8.4
CVE-2012-10057 - Lattice Semiconductor ispVM System 18.0.2 XCF File Handling Buffer Overflow
Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, allowing a specially crafted file to overwrite memory on the β¦
8.7
CVE-2011-10014 - GTA SA-MP server.cfg Buffer Overflow
GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary (samp-server.exe) processes a crafted eβ¦
9.4
CVE-2012-10059 - Dolibarr ERP/CRM Post-Auth OS Command Injection
Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sql_compat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote codβ¦
9.3
CVE-2011-10015 - Cytel Studio <= 9.0 .CY3 File Stack Buffer Overflow
Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer (256 bytes) without proper bounds checking. Exploitation allowsβ¦
9.3
CVE-2012-10055 - ComSndFTP v1.3.7 Beta USER Format String RCE
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory (specifically WSACleanup from Ws2_32.dll).β¦
6.3
CVE-2025-8927 - mtons mblog Verification Code send_code excessive authentication
A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality of the file /email/send_code of the component Verification Code Handler. The manipulation of the argument email leads to improper restriction of excessive authentication attempts. The attβ¦
6.9
CVE-2025-8926 - SourceCodester COVID 19 Testing Management System login.php sql injection
A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been discloseβ¦
6.9
CVE-2025-8925 - itsourcecode Sports Management System match.php sql injection
A vulnerability has been found in itsourcecode Sports Management System 1.0. Affected is an unknown function of the file /Admin/match.php. The manipulation of the argument code leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and mayβ¦
6.9
CVE-2025-8924 - Campcodes Online Water Billing System viewbill.php sql injection
A vulnerability was identified in Campcodes Online Water Billing System 1.0. This issue affects some unknown processing of the file /viewbill.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may bβ¦
6.9
CVE-2025-8923 - code-projects Job Diary edit-details.php sql injection
A vulnerability was determined in code-projects Job Diary 1.0. This vulnerability affects unknown code of the file /edit-details.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.