6.9
CVE-2025-5677 - Campcodes Online Recruitment Management System ajax.php sql injection
A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/ajax.php?action=save_application. The manipulation of the argument position_id leads to sql injection. The attack may be initโฆ
6.9
CVE-2025-5676 - Campcodes Online Recruitment Management System ajax.php sql injection
A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotelyโฆ
6.9
CVE-2025-5675 - Campcodes Online Teacher Record Management System bwdates-reports-details.php sql injection
A vulnerability was found in Campcodes Online Teacher Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /trms/admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiaโฆ
5.6
CVE-2025-5702 - glibc: Vector register overwrite bug in glibc
The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in overwriting of its conโฆ
5.3
CVE-2025-5674 - code-projects Patient Record Management System urinalysis_form.php sql injection
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file urinalysis_form.php. The manipulation of the argument urinalysis_id leads to sql injection. The attack may be launched remotelโฆ
5.4
CVE-2025-46258 - WordPress Element Pack Pro Plugin < 8.0.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in BdThemes Element Pack Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Pack Pro: from n/a before 8.0.0.
4.3
CVE-2025-46257 - WordPress Element Pack Pro Plugin < 8.0.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in BdThemes Element Pack Pro allows Cross Site Request Forgery.This issue affects Element Pack Pro: from n/a before 8.0.0.
8.7
CVE-2025-5672 - TOTOLINK N302R Plus HTTP POST Request formFilter buffer overflow
A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument url leads to buffer overflowโฆ
8.7
CVE-2025-5671 - TOTOLINK N302R Plus HTTP POST Request formPortFw buffer overflow
A vulnerability, which was classified as critical, was found in TOTOLINK N302R Plus up to 3.4.0-B20201028. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type leads to buffer overflow. It is possiblโฆ
5.3
CVE-2025-5670 - PHPGurukul Medical Card Generation System manage-card.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/manage-card.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exโฆ