2.1
CVE-2025-0214 - TMD Custom Header Menu index.php sql injection
A vulnerability was found in TMD Custom Header Menu 4.0.0.1 on OpenCart. It has been rated as problematic. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument headermenu_id leads to sql injection. The attack may be initiated remotely. The compleβ¦
5.3
CVE-2025-0213 - Campcodes Project Management System update_forms.php unrestricted upload
A vulnerability was found in Campcodes Project Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forms/update_forms.php?action=change_pic2&id=4. The manipulation of the argument file leads to unrestricted upload. The attack can be initiateβ¦
5.3
CVE-2025-0212 - Campcodes Student Grading System view_students.php sql injection
A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /view_students.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been discloβ¦
5.3
CVE-2025-0211 - Campcodes School Faculty Scheduling System index.php file inclusion
A vulnerability was found in Campcodes School Faculty Scheduling System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The exploit β¦
5.9
CVE-2024-41763 - IBM Engineering Lifecycle Optimization - Publishing information disclosure
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
7.5
CVE-2024-41766 - IBM Engineering Lifecycle Optimization - Publishing denial of service
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause a denial of service using a complex regular expression.
6.5
CVE-2024-41765 - IBM Engineering Lifecycle Optimization - Publishing directory traversal
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
7.3
CVE-2024-41767 - IBM Engineering Lifecycle Optimization - Publishing SQL injection
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
6.5
CVE-2024-41768 - IBM Engineering Lifecycle Optimization - Publishing unhandled SLL exception
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause an unhandled SSL exception which could leave the connection in an unexpected or insecure state.
6.9
CVE-2025-0210 - Campcodes School Faculty Scheduling System ajax.php sql injection
A vulnerability has been found in Campcodes School Faculty Scheduling System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login. The manipulation of the argument username leads to sql injection. The attack can be launcβ¦