5.3
CVE-2025-5616 - PHPGurukul Online Fire Reporting System profile.php sql injection
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be launched remotely. Thβ¦
5.3
CVE-2025-5615 - PHPGurukul Online Fire Reporting System details.php sql injection
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /details.php. The manipulation of the argument requestid leads to sql injection. The attack can be launched remotely. Thβ¦
5.3
CVE-2025-5614 - PHPGurukul Online Fire Reporting System search-report-result.php sql injection
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. Affected is an unknown function of the file /search-report-result.php. The manipulation of the argument serachdata leads to sql injection. It is possible to launch the attack remotely. The β¦
6.5
CVE-2025-5690 - Cursor allows PostgreSQL Anonymizer masked user to gain unauthorized access to authentic data
PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pg_dump. This problem occurs only when dynamic masking is enabled, which is not the defauβ¦
5.3
CVE-2025-5613 - PHPGurukul Online Fire Reporting System request-details.php sql injection
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This issue affects some unknown processing of the file /request-details.php. The manipulation of the argument requestid leads to sql injection. The attack may be initiated remotely. The exploit has β¦
5.3
CVE-2025-5612 - PHPGurukul Online Fire Reporting System reporting.php sql injection
A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown code of the file /reporting.php. The manipulation of the argument fullname leads to sql injection. The attack can be initiated remotely. The exploit has been β¦
5.3
CVE-2025-5611 - CodeAstro Real Estate Management System submitpropertyupdate.php sql injection
A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown part of the file /submitpropertyupdate.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit haβ¦
5.3
CVE-2025-5610 - CodeAstro Real Estate Management System submitpropertydelete.php sql injection
A vulnerability, which was classified as critical, has been found in CodeAstro Real Estate Management System 1.0. Affected by this issue is some unknown functionality of the file /submitpropertydelete.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remoteβ¦
7.7
CVE-2025-48947 - NextJS-Auth0 SDK Vulnerable to CDN Caching of Session Cookies
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In Auth0 Next.js SDK versions 4.0.1 through 4.6.0, `__session` cookies set by auth0.middleware may be cached by CDNs due to missing Cache-Control headers. Three preconditions must be met in order for soβ¦
7.1
CVE-2025-46341 - Privilege escalation via SSRF when using HTTP auth
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, when the server is using HTTP auth via reverse proxy, it's possible to impersonate any user either via the `Remote-User` header or the `X-WebAuth-User` header by making specially crafted requests via the add feed functionality β¦