4.8
CVE-2025-15188 - Campcodes Complete Online Beauty Parlor Management System search-invoices.php cross site scripting
A vulnerability was determined in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/search-invoices.php. Executing a manipulation of the argument searchdata can lead to cross site scripting. The attack can be launched remotely.β¦
5.1
CVE-2025-15187 - GreenCMS File DataController.class.php path traversal
A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file /DataController.class.php of the component File Handler. Performing a manipulation of the argument sqlFiles/zipFiles results in path traversal. The attack can be initiated remotely. The exploit has been made pβ¦
7.1
CVE-2026-0810 - Gix-date: gix-date: undefined behavior due to invalid string generation
A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the `TimeBuf` component, leading to undefined behavior when these malformed strings are subsequently proceβ¦
6.9
CVE-2025-15186 - code-projects Refugee Food Management System addusers.php sql injection
A vulnerability has been found in code-projects Refugee Food Management System 1.0. Affected by this issue is some unknown functionality of the file /home/addusers.php. Such manipulation of the argument a leads to sql injection. It is possible to launch the attack remotely. The exploit has been disβ¦
6.9
CVE-2025-15185 - code-projects Refugee Food Management System refugeesreport.php sql injection
A flaw has been found in code-projects Refugee Food Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /home/refugeesreport.php. This manipulation of the argument a causes sql injection. It is possible to initiate the attack remotely. The exploit has been β¦
6.9
CVE-2025-15184 - code-projects Refugee Food Management System refugeesreport2.php sql injection
A vulnerability was detected in code-projects Refugee Food Management System 1.0. Affected is an unknown function of the file /home/refugeesreport2.php. The manipulation of the argument a results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.
6.9
CVE-2025-15183 - code-projects Refugee Food Management System viewtakenfd.php sql injection
A security vulnerability has been detected in code-projects Refugee Food Management System 1.0. This impacts an unknown function of the file /home/viewtakenfd.php. The manipulation of the argument tfid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been dβ¦
6.9
CVE-2025-15182 - code-projects Refugee Food Management System served.php sql injection
A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown function of the file /home/served.php. Executing manipulation of the argument refNo can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the β¦
6.9
CVE-2025-15181 - code-projects Refugee Food Management System pagenateRefugeesList.php sql injection
A security flaw has been discovered in code-projects Refugee Food Management System 1.0. The impacted element is an unknown function of the file /home/pagenateRefugeesList.php. Performing manipulation of the argument rfid results in sql injection. Remote exploitation of the attack is possible. The β¦
8.6
CVE-2025-15180 - Tenda WH450 HTTP Request webExcptypemanFilte stack-based overflow
A vulnerability was identified in Tenda WH450 1.0.0.18. The affected element is an unknown function of the file /goform/webExcptypemanFilte of the component HTTP Request Handler. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exβ¦