5.3
CVE-2025-4022 - web-arena-x webarena evaluators.py HTMLContentEvaluator code injection
A vulnerability was found in web-arena-x webarena up to 0.2.0. It has been declared as critical. This vulnerability affects the function HTMLContentEvaluator of the file webarena/evaluation_harness/evaluators.py. The manipulation of the argument target["url"] leads to code injection. The attack canβ¦
5.3
CVE-2025-4021 - code-projects Patient Record Management System edit_spatient.php sql injection
A vulnerability was found in code-projects Patient Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit_spatient.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit hβ¦
6.9
CVE-2025-4020 - PHPGurukul Old Age Home Management System contact.php sql injection
A vulnerability was found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /contact.php. The manipulation of the argument fname leads to sql injection. The attack may be launched remotely. The exploit has bβ¦
5.3
CVE-2025-32472 - DoS attack by conducting a slowloris-type attack
The multiScan and picoScan are vulnerable to a denial-of-service (DoS) attack. A remote attacker can exploit this vulnerability by conducting a Slowloris-type attack, causing the web page to become unresponsive.
6.9
CVE-2025-4019 - 20120630 Novel-Plus GeneratorController.java genCode missing authentication
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The manipulation leads to missing authenβ¦
6.9
CVE-2025-4018 - 20120630 Novel-Plus CrawlController.java addCrawlSource missing authentication
A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This issue affects the function addCrawlSource of the file novel-crawl/src/main/java/com/java2nb/novel/controller/CrawlController.java. The manipulation leads to β¦
5.3
CVE-2025-4017 - 20120630 Novel-Plus LogController.java list improper authorization
A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authoriβ¦
5.3
CVE-2025-4016 - 20120630 Novel-Plus LogController.java deleteIndex improper authorization
A vulnerability classified as critical has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This affects the function deleteIndex of the file novel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorizationβ¦
6.9
CVE-2025-4015 - 20120630 Novel-Plus SessionController.java list missing authentication
A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. It has been rated as critical. Affected by this issue is the function list of the file novel-system/src/main/java/com/java2nb/system/controller/SessionController.java. The manipulation leads to missing β¦
9.1
CVE-2025-3200 - Com-Server Exposed via Weak TLS
An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems.