8.8
CVE-2025-2075 - Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalβ¦
The Uncanny Automator β Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to add_role() and user_role() functions missing proper capability checks performed through the valiβ¦
5.3
CVE-2025-3207 - code-projects Patient Record Management System birthing_form.php sql injection
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /birthing_form.php. The manipulation of the argument birth_id leads to sql injection. The attack may be initiated remotely. The exploit β¦
5.3
CVE-2025-3206 - code-projects Hospital Management System doctor-specilization.php sql injection
A vulnerability has been found in code-projects Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. The attack can be initiated reβ¦
0.0
CVE-2025-29869 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
0.0
CVE-2025-32085 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
5.3
CVE-2025-3205 - CodeAstro Student Grading System studentsubject.php sql injection
A vulnerability, which was classified as critical, was found in CodeAstro Student Grading System 1.0. This affects an unknown part of the file studentsubject.php. The manipulation of the argument studentId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been β¦
5.3
CVE-2025-3204 - CodeAstro Car Rental System returncar.php sql injection
A vulnerability, which was classified as critical, has been found in CodeAstro Car Rental System 1.0. Affected by this issue is some unknown functionality of the file /returncar.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has beeβ¦
5.3
CVE-2025-3203 - Tenda W18E setModules formSetAccountList stack-based overflow
A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The exβ¦
6.9
CVE-2025-3202 - ageerle ruoyi-ai SysNoticeController.java improper authorization
A vulnerability classified as critical has been found in ageerle ruoyi-ai up to 2.0.0. Affected is an unknown function of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysNoticeController.java. The manipulation leads to improper authorization. It is possible tβ¦
6.5
CVE-2025-26401 -
Weak encoding for password vulnerability exists in HMI ViewJet C-more series. If this vulnerability is exploited, authentication information may be obtained by a local authenticated attacker.