6.9

CVSS4.0

CVE-2025-8339 - code-projects Intern Membership Management System student_login.php sql injection

A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /student_login.php. The manipulation of the argument user_name/password leads to sql injection. It is possible to initiate the attack remo…

πŸ“… Published: July 31, 2025, 12:02 a.m. πŸ”„ Last Modified: Aug. 5, 2025, 7:32 p.m.

3.5

CVSS3.1

CVE-2025-51383 -

D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 4, 2025, 9 a.m.

8.8

CVSS3.1

CVE-2025-50572 -

An issue was discovered in Archer Technology RSA Archer 6.11.00204.10014 allowing attackers to execute arbitrary code via crafted system inputs that would be exported into the CSV and be executed after the user opened the file with compatible applications.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 4, 2025, 3:06 p.m.

9.8

CVSS3.1

CVE-2025-50475 -

An OS command injection vulnerability exists in Russound MBX-PRE-D67F firmware version 3.1.6, allowing unauthenticated attackers to execute arbitrary commands as root via crafted input to the hostname parameter in network configuration requests. This vulnerability stems from improper neutralization…

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: July 31, 2025, 8:56 p.m.

7

CVSS3.1

CVE-2025-45768 - pyjwt: pyjwt Weak Encryption Vulnerability

pyjwt v2.10.1 was discovered to contain weak encryption.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 4, 2025, 3:06 p.m.

5.4

CVSS3.1

CVE-2025-29557 -

ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint, where users with operator-level privileges can issue an HTTP request to retrieve SMTP credentials, including plaintext passwords.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: July 31, 2025, 8:15 p.m.

7.3

CVSS3.1

CVE-2025-29556 -

ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3, ExaGrid enforces restrictions preventing users with the Admin role from creating or modifying users with the Security Officer role without approval. However, a flaw in the account creation process allows an a…

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 4, 2025, 9 a.m.

6.3

CVSS3.1

CVE-2024-34328 -

An open redirect in Sielox AnyWare v2.1.2 allows attackers to execute a man-in-the-middle attack via a crafted URL.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 4, 2025, 9 a.m.

9.8

CVSS3.1

CVE-2025-26063 -

An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into the ESSID name when creating a network.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 4, 2025, 3:06 p.m.

9.8

CVSS3.1

CVE-2025-26062 -

An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the current settings.

πŸ“… Published: July 31, 2025, midnight πŸ”„ Last Modified: Aug. 5, 2025, 11:56 a.m.
Total resulsts: 304715
Page 93 of 30,472
Β« previous page Β» next page
Filters