5.3
CVE-2025-7212 - itsourcecode Insurance Management System insertAgent.php sql injection
A vulnerability was found in itsourcecode Insurance Management System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be initiated remotely. The exploiβ¦
6.9
CVE-2025-7211 - code-projects LifeStyle Store cart_add.php sql injection
A vulnerability was found in code-projects LifeStyle Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cart_add.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to thβ¦
6.4
CVE-2025-5678 - Kadence Blocks β Gutenberg Blocks for Page Builder Features <= 3.5.10 - Authenticated (Contributor+β¦
The Gutenberg Blocks with AI by Kadence WP β Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βredirectURLβ parameter in all versions up to, and including, 3.5.10 due to insufficient input sanitization and output escaping. This makes it possible for auβ¦
5.3
CVE-2025-7210 - code-projects/Fabian Ros Library Management System profile_update.php unrestricted upload
A vulnerability was found in code-projects/Fabian Ros Library Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/profile_update.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be launched β¦
4.8
CVE-2025-7209 - 9fans plan9port x509.c value_decode null pointer dereference
A vulnerability has been found in 9fans plan9port up to 9da5b44 and classified as problematic. Affected by this vulnerability is the function value_decode in the library src/libsec/port/x509.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. Theβ¦
0.0
CVE-2025-34083 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2020-36849.
0.0
CVE-2025-34084 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2020-36848.
10
CVE-2025-34077 - WordPress Pie Register Plugin β€ 3.7.1.4 Authentication Bypass RCE
An authentication bypass vulnerability exists in the WordPress Pie Register plugin β€ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the user_id_social_site parameteβ¦
0.0
CVE-2025-34085 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2020-36847.
5.1
CVE-2025-7208 - 9fans plan9port x509.c edump heap-based overflow
A vulnerability was found in 9fans plan9port up to 9da5b44. It has been classified as critical. This affects the function edump in the library /src/plan9port/src/libsec/port/x509.c. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. Tβ¦