4.8
CVE-2025-4460 - TOTOLINK N150RT URL Filtering Page cross site scripting
A vulnerability classified as problematic has been found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the component URL Filtering Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publicβ¦
5.3
CVE-2025-4459 - code-projects Patient Record Management System fecalysis_form.php sql injection
A vulnerability was found in code-projects Patient Record Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file fecalysis_form.php. The manipulation of the argument itr_no leads to sql injection. The attack may be launched remotely. Tβ¦
9.3
CVE-2025-3711 - ATEN LCD KVM over IP Switch CL5708IM - Stack-based Buffer Overflow
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
9.3
CVE-2025-3710 - ATEN LCD KVM over IP Switch CL5708IM - Stack-based Buffer Overflow
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
5.3
CVE-2025-4458 - code-projects Patient Record Management System edit_upatient.php sql injection
A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edit_upatient.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remoteβ¦
6.9
CVE-2025-4457 - Project Worlds Car Rental Project approve.php sql injection
A vulnerability classified as critical was found in Project Worlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has beenβ¦
6.9
CVE-2025-4456 - Project Worlds Car Rental Project signup.php sql injection
A vulnerability classified as critical has been found in Project Worlds Car Rental Project 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to theβ¦
7.3
CVE-2025-4455 - Patch My PC Home Updater System.IO uncontrolled search path
A vulnerability was found in Patch My PC Home Updater up to 5.1.3.0. It has been rated as critical. This issue affects some unknown processing in the library advapi32.dll/BCrypt.dll/comctl32.dll/crypt32.dll/dwmapi.dll/gdi32.dll/gdiplus.dll/imm32.dll/iphlpapi.dll/kernel32.dll/mscms.dll/msctf.dll/ntdβ¦
5.3
CVE-2025-4454 - D-Link DIR-619L wake_on_lan command injection
A vulnerability was found in D-Link DIR-619L 2.04B04. It has been declared as critical. This vulnerability affects the function wake_on_lan. The manipulation of the argument mac leads to command injection. The attack can be initiated remotely. The vendor was contacted early about this disclosure. Tβ¦
5.3
CVE-2025-4453 - D-Link DIR-619L formSysCmd command injection
A vulnerability was found in D-Link DIR-619L 2.04B04. It has been classified as critical. This affects the function formSysCmd. The manipulation of the argument sysCmd leads to command injection. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure. Tβ¦