6.9
CVE-2025-6296 - code-projects Hostel Management System empty_rooms.php sql injection
A vulnerability was found in code-projects Hostel Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /empty_rooms.php. The manipulation of the argument search_box leads to sql injection. The attack may be launched remotely. The expโฆ
6.9
CVE-2025-6295 - code-projects Hostel Management System allocated_rooms.php sql injection
A vulnerability was found in code-projects Hostel Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /allocated_rooms.php. The manipulation of the argument search_box leads to sql injection. The attack can be launched remoโฆ
7.5
CVE-2025-49715 - Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability
Exposure of private personal information to an unauthorized actor in Dynamics 365 FastTrack Implementation Assets allows an unauthorized attacker to disclose information over a network.
6.9
CVE-2025-6294 - code-projects Hostel Management System contact.php sql injection
A vulnerability was found in code-projects Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /contact.php. The manipulation of the argument hostel_name leads to sql injection. It is possible to launch the attack remotely. The exploit has bโฆ
6.3
CVE-2025-48058 - PowSyBl Core contains Polynomial REDoSโes
PowSyBl (Power System Blocks) is a framework to build power system oriented software. Prior to version 6.7.2, there is a potential polynomial Regular Expression Denial of Service (ReDoS) vulnerability in the PowSyBl's DataSource mechanism. If successfully exploited, a malicious actor can cause signโฆ
6.9
CVE-2025-6293 - code-projects Hostel Management System contact_manager.php sql injection
A vulnerability was found in code-projects Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /contact_manager.php. The manipulation of the argument student_roll_no leads to sql injection. The attack may be initiated remotely. The exploitโฆ
8.7
CVE-2025-6292 - D-Link DIR-825 HTTP POST Request sub_4091AC stack-based overflow
A vulnerability has been found in D-Link DIR-825 2.03 and classified as critical. This vulnerability affects the function sub_4091AC of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been discloseโฆ
8.7
CVE-2025-6291 - D-Link DIR-825 HTTP POST Request do_file stack-based overflow
A vulnerability, which was classified as critical, was found in D-Link DIR-825 2.03. This affects the function do_file of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed toโฆ
4.8
CVE-2025-6288 - PHPGurukul Bus Pass Management System Profile Page admin-profile.php cross site scripting
A vulnerability, which was classified as problematic, has been found in PHPGurukul Bus Pass Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/admin-profile.php of the component Profile Page. The manipulation of the argument profile name leads to cross siโฆ
7.1
CVE-2025-7365 - Keycloak: phishing attack via email verification step in first login flow
A flaw was found in Keycloak. When an authenticated attacker attempts to merge accounts with another existing account during an identity provider (IdP) login, the attacker will subsequently be prompted to "review profile" information. This vulnerability allows the attacker to modify their email addโฆ