5.1
CVE-2025-8787 - Portabilis i-Diario Registro das atividades registros-de-conteudos-por-disciplina cross site scriptโฆ
A vulnerability has been found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /registros-de-conteudos-por-disciplina/ of the component Registro das atividades. The manipulation of the argument Registro de ativโฆ
5.1
CVE-2025-8786 - Portabilis i-Diario Registro das atividades registros-de-conteudos-por-areas-de-conhecimento cross โฆ
A vulnerability, which was classified as problematic, was found in Portabilis i-Diario up to 1.5.0. Affected is an unknown function of the file /registros-de-conteudos-por-areas-de-conhecimento/ of the component Registro das atividades. The manipulation of the argument Registro de atividades/Conteรบโฆ
3
CVE-2025-52136 -
In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability (for later Dashboard installation) is set bโฆ
5.1
CVE-2025-8785 - Portabilis i-Educar educar_usuario_lst.php cross site scripting
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. This issue affects some unknown processing of the file /intranet/educar_usuario_lst.php. The manipulation of the argument nm_pessoa/matricula/matricula_interna leads to cross site scripting. The aโฆ
5.1
CVE-2025-8784 - Portabilis i-Educar Cadastrar Vรญnculo funcionario_vinculo_cad.php cross site scripting
A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionario_vinculo_cad.php of the component Cadastrar Vรญnculo Page. The manipulation of the argument nome leads to cross site scripting. The attack caโฆ
5.3
CVE-2025-8775 - Qiyuesuo Eelectronic Signature Platform Scheduled Task upload execute unrestricted upload
A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of the file /api/code/upload of the component Scheduled Task Handler. The manipulation of the argument File leads to unrestricted upload. The atโฆ
2
CVE-2025-8774 - riscv-boom SonicBOOM L1 Data Cache timing discrepancy
A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this attโฆ
6.9
CVE-2025-8773 - Dinstar Monitoring Platform ็่็ๅฑ้ฉๅๅบ็ๆงๅนณๅฐ login_getPasswordErrorNum.action sql injection
A vulnerability, which was classified as critical, was found in Dinstar Monitoring Platform ็่็ๅฑ้ฉๅๅบ็ๆงๅนณๅฐ 1.0. Affected is an unknown function of the file /itc/$%7BappPath%7D/login_getPasswordErrorNum.action. The manipulation of the argument userBean.loginName leads to sql injection. It is possible tโฆ
5.3
CVE-2025-8772 - Vinades NukeViet Module index.php server-side request forgery
A vulnerability, which was classified as problematic, has been found in Vinades NukeViet up to 4.5.06. This issue affects some unknown processing of the file /admin/index.php?language=en&nv=upload of the component Module Handler. The manipulation leads to server-side request forgery. The attack mayโฆ
5.1
CVE-2025-8765 - Datacom DM955 5GT 1200 Wireless Basic Settings cross site scripting
A vulnerability classified as problematic was found in Datacom DM955 5GT 1200 825.8010.00. Affected by this vulnerability is an unknown functionality of the component Wireless Basic Settings. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely. Tโฆ