6.6
CVE-2025-49007 - ReDoS Vulnerability in Rack::Multipart handle_mime_head
Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior to version 3.1.16, there is a denial of service vulnerability in the Content-Disposition parsing component of Rack. This is very similar to the previous security issue CVE-2022-44571. Carefully crafted input can cause β¦
5.3
CVE-2025-5617 - PHPGurukul Online Fire Reporting System manage-teams.php sql injection
A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part of the file /admin/manage-teams.php. The manipulation of the argument teamid leads to sql injection. It is possible to initiate the attack remotely. The exploit has beeβ¦
5.3
CVE-2025-5616 - PHPGurukul Online Fire Reporting System profile.php sql injection
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be launched remotely. Thβ¦
5.3
CVE-2025-5615 - PHPGurukul Online Fire Reporting System details.php sql injection
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /details.php. The manipulation of the argument requestid leads to sql injection. The attack can be launched remotely. Thβ¦
5.3
CVE-2025-5614 - PHPGurukul Online Fire Reporting System search-report-result.php sql injection
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. Affected is an unknown function of the file /search-report-result.php. The manipulation of the argument serachdata leads to sql injection. It is possible to launch the attack remotely. The β¦
6.5
CVE-2025-5690 - Cursor allows PostgreSQL Anonymizer masked user to gain unauthorized access to authentic data
PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pg_dump. This problem occurs only when dynamic masking is enabled, which is not the defauβ¦
5.3
CVE-2025-5613 - PHPGurukul Online Fire Reporting System request-details.php sql injection
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This issue affects some unknown processing of the file /request-details.php. The manipulation of the argument requestid leads to sql injection. The attack may be initiated remotely. The exploit has β¦
5.3
CVE-2025-5612 - PHPGurukul Online Fire Reporting System reporting.php sql injection
A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown code of the file /reporting.php. The manipulation of the argument fullname leads to sql injection. The attack can be initiated remotely. The exploit has been β¦
5.3
CVE-2025-5611 - CodeAstro Real Estate Management System submitpropertyupdate.php sql injection
A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown part of the file /submitpropertyupdate.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit haβ¦
5.3
CVE-2025-5610 - CodeAstro Real Estate Management System submitpropertydelete.php sql injection
A vulnerability, which was classified as critical, has been found in CodeAstro Real Estate Management System 1.0. Affected by this issue is some unknown functionality of the file /submitpropertydelete.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remoteβ¦