6.9
CVE-2025-4195 - itsourcecode Gym Management System ajax.php sql injection
A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /ajax.php?action=save_member. The manipulation of the argument umember_id leads to sql injection. The attack can be initiated remotely. The explβ¦
6.9
CVE-2025-4193 - itsourcecode Restaurant Management System category_update.php sql injection
A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/category_update.php. The manipulation of the argument Category leads to sql injection. The attack may be launched remotely. β¦
6.5
CVE-2024-55910 - IBM Concert Software server-side request forgery
IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
5.3
CVE-2024-55913 - IBM Concert Software path traversal
IBM Concert Software 1.0.0 through 1.0.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
5.9
CVE-2024-55912 - IBM Concert Software information disclosure
IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
6.5
CVE-2024-55909 - IBM Concert Software denial of service
IBM Concert Software 1.0.0 through 1.0.5 could allow an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource consumption.
6.9
CVE-2025-4192 - itsourcecode Restaurant Management System category_save.php sql injection
A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/category_save.php. The manipulation of the argument Category leads to sql injection. It is possible to initiate the attack remotely. The exβ¦
6.9
CVE-2025-4191 - PHPGurukul Employee Record Management System editmyeducation.php sql injection
A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /editmyeducation.php. The manipulation of the argument coursepg/yophsc leads to sql injection. The attack can be launβ¦
5.3
CVE-2025-4186 - Wangshen SecGate 3600 g=route_ispinfo_export_save path traversal
A vulnerability, which was classified as critical, was found in Wangshen SecGate 3600 2024. Affected is an unknown function of the file /?g=route_ispinfo_export_save. The manipulation of the argument file_name leads to path traversal. It is possible to launch the attack remotely. The exploit has beβ¦
5.5
CVE-2023-53062 - net: usb: smsc95xx: Limit packet length to skb->len
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc95xx: Limit packet length to skb->len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory conteβ¦