6.9
CVE-2025-2642 - PHPGurukul Art Gallery Management System edit-art-product-detail.php sql injection
A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.0. This affects an unknown part of the file /admin/edit-art-product-detail.php?editid=2. The manipulation of the argument editide/sprice/description leads to sql injection. It is possible to iβ¦
4.1
CVE-2025-1446 - Pods < 3.2.8.2 - Admin+ SQL Injection
The Pods WordPress plugin before 3.2.8.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
4.8
CVE-2025-0718 - Nested Pages < 3.2.13 - Contributor+ Stored XSS
The Nested Pages WordPress plugin before 3.2.13 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
6.9
CVE-2025-2641 - PHPGurukul Art Gallery Management System edit-artist-detail.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit-artist-detail.php?editid=1. The manipulation of the argument Name leads to sql injection. The attack may beβ¦
6.9
CVE-2025-2640 - PHPGurukul Doctor Appointment Management System appointment-bwdates-reports-details.php sql injectiβ¦
A vulnerability was found in PHPGurukul Doctor Appointment Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /doctor/appointment-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack maβ¦
5.3
CVE-2025-2639 - JIZHICMS Article release.html improper authorization
A vulnerability has been found in JIZHICMS up to 1.7.0 and classified as problematic. This vulnerability affects unknown code of the file /user/release.html of the component Article Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has beenβ¦
5.3
CVE-2025-2638 - JIZHICMS Article release.html improper authorization
A vulnerability, which was classified as problematic, was found in JIZHICMS up to 1.7.0. This affects an unknown part of the file /user/release.html of the component Article Handler. The manipulation of the argument ishot with the input 1 leads to improper authorization. It is possible to initiate β¦
5.3
CVE-2025-2637 - JIZHICMS Account Profile Page userinfo.html improper authorization
A vulnerability, which was classified as problematic, has been found in JIZHICMS up to 1.7.0. Affected by this issue is some unknown functionality of the file /user/userinfo.html of the component Account Profile Page. The manipulation of the argument jifen leads to improper authorization. The attacβ¦
5.3
CVE-2025-2628 - PHPGurukul Art Gallery Management System art-enquiry.php sql injection
A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1. Affected is an unknown function of the file /art-enquiry.php. The manipulation of the argument eid leads to sql injection. It is possible to launch the attack remotely. The exploit has beenβ¦
5.3
CVE-2025-2627 - PHPGurukul Art Gallery Management System contactus.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle leads to sql injection. The attack may be initiated remotely. Thβ¦