6.9
CVE-2025-14620 - code-projects Student File Management System login_query.php sql injection
A vulnerability was determined in code-projects Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/login_query.php. Executing manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit haβ¦
6.9
CVE-2025-14619 - code-projects Student File Management System login_query.php sql injection
A vulnerability was found in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file login_query.php. Performing manipulation of the argument stud_no results in sql injection. The attack may be initiated remotely. The exploit has beenβ¦
4.8
CVE-2025-14617 - Jehovahs Witnesses JW Library App org.jw.jwlibrary.mobile.activity.SiloContainer path traversal
A vulnerability has been found in Jehovahs Witnesses JW Library App up to 15.5.1 on Android. Affected is an unknown function of the component org.jw.jwlibrary.mobile.activity.SiloContainer. Such manipulation leads to path traversal. Local access is required to approach this attack. The exploit has β¦
5.3
CVE-2025-14607 - OFFIS DCMTK dcmdata dcbytstr.cc makeDicomByteString memory corruption
A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function DcmByteString::makeDicomByteString of the file dcmdata/libsrc/dcbytstr.cc of the component dcmdata. The manipulation results in memory corruption. The attack can be launched remotely. Upgrading to versioβ¦
2.3
CVE-2025-14606 - tiny-rdm Tiny RDM Pickle Decoding pickle_convert.go pickle.loads deserialization
A security vulnerability has been detected in tiny-rdm Tiny RDM up to 1.2.5. Affected by this vulnerability is the function pickle.loads of the file pickle_convert.go of the component Pickle Decoding. The manipulation leads to deserialization. The attack can be initiated remotely. A high degree of β¦
6.9
CVE-2025-14590 - code-projects Prison Management System search1.php sql injection
A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed pβ¦
5.3
CVE-2025-14589 - code-projects Prison Management System search.php sql injection
A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack may be performed from remote. The exploit has been made avaiβ¦
6.9
CVE-2025-14588 - itsourcecode Student Management System update_program.php sql injection
A security flaw has been discovered in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /update_program.php. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been reβ¦
7.5
CVE-2025-14542 - Command execution in python-utcp allows attackers to achieve remote code execution when fetching a β¦
The vulnerability arises when a client fetches a toolsβ JSON specification, known as a Manual, from a remote Manual Endpoint. While a provider may initially serve a benign manual (e.g., one defining an HTTP tool call), earning the clientsβ trust, a malicious provider can later change the manual to β¦
6.9
CVE-2025-14587 - itsourcecode Online Pet Shop Management System available.php sql injection
A vulnerability was identified in itsourcecode Online Pet Shop Management System 1.0. This affects an unknown part of the file /pet1/available.php. Such manipulation of the argument Name leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.