5.3
CVE-2025-4912 - SourceCodester Student Result Management System Image File update_student.php path traversal
A vulnerability has been found in SourceCodester Student Result Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/core/update_student.php of the component Image File Handler. The manipulation of the argument old_photo leaβ¦
6.9
CVE-2025-4911 - PHPGurukul Zoo Management System view-foreigner-ticket.php sql injection
A vulnerability, which was classified as critical, was found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/view-foreigner-ticket.php. The manipulation of the argument viewid leads to sql injection. It is possible to launch the attack remotely. The exploβ¦
6.4
CVE-2025-2892 - All in One SEO Pack <= 4.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post β¦
The All in One SEO β Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post Meta Description and Canonical URL parameters in all versions up to, and including, 4.8.1.1 due to insufficient input sanitization and outβ¦
6.9
CVE-2025-4910 - PHPGurukul Zoo Management System edit-animal-details.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Zoo Management System 2.1. This issue affects some unknown processing of the file /admin/edit-animal-details.php. The manipulation of the argument aname leads to sql injection. The attack may be initiated remotely. The β¦
6.9
CVE-2025-4909 - SourceCodester Client Database Management System exposure of information through directory listing
A vulnerability classified as critical was found in SourceCodester Client Database Management System 1.0. This vulnerability affects unknown code. The manipulation leads to exposure of information through directory listing. The attack can be initiated remotely. The exploit has been disclosed to theβ¦
6.9
CVE-2025-4908 - PHPGurukul Daily Expense Tracker System expense-datewise-reports-detailed.php sql injection
A vulnerability classified as critical has been found in PHPGurukul Daily Expense Tracker System 1.1. This affects an unknown part of the file /expense-datewise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotβ¦
6.9
CVE-2025-4907 - PHPGurukul Daily Expense Tracker System forgot-password.php sql injection
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The expβ¦
6.9
CVE-2025-4906 - PHPGurukul Notice Board System login.php sql injection
A vulnerability was found in PHPGurukul Notice Board System 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosedβ¦
4.8
CVE-2025-4905 - iop-apl-uw basestation3 QC.py load_qc_pickl deserialization
A vulnerability was found in iop-apl-uw basestation3 up to 3.0.4 and classified as problematic. This issue affects the function load_qc_pickl of the file basestation3/QC.py. The manipulation of the argument qc_file leads to deserialization. An attack has to be approached locally. The exploit has beβ¦
0.0
CVE-2025-23122 -
This CVE record has been withdrawn due to a duplicate entry CVE-2025-23165.