not used
0.0
CVE-2025-59813 -
Not used
0.0
CVE-2025-59812 -
Not used
7.7
CVE-2025-5962 - Rhel-lightspeed: improper access control in lightspeed history management allows local privilege maβ¦
A flaw was found in the Lightspeed history service. Insufficient access controls allow a local, unprivileged user to access and manipulate the chat history of another user on the same system. By abusing inter-process communication calls to the history service, an attacker can view, delete, or injeβ¦
6.5
CVE-2025-0875 - IDOR in Proliz Software's OBS
Authorization Bypass Through User-Controlled Key vulnerability in PROLIZ Computer Software Hardware Service Trade Ltd. Co. OBS (Student Affairs Information System) allows Parameter Injection.This issue affects OBS (Student Affairs Information System): before v26.0328.
6.9
CVE-2025-10789 - SourceCodester Online Hotel Reservation System deleteslide.php sql injection
A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteslide.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly availableβ¦
6.9
CVE-2025-10788 - SourceCodester Online Hotel Reservation System deleteroominventory.php sql injection
A vulnerability was determined in SourceCodester Online Hotel Reservation System 1.0. The affected element is an unknown function of the file deleteroominventory.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publiβ¦
5.3
CVE-2025-10787 - MuYuCMS Add Fiend Link index.html server-side request forgery
A vulnerability was found in MuYuCMS up to 2.7. Impacted is an unknown function of the file /index/index.html of the component Add Fiend Link Handler. Performing manipulation of the argument Link URL results in server-side request forgery. The attack may be initiated remotely. The exploit has been β¦