5.3
CVE-2025-7626 - YiJiuSmile kkFileViewOfficeEdit onlinePreview path traversal
A vulnerability has been found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this vulnerability is the function onlinePreview of the file /onlinePreview. The manipulation of the argument url leads to path traversal. The attβ¦
5.3
CVE-2025-7625 - YiJiuSmile kkFileViewOfficeEdit download path traversal
A vulnerability, which was classified as critical, was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd. Affected is the function Download of the file /download. The manipulation of the argument url leads to path traversal. It is possible to launch the attack β¦
5.1
CVE-2025-7616 - gmg137 snap7-rs Public API pthread_cond_destroy memory corruption
A vulnerability, which was classified as critical, has been found in gmg137 snap7-rs up to 1.142.1. Affected by this issue is the function pthread_cond_destroy of the component Public API. The manipulation leads to memory corruption. The exploit has been disclosed to the public and may be used.
5.3
CVE-2025-7615 - TOTOLINK T6 HTTP POST Request cstecgi.cgi clearPairCfg command injection
A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748. Affected by this vulnerability is the function clearPairCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be lauβ¦
5.3
CVE-2025-7614 - TOTOLINK T6 HTTP POST Request cstecgi.cgi delDevice command injection
A vulnerability classified as critical has been found in TOTOLINK T6 4.1.5cu.748. Affected is the function delDevice of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ipAddr leads to command injection. It is possible to launch the attack rβ¦
5.3
CVE-2025-7613 - TOTOLINK T6 HTTP POST Request cstecgi.cgi CloudSrvVersionCheck command injection
A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack may be inβ¦
6.9
CVE-2025-7612 - code-projects Mobile Shop login.php sql injection
A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the puβ¦
6.9
CVE-2025-7611 - code-projects Wedding Reservation global.php sql injection
A vulnerability was found in code-projects Wedding Reservation 1.0. It has been classified as critical. This affects an unknown part of the file /global.php. The manipulation of the argument lu leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed toβ¦
6.9
CVE-2025-7610 - code-projects Electricity Billing System change_password.php sql injection
A vulnerability was found in code-projects Electricity Billing System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/change_password.php. The manipulation of the argument new_password leads to sql injection. The attack may be launched remotelyβ¦
6.9
CVE-2025-7609 - code-projects Simple Shopping Cart register.php sql injection
A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument ruser_email leads to sql injection. The attack can be launched remotely. The exβ¦