5.1
CVE-2025-9754 - Campcodes Online Hospital Management System Edit Profile edit-profile.php cross site scripting
A flaw has been found in Campcodes Online Hospital Management System 1.0. The impacted element is an unknown function of the file /edit-profile.php of the component Edit Profile Page. Executing manipulation of the argument Username can lead to cross site scripting. The attack may be launched remoteโฆ
4.8
CVE-2025-9753 - Campcodes Online Hospital Management System Patient Search patient-search.php cross site scripting
A vulnerability was detected in Campcodes Online Hospital Management System 1.0. The affected element is an unknown function of the file /admin/patient-search.php of the component Patient Search Module. Performing manipulation of the argument Search by Name Mobile No results in cross site scriptingโฆ
6.9
CVE-2025-9752 - D-Link DIR-852 SOAP Service soap.cgi soapcgi_main os command injection
A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgi_main of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been disclโฆ
6.9
CVE-2025-9751 - Campcodes Online Learning Management System login.php sql injection
A weakness has been identified in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /login.php. This manipulation of the argument Username causes sql injection. The attack can be initiated remotely. The exploit has been made available to the pubโฆ
6.9
CVE-2025-9750 - Campcodes Online Learning Management System login.php sql injection
A security flaw has been discovered in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument Username results in sql injection. It is possible to launch the attack remotely. The exploit has been releasโฆ
6.9
CVE-2025-9749 - HKritesh009 Grocery List Management Web App update.php sql injection
A vulnerability was identified in HKritesh009 Grocery List Management Web App up to f491b681eb70d465f445c9a721415c965190f83b. This affects an unknown part of the file /src/update.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The expโฆ
8.7
CVE-2025-9748 - Tenda CH22 httpd IPSECsave fromIpsecitem stack-based overflow
A vulnerability was determined in Tenda CH22 1.0.0.1. Affected by this issue is the function fromIpsecitem of the file /goform/IPSECsave of the component httpd. Executing manipulation of the argument ipsecno can lead to stack-based buffer overflow. The attack may be performed from remote.
5.3
CVE-2025-9747 - Koillection csrf_protection_controller.js cross-site request forgery
A vulnerability has been found in Koillection up to 1.6.18. Affected is an unknown function of the file assets/controllers/csrf_protection_controller.js. Such manipulation leads to cross-site request forgery. The attack can be executed remotely. The exploit has been disclosed to the public and may โฆ
4.8
CVE-2025-9746 - Campcodes Hospital Management System Edit Doctor Specialization edit-doctor-specialization.php crosโฆ
A vulnerability was detected in Campcodes Hospital Management System 1.0. This affects an unknown function of the file /admin/edit-doctor-specialization.php of the component Edit Doctor Specialization Page. The manipulation results in cross site scripting. The attack may be launched remotely. The eโฆ
5.1
CVE-2025-9745 - D-Link DI-500WF jhttpd version_upgrade.asp os command injection
A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /version_upgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit hasโฆ