6.9
CVE-2025-6408 - Campcodes Online Hospital Management System search.php sql injection
A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploitโฆ
6.9
CVE-2025-6407 - Campcodes Online Hospital Management System user-login.php sql injection
A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. This affects an unknown part of the file /user-login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit haโฆ
6.9
CVE-2025-6406 - Campcodes Online Hospital Management System forgot-password.php sql injection
A vulnerability, which was classified as critical, has been found in Campcodes Online Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/forgot-password.php. The manipulation of the argument fullname leads to sql injection. The attack may be launchโฆ
6.9
CVE-2025-6405 - Campcodes Online Teacher Record Management System edit-teacher-detail.php sql injection
A vulnerability classified as critical was found in Campcodes Online Teacher Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-teacher-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launcheโฆ
4.3
CVE-2025-3629 - IBM InfoSphere Information Server file manipulation
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an authenticated user to delete another user's comments due to improper ownership management.
7.5
CVE-2025-3221 - IBM InfoSphere Information Server denial of service
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a remote attacker to cause a denial of service due to insufficient validation of incoming request resources.
6.8
CVE-2025-36016 - IBM Process Mining HTTP open redirect
IBM Process Mining 2.0.1 IF001 and 2.0.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a maliโฆ
6.9
CVE-2025-6404 - Campcodes Online Teacher Record Management System search.php sql injection
A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploiโฆ
6.4
CVE-2025-5289 - 3D FlipBook - Lite Edition <= 1.16.15 - Authenticated (Contributor+) Stored Cross-Site Scripting viโฆ
The 3D FlipBook โ PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the โstyleโ and 'mode' parameters in all versions up to, and including, 1.16.15 due to insufficient input sanitization and output escaping. This makes itโฆ
6.9
CVE-2025-6403 - code-projects School Fees Payment System student.php sql injection
A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclโฆ