6.9
CVE-2025-2050 - PHPGurukul User Registration & Login and User Management System login.php sql injection
A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Management System 3.3. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotβ¦
5.1
CVE-2025-2049 - code-projects Blood Bank System AB+.php cross site scripting
A vulnerability classified as problematic has been found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file AB+.php. The manipulation of the argument Bloodname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been discloseβ¦
5.1
CVE-2025-2047 - PHPGurukul Art Gallery Management System search.php cross site scripting
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /search.php. The manipulation of the argument search leads to cross site scripting. It is possible to initiate the attack remotely. The exploit β¦
7.5
CVE-2025-27598 - Out-of-bounds Write in SixLabors ImageSharp
ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to v3β¦
5.3
CVE-2025-2046 - SourceCodester Best Employee Management System print1.php sql injection
A vulnerability was found in SourceCodester Best Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/print1.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploiβ¦
5.1
CVE-2025-2044 - code-projects Blood Bank Management System delete_bloodGroup.php sql injection
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/delete_bloodGroup.php. The manipulation of the argument blood_id leads to sql injection. The attack can be lauβ¦
5.1
CVE-2025-2043 - LinZhaoguan pb-cms Add New Topic admin#themes deserialization
A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and classified as critical. This issue affects some unknown processing of the file /admin#themes of the component Add New Topic Handler. The manipulation of the argument Topic Key leads to deserialization. The attack may be initiated remotely. Tβ¦
5.3
CVE-2025-2042 - huang-yk student-manage cross-site request forgery
A vulnerability has been found in huang-yk student-manage 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
5.3
CVE-2025-2041 - s-a-zhd Ecommerce-Website-using-PHP shop.php sql injection
A vulnerability, which was classified as critical, has been found in s-a-zhd Ecommerce-Website-using-PHP 1.0. Affected by this issue is some unknown functionality of the file /shop.php. The manipulation of the argument p_cat leads to sql injection. The attack may be launched remotely. The exploit hβ¦
5.3
CVE-2025-2040 - zhijiantianya ruoyi-vue-pro deploy special elements used in a template engine
A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this vulnerability is an unknown functionality of the file /admin-api/bpm/model/deploy. The manipulation leads to improper neutralization of special elements used in a template engine. The attack can β¦