5.3
CVE-2025-2671 - Yue Lao Blind Box 月老盲盒 Upload.php base64image unrestricted upload
A vulnerability was found in Yue Lao Blind Box 月老盲盒 up to 4.0. It has been declared as critical. This vulnerability affects the function base64image of the file /app/controller/Upload.php. The manipulation of the argument data leads to unrestricted upload. The attack can be initiated remotely. The …
6.9
CVE-2025-2665 - PHPGurukul Online Security Guards Hiring System bwdates-reports-details.php sql injection
A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the …
5.1
CVE-2025-2664 - CodeZips Hospital Management System suadpeted.php sql injection
A vulnerability was found in CodeZips Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /suadpeted.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been dis…
6.9
CVE-2025-2663 - PHPGurukul Bank Locker Management System search-locker-details.php sql injection
A vulnerability has been found in PHPGurukul Bank Locker Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /search-locker-details.php. The manipulation of the argument searchinput leads to sql injection. The attack can be launch…
5.3
CVE-2025-2662 - Project Worlds Online Time Table Generator studentdashboard.php sql injection
A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been classified as critical. Affected is an unknown function of the file student/studentdashboard.php. The manipulation of the argument course leads to sql injection. It is possible to launch the attack remotely. Th…
6.9
CVE-2025-2661 - Project Worlds Online Time Table Generator index.php sql injection
A vulnerability was found in Project Worlds Online Time Table Generator 1.0 and classified as critical. This issue affects some unknown processing of the file /staff/index.php. The manipulation of the argument e leads to sql injection. The attack may be initiated remotely. The exploit has been disc…
6.9
CVE-2025-2660 - Project Worlds Online Time Table Generator index.php sql injection
A vulnerability has been found in Project Worlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument e leads to sql injection. The attack can be initiated remotely. The exploit has been di…
6.9
CVE-2025-2659 - Project Worlds Online Time Table Generator index.php sql injection
A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file /student/index.php. The manipulation of the argument e leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee…
6.9
CVE-2025-2658 - PHPGurukul Online Security Guards Hiring System search-request.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Online Security Guards Hiring System 1.0. Affected by this issue is some unknown functionality of the file /search-request.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launc…
6.9
CVE-2025-2657 - projectworlds Apartment Visitors Management System front.php sql injection
A vulnerability classified as critical was found in projectworlds Apartment Visitors Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /front.php. The manipulation of the argument rid leads to sql injection. The attack can be launched remotely. The exploi…