5.3
CVE-2025-1580 - PHPGurukul Nipah Virus Testing Management System search-report-result.php sql injection
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /search-report-result.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotβ¦
4.8
CVE-2025-1579 - code-projects Blood Bank System user.php cross site scripting
A vulnerability was found in code-projects Blood Bank System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/user.php. The manipulation of the argument email leads to cross site scripting. The attack may be initiated remotely. The exploit has been diβ¦
5.3
CVE-2025-1578 - PHPGurukul/Campcodes Online Shopping Portal search-result.php sql injection
A vulnerability, which was classified as critical, was found in PHPGurukul/Campcodes Online Shopping Portal 2.1. This affects an unknown part of the file /search-result.php. The manipulation of the argument Product leads to sql injection. It is possible to initiate the attack remotely. The exploit β¦
5.1
CVE-2025-1577 - code-projects Blood Bank System prostatus.php cross site scripting
A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank System 1.0. Affected by this issue is some unknown functionality of the file /prostatus.php. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. β¦
6.1
CVE-2024-13728 - Accept Donations with PayPal & Stripe <= 1.4.4 - Reflected Cross-Site Scripting
The Accept Donations with PayPal & Stripe plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the rf parameter in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject β¦
5.3
CVE-2025-1576 - code-projects Real Estate Property Management System ajax_state.php sql injection
A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax_state.php. The manipulation of the argument StateName as part of String leads to sql injection. The attack can bβ¦
5.3
CVE-2025-1575 - Harpia DiagSystem atualatendimento_jpeg.php resource injection
A vulnerability classified as problematic has been found in Harpia DiagSystem 12. Affected is an unknown function of the file /diagsystem/PACS/atualatendimento_jpeg.php. The manipulation of the argument cod/codexame leads to improper control of resource identifiers. It is possible to launch the attβ¦
7.3
CVE-2022-28339 -
Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability that could allow an attacker with low user privileges to create a malicious DLL that could lead to escalated privileges.
10
CVE-2025-26776 - WordPress Chaty Pro Plugin <= 3.3.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3.
7.1
CVE-2025-26774 - WordPress Responsive Modal Builder for High Conversion β Easy Popups plugin <= 1.5.0 - Cross Site Sβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rock Solid Responsive Modal Builder for High Conversion β Easy Popups easy-popups allows Reflected XSS.This issue affects Responsive Modal Builder for High Conversion β Easy Popups: from n/a througβ¦