5.3
CVE-2024-38866 - Livestatus Injection in dynmaps
Improper neutralization of input in Nagvis before version 1.9.47 which can lead to livestatus injection
5.1
CVE-2025-5232 - PHPGurukul Student Study Center Management System report.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Student Study Center Management System 1.0. This issue affects some unknown processing of the file /admin/report.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be initiated β¦
1.2
CVE-2025-48382 - Fess has Insecure Temporary File Permissions
Fess is a deployable Enterprise Search Server. Prior to version 14.19.2, the createTempFile() method in org.codelibs.fess.helper.SystemHelper creates temporary files without explicitly setting restrictive permissions. This could lead to potential information disclosure, allowing unauthorized local β¦
6.9
CVE-2025-5231 - PHPGurukul Company Visitor Management System forgot-password.php sql injection
A vulnerability classified as critical was found in PHPGurukul Company Visitor Management System 1.0. This vulnerability affects unknown code of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been dβ¦
6.8
CVE-2025-48054 - Radashi Vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototypeβ¦
Radashi is a TypeScript utility toolkit. Prior to version 12.5.1, the set function within the Radashi library is vulnerable to prototype pollution. If an attacker can control parts of the path argument to the set function, they could potentially modify the prototype of all objects in the JavaScriptβ¦
6.9
CVE-2025-5230 - PHPGurukul Online Nurse Hiring System bwdates-report-details.php sql injection
A vulnerability classified as critical has been found in PHPGurukul Online Nurse Hiring System 1.0. This affects an unknown part of the file /admin/bwdates-report-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. Thβ¦
6.9
CVE-2025-5229 - Campcodes Online Hospital Management System view-patient.php sql injection
A vulnerability was found in Campcodes Online Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/view-patient.php. The manipulation of the argument viewid leads to sql injection. The attack may be launched remotely.β¦
8.7
CVE-2025-5228 - D-Link DI-8100 jhttpd login.cgi httpd_get_parm stack-based overflow
A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow. The attack can only be initiated withβ¦
6.9
CVE-2025-5227 - PHPGurukul Small CRM manage-tickets.php sql injection
A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file /admin/manage-tickets.php. The manipulation of the argument aremark leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed tβ¦
6.9
CVE-2025-5226 - PHPGurukul Small CRM change-password.php sql injection
A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-password.php. The manipulation of the argument oldpass leads to sql injection. The attack can be initiated remotely. The exploit has been discloseβ¦