5.3
CVE-2025-4196 - SourceCodester Patient Record Management System birthing.php sql injection
A vulnerability was found in SourceCodester Patient Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /birthing.php. The manipulation of the argument comp_id leads to sql injection. The attack may be initiated remotely. The exploit hβ¦
6.5
CVE-2025-29825 - Microsoft Edge (Chromium-based) Spoofing Vulnerability
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
6.9
CVE-2025-4195 - itsourcecode Gym Management System ajax.php sql injection
A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /ajax.php?action=save_member. The manipulation of the argument umember_id leads to sql injection. The attack can be initiated remotely. The explβ¦
6.9
CVE-2025-4193 - itsourcecode Restaurant Management System category_update.php sql injection
A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/category_update.php. The manipulation of the argument Category leads to sql injection. The attack may be launched remotely. β¦
6.5
CVE-2024-55910 - IBM Concert Software server-side request forgery
IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
5.3
CVE-2024-55913 - IBM Concert Software path traversal
IBM Concert Software 1.0.0 through 1.0.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
5.9
CVE-2024-55912 - IBM Concert Software information disclosure
IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
6.5
CVE-2024-55909 - IBM Concert Software denial of service
IBM Concert Software 1.0.0 through 1.0.5 could allow an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource consumption.
6.9
CVE-2025-4192 - itsourcecode Restaurant Management System category_save.php sql injection
A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/category_save.php. The manipulation of the argument Category leads to sql injection. It is possible to initiate the attack remotely. The exβ¦
6.9
CVE-2025-4191 - PHPGurukul Employee Record Management System editmyeducation.php sql injection
A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /editmyeducation.php. The manipulation of the argument coursepg/yophsc leads to sql injection. The attack can be launβ¦