6.9
CVE-2025-7512 - code-projects Modern Bag contact-back.php sql injection
A vulnerability was found in code-projects Modern Bag 1.0. It has been classified as critical. Affected is an unknown function of the file /contact-back.php. The manipulation of the argument contact-name leads to sql injection. It is possible to launch the attack remotely. The exploit has been discβ¦
5.3
CVE-2025-7511 - code-projects Chat System update_account.php sql injection
A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/update_account.php. The manipulation of the argument musername leads to sql injection. The attack may be initiated remotely. The exploit has been disclβ¦
6.9
CVE-2025-7510 - code-projects Modern Bag productadd_back.php sql injection
A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/productadd_back.php. The manipulation of the argument namepro leads to sql injection. The attack can be initiated remotely. The exploit has been discβ¦
6.9
CVE-2025-7509 - code-projects Modern Bag slide.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /admin/slide.php. The manipulation of the argument idSlide leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed toβ¦
6.4
CVE-2025-53865 -
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates (devel and responsive).
7.2
CVE-2024-58258 -
SugarCRM before 13.0.4 and 14.x before 14.0.1 allows SSRF in the API module because a limited type of code injection can occur.
6.9
CVE-2025-7508 - code-projects Modern Bag product-update.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Modern Bag 1.0. Affected by this issue is some unknown functionality of the file /admin/product-update.php. The manipulation of the argument idProduct leads to sql injection. The attack may be launched remotely. The β¦
8.7
CVE-2025-7506 - Tenda FH451 HTTP POST Request Natlimit fromNatlimit stack-based overflow
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can beβ¦
8.7
CVE-2025-7505 - Tenda FH451 HTTP POST Request L7Prot frmL7ProtForm stack-based overflow
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attackβ¦
5.3
CVE-2025-7492 - PHPGurukul Vehicle Parking Management System manage-incomingvehicle.php sql injection
A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/manage-incomingvehicle.php. The manipulation of the argument del leads to sql injection. The attack may be launched β¦