6.9
CVE-2025-5581 - CodeAstro Real Estate Management System index.php sql injection
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument User leads to sql injection. The attack can be initiated remotely. The exploit has been โฆ
6.9
CVE-2025-5580 - CodeAstro Real Estate Management System login.php sql injection
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been discโฆ
7.3
CVE-2025-47728 - File Parsing Memory Corruption in CNCSoft-G2
Delta Electronics CNCSoft-G2ย lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
9.4
CVE-2024-13967 - ession-Management Failure
This vulnerability allows the successful attacker to gain unauthorized access to a configuration web page delivered by the integrated web Server of EIBPORT. This issue affects EIBPORT V3 KNX: through 3.9.8; EIBPORT V3 KNX GSM: through 3.9.8.
6.9
CVE-2025-5579 - PHPGurukul Dairy Farm Shop Management System search-product.php sql injection
A vulnerability was found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this issue is some unknown functionality of the file /search-product.php. The manipulation of the argument productname leads to sql injection. The attack may be launched remotely. Tโฆ
6.9
CVE-2025-5578 - PHPGurukul Dairy Farm Shop Management System sales-report-details.php sql injection
A vulnerability has been found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /sales-report-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can beโฆ
6.9
CVE-2025-5577 - PHPGurukul Dairy Farm Shop Management System profile.php sql injection
A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System 1.3. Affected is an unknown function of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. It is possible to launch the attack remotely. The exploitโฆ
6.9
CVE-2025-5576 - PHPGurukul Dairy Farm Shop Management System bwdate-report-details.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Dairy Farm Shop Management System 1.3. This issue affects some unknown processing of the file /bwdate-report-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be initiaโฆ
7.3
CVE-2025-47727 - Out-of-bounds Write in CNCSoft
Delta Electronics CNCSoftย lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process.
4.8
CVE-2025-27444 - Extension - rsjoomla.com - A reflected XSS vulnerability RSform!Pro component 3.0.0 - 3.3.13 for Joโฆ
A reflected XSS vulnerability in RSform!Pro component 3.0.0 - 3.3.13 for Joomla was discovered. The issue arises from the improper handling of the filter[dateFrom] GET parameter, which is reflected unescaped in the administrative backend interface. This allows an authenticated attacker with admin oโฆ