0.0
CVE-2025-52933 -
3rd party vulnerability
6.9
CVE-2025-6503 - code-projects Inventory Management System fetchSelectedCategories.php sql injection
A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/fetchSelectedCategories.php. The manipulation of the argument categoriesId leads to sql injection. The attack may be initiated reβ¦
6.9
CVE-2025-6502 - code-projects Inventory Management System changePassword.php sql injection
A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php_action/changePassword.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The β¦
6.9
CVE-2025-6501 - code-projects Inventory Management System createCategories.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/createCategories.php. The manipulation of the argument categoriesStatus leads to sql injection. It is possible to initiate the attack rβ¦
6.9
CVE-2025-6500 - code-projects Inventory Management System editCategories.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Inventory Management System 1.0. Affected by this issue is some unknown functionality of the file /php_action/editCategories.php. The manipulation of the argument editCategoriesName leads to sql injection. The attackβ¦
4.8
CVE-2025-6499 - vstakhov libucl ucl_parser.c ucl_parse_multiline_string heap-based overflow
A vulnerability classified as problematic was found in vstakhov libucl up to 0.9.2. Affected by this vulnerability is the function ucl_parse_multiline_string of the file src/ucl_parser.c. The manipulation leads to heap-based buffer overflow. The attack needs to be approached locally. The exploit haβ¦
4.8
CVE-2025-6498 - HTACG tidy-html5 alloc.c defaultAlloc memory leak
A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be usβ¦
4.8
CVE-2025-6497 - HTACG tidy-html5 parser.c prvTidyParseNamespace assertion
A vulnerability was found in HTACG tidy-html5 5.8.0. It has been rated as problematic. This issue affects the function prvTidyParseNamespace of the file src/parser.c. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been disclosed to the public and β¦
4.8
CVE-2025-6496 - HTACG tidy-html5 parser.c InsertNodeAsParent null pointer dereference
A vulnerability was found in HTACG tidy-html5 5.8.0. It has been declared as problematic. This vulnerability affects the function InsertNodeAsParent of the file src/parser.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been dβ¦
6.4
CVE-2025-52920 -
Innoshop through 0.4.1 allows Insecure Direct Object Reference (IDOR) at multiple places within the frontend shop. Anyone can create a customer account and easily exploit these. Successful exploitation results in disclosure of the PII of other customers and the deletion of their reviews of productsβ¦