6.9
CVE-2025-3265 - PHPGurukul e-Diary Management System add-category.php sql injection
A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-category.php. The manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit β¦
9.2
CVE-2024-11235 - Reference counting in php_request_shutdown causes Use-After-Free
In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??=Β Β operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the β¦
8.7
CVE-2025-3259 - Tenda RX3 SetOnlineDevName formSetDeviceName stack-based overflow
A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. Thβ¦
6.9
CVE-2025-3258 - PHPGurukul Old Age Home Management System search.php sql injection
A vulnerability classified as critical was found in PHPGurukul Old Age Home Management System 1.0. This vulnerability affects unknown code of the file /search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been discloseβ¦
5.3
CVE-2025-3257 - xujiangfei admintwo updateSet cross-site request forgery
A vulnerability classified as problematic has been found in xujiangfei admintwo 1.0. This affects an unknown part of the file /user/updateSet. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may bβ¦
5.3
CVE-2025-3256 - xujiangfei admintwo updateSet access control
A vulnerability was found in xujiangfei admintwo 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user/updateSet. The manipulation of the argument email leads to improper access controls. The attack may be launched remotely. The exploit has been β¦
5.3
CVE-2025-3255 - xujiangfei admintwo home access control
A vulnerability was found in xujiangfei admintwo 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /user/home. The manipulation of the argument ID leads to improper access controls. The attack can be launched remotely. The exploit has bβ¦
5.3
CVE-2025-3254 - xujiangfei admintwo add server-side request forgery
A vulnerability was found in xujiangfei admintwo 1.0. It has been classified as critical. Affected is an unknown function of the file /resource/add. The manipulation of the argument description leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been β¦
0.0
CVE-2025-32178 - WordPress 6Storage Rentals plugin <= 2.20.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 6Storage Rentals: from n/a through <= 2.20.2.
0.0
CVE-2025-32250 - WordPress Rollbar plugin <= 2.7.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in rollbar Rollbar rollbar allows Cross Site Request Forgery.This issue affects Rollbar: from n/a through <= 2.7.1.