6.9
CVE-2025-9700 - SourceCodester Online Book Store publisher_list.php sql injection
A flaw has been found in SourceCodester Online Book Store 1.0. This issue affects some unknown processing of the file /publisher_list.php. This manipulation of the argument pubid causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
6.9
CVE-2025-9699 - SourceCodester Online Polling System Code checklogin.php sql injection
A vulnerability was detected in SourceCodester Online Polling System Code 1.0. This vulnerability affects unknown code of the file /admin/checklogin.php. The manipulation of the argument myusername results in sql injection. The attack may be performed from a remote location. The exploit is now publβ¦
4.8
CVE-2025-9695 - GalleryVault Gallery Vault App com.thinkyeah.galleryvault AndroidManifest.xml improper export of anβ¦
A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.thinkyeah.galleryvault. The manipulation leads to improper export of android application components. Theβ¦
6.9
CVE-2025-9694 - Campcodes Advanced Online Voting System login.php sql injection
A vulnerability was determined in Campcodes Advanced Online Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has beeβ¦
6.9
CVE-2025-9692 - Campcodes Online Shopping System product.php sql injection
A vulnerability was found in Campcodes Online Shopping System 1.0. Affected is an unknown function of the file /product.php. Performing manipulation of the argument p results in sql injection. The attack may be initiated remotely. The exploit has been made public and could be used.
6.9
CVE-2025-9691 - Campcodes Online Shopping System login.php sql injection
A vulnerability has been found in Campcodes Online Shopping System 1.0. This impacts an unknown function of the file /login.php. Such manipulation of the argument Password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
8.7
CVE-2012-10062 - XAMPP WebDAV PHP Upload Authentication Bypass RCE
A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible via /webdav/, accepts HTTP PUT requests using default credentials. This permits attackerβ¦
8.4
CVE-2010-10017 - WM Downloader 3.1.2.2 Buffer Overflow via Malformed M3U File
WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler (SEH) records and execute arbitrary code. Exploitation occβ¦
9.3
CVE-2011-10032 - Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57
Sunway ForceControl version 6.1 SP3 and earlier contains a stack-based buffer overflow vulnerability in the SNMP NetDBServer service, which listens on TCP port 2001. The flaw is triggered when the service receives a specially crafted packet using opcode 0x57 with an overly long payload. Due to imprβ¦
8.6
CVE-2009-20008 - Green Dam < 3.174 URL Processing Buffer Overflow
Green Dam Youth Escort version 3.17 is vulnerable to a stack-based buffer overflow when processing overly long URLs. The flaw resides in the URL filtering component, which fails to properly validate input length before copying user-supplied data into a fixed-size buffer. A remote attacker can exploβ¦