4.8
CVE-2025-5722 - SourceCodester Student Result Management System Add Academic Term terms cross site scripting
A vulnerability has been found in SourceCodester Student Result Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /script/academic/terms of the component Add Academic Term. The manipulation of the argument Academic Term leads to cross site scri…
5.1
CVE-2025-36513 -
Cross-site request forgery vulnerability exists in surveillance cameras provided by i-PRO Co., Ltd.. If a user views a crafted page while logged in to the affected product, unintended operations may be performed.
4.8
CVE-2025-5721 - SourceCodester Student Result Management System Profile Setting Page update_profile cross site scri…
A vulnerability, which was classified as problematic, was found in SourceCodester Student Result Management System 1.0. This affects an unknown part of the file /script/academic/core/update_profile of the component Profile Setting Page. The manipulation leads to cross site scripting. It is possible…
5.3
CVE-2025-5733 - Modern Events Calendar <= 7.21.9 - Information Exposure
The Modern Events Calendar Lite plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 7.21.9. This is due improper or insufficient validation of the id property when exporting calendars. This makes it possible for unauthenticated attackers to retrieve the …
5.1
CVE-2025-5719 -
The wallet has an authentication bypass vulnerability that allows access to specific pages.
6.9
CVE-2025-5716 - SourceCodester Open Source Clinic Management System login.php sql injection
A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been…
4.8
CVE-2024-46941 - SystemUI component protection settings vulnerability
SystemUI has an incorrect component protection setting, which allows access to specific information.
1
CVE-2025-5715 - Signal App Biometric Authentication missing critical step in authentication
A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the ph…
5.3
CVE-2025-5714 - SoluçõesCoop iSoluçõesWEB Profile Information Update up.upload.php path traversal
A vulnerability was found in SoluçõesCoop iSoluçõesWEB up to 20250516. It has been classified as problematic. This affects an unknown part of the file /sys/up.upload.php of the component Profile Information Update. The manipulation of the argument nomeArquivo leads to path traversal. It is possible…
5.1
CVE-2025-5713 - SoluçõesCoop iSoluçõesWEB Flow fluxos-dashboard cross site scripting
A vulnerability was found in SoluçõesCoop iSoluçõesWEB up to 20250519 and classified as problematic. Affected by this issue is some unknown functionality of the file /fluxos-dashboard of the component Flow Handler. The manipulation of the argument Descrição da solicitação leads to cross site script…