6.9
CVE-2025-4900 - Campcodes Sales and Inventory System payment.php sql injection
A vulnerability classified as critical has been found in Campcodes Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/payment.php. The manipulation of the argument cid leads to sql injection. It is possible to launch the attack remotely. The exploit has been discloseโฆ
6.9
CVE-2025-4899 - Campcodes Sales and Inventory System transaction_update.php sql injection
A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pages/transaction_update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit hโฆ
5.3
CVE-2025-4898 - SourceCodester Student Result Management System Logo File update_system.php unlink path traversal
A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects the function unlink of the file update_system.php of the component Logo File Handler. The manipulation of the argument old_logo leads to path traversal. Theโฆ
8.7
CVE-2025-4897 - Tenda A15 HTTP POST Request multimodalAdd buffer overflow
A vulnerability was found in Tenda A15 15.13.07.09/15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/multimodalAdd of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. Tโฆ
8.7
CVE-2025-4896 - Tenda AC10 UserCongratulationsExec buffer overflow
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/UserCongratulationsExec. The manipulation of the argument getuid leads to buffer overflow. The attack may be launched remotely. The exploit has beโฆ
6.9
CVE-2025-4895 - SourceCodester Doctors Appointment System delete-session.php sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/delete-session.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. Theโฆ
6.3
CVE-2025-4894 - calmkart Django-sso-server crypto.py gen_rsa_keys inadequate encryption
A vulnerability classified as problematic was found in calmkart Django-sso-server up to 057247929a94ffc358788a37ab99e391379a4d15. This vulnerability affects the function gen_rsa_keys of the file common/crypto.py. The manipulation leads to inadequate encryption strength. The attack can be initiated โฆ
5.3
CVE-2025-4893 - jammy928 CoinExchange_CryptoExchange_Java File Upload Endpoint UploadFileUtil.java uploadLocalImageโฆ
A vulnerability classified as critical has been found in jammy928 CoinExchange_CryptoExchange_Java up to 8adf508b996020d3efbeeb2473d7235bd01436fa. This affects the function uploadLocalImage of the file /CoinExchange_CryptoExchange_Java-master/00_framework/core/src/main/java/com/bizzan/bitrade/util/โฆ
4.8
CVE-2025-4892 - code-projects Police Station Management System Delete Record source.cpp remove stack-based overflow
A vulnerability was found in code-projects Police Station Management System 1.0. It has been declared as critical. Affected by this vulnerability is the function criminal::remove of the file source.cpp of the component Delete Record. The manipulation of the argument No leads to stack-based buffer oโฆ
4.8
CVE-2025-4891 - code-projects Police Station Management System Display Record source.cpp display buffer overflow
A vulnerability was found in code-projects Police Station Management System 1.0. It has been classified as critical. Affected is the function criminal::display of the file source.cpp of the component Display Record. The manipulation of the argument N leads to buffer overflow. It is possible to launโฆ