5.3
CVE-2025-6876 - SourceCodester Best Salon Management System add-category.php sql injection
A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/add-category.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The eβ¦
5.3
CVE-2025-6875 - SourceCodester Best Salon Management System edit-subscription.php sql injection
A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscription.php. The manipulation of the argument editid leads to sql injection. The attack can be launchβ¦
5.3
CVE-2025-6874 - SourceCodester Best Salon Management System add_subscribe.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/add_subscribe.php. The manipulation of the argument user_id/plan_id leads to sql injection. It is possible to launch the attack remotelβ¦
5.1
CVE-2025-6873 - SourceCodester Simple Company Website Users.php unrestricted upload
A vulnerability, which was classified as critical, has been found in SourceCodester Simple Company Website 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated remotely. β¦
5.1
CVE-2025-6872 - SourceCodester Simple Company Website SystemSettings.php unrestricted upload
A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely. β¦
6.9
CVE-2025-6871 - SourceCodester Simple Company Website Login.php sql injection
A vulnerability classified as critical has been found in SourceCodester Simple Company Website 1.0. This affects an unknown part of the file /classes/Login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disβ¦
5.1
CVE-2025-6870 - SourceCodester Simple Company Website Content.php unrestricted upload
A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Content.php?f=service. The manipulation of the argument img leads to unrestricted upload. The attack may be launched remotβ¦
5.1
CVE-2025-6869 - SourceCodester Simple Company Website manage.php sql injection
A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/testimonials/manage.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remβ¦
6.8
CVE-2025-24292 -
A misconfigured query in UniFi Network (v9.1.120 and earlier) could allow users to authenticate to Enterprise WiFi or VPN Server (l2tp and OpenVPN) using a deviceβs MAC address from 802.1X or MAC Authentication, if both services are enabled and share the same RADIUS profile.
9.9
CVE-2025-24290 -
Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (Version 2.4.206 and earlier) could allow a malicious actor with low privileges to escalate privileges.