Aggregator
Submit #515735: viames Pair Framework <=1.9.11 PHP Object Injection [Accepted]
6 months ago
Submit #515735 / VDB-299875
mcdruid
CVE-2025-2375 | PHPGurukul Human Metapneumovirus Testing Management System 1.0 Admin Profile Page /profile.php email cross site scripting
6 months ago
A vulnerability, which was classified as problematic, was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected is an unknown function of the file /profile.php of the component Admin Profile Page. The manipulation of the argument email leads to cross site scripting.
This vulnerability is traded as CVE-2025-2375. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-2374 | PHPGurukul Human Metapneumovirus Testing Management System 1.0 /profile.php aid/adminname/mobilenumber/email sql injection
6 months ago
A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument aid/adminname/mobilenumber/email leads to sql injection.
The identification of this vulnerability is CVE-2025-2374. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-2373 | PHPGurukul Human Metapneumovirus Testing Management System 1.0 /check_availability.php mobnumber/employeeid sql injection
6 months ago
A vulnerability classified as critical was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This vulnerability affects unknown code of the file /check_availability.php. The manipulation of the argument mobnumber/employeeid leads to sql injection.
This vulnerability was named CVE-2025-2373. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-2372 | PHPGurukul Human Metapneumovirus Testing Management System 1.0 Password Recovery Page /password-recovery.php username sql injection
6 months ago
A vulnerability classified as critical has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This affects an unknown part of the file /password-recovery.php of the component Password Recovery Page. The manipulation of the argument username leads to sql injection.
This vulnerability is uniquely identified as CVE-2025-2372. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-2371 | PHPGurukul Human Metapneumovirus Testing Management System 1.0 Registered Mobile Number Search registered-user-testing.php regmobilenumber cross site scripting
6 months ago
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /registered-user-testing.php of the component Registered Mobile Number Search. The manipulation of the argument regmobilenumber leads to cross site scripting.
This vulnerability is handled as CVE-2025-2371. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #515444: PHPGurukul Human Metapneumovirus Testing Management System profile.php Stored cross-site scripting [Accepted]
6 months ago
Submit #515444 / VDB-299874
WenGui
Submit #515429: PHPGurukul Human Metapneumovirus Testing Management System 1.0 SQL Injection [Accepted]
6 months ago
Submit #515429 / VDB-299873
WenGui
Submit #515455: PHPGurukul Human Metapneumovirus Testing Management System check_availability.php SQL Injection [Duplicate]
6 months ago
Submit #515455 / VDB-299872
WenGui
Submit #515408: PHPGurukul Human Metapneumovirus Testing Management System 1.0 SQL Injection [Accepted]
6 months ago
Submit #515408 / VDB-299872
WenGui
Submit #515390: PHPGurukul Human Metapneumovirus 1.0 SQL Injection [Duplicate]
6 months ago
Submit #515390 / VDB-299871
WenGui
Submit #515389: PHPGurukul Human Metapneumovirus 1.0 https://github.com/SECWG/cve/issues/5 [Accepted]
6 months ago
Submit #515389 / VDB-299871
WenGui
Submit #515347: PHPGurukul Human Metapneumovirus (HMPV) – Testing Management System 1.0 Cross Site Scripting [Accepted]
6 months ago
Submit #515347 / VDB-299870
lxk_
Врут и не краснеют: ИИ-поисковики превзошли человека в искусстве лжи
6 months ago
Ученые проверили, как чат-боты справляются с проверкой новостей. И результаты не радуют.
CVE-2025-2370 | TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316 /cgi-bin/cstecgi.cgi setWiFiExtenderConfig apcliSsid stack-based overflow
6 months ago
A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been declared as critical. Affected by this vulnerability is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliSsid leads to stack-based buffer overflow.
This vulnerability is known as CVE-2025-2370. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-2369 | TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316 /cgi-bin/cstecgi.cgi setPasswordCfg admpass stack-based overflow
6 months ago
A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow.
This vulnerability is traded as CVE-2025-2369. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-2368 | WebAssembly wabt 1.0.36 Malformed File binary-reader-interp.cc OnExport heap-based overflow (Issue 2556)
6 months ago
A vulnerability was found in WebAssembly wabt 1.0.36 and classified as critical. This issue affects the function wabt::interp::(anonymous namespace)::BinaryReaderInterp::OnExport of the file wabt/src/interp/binary-reader-interp.cc of the component Malformed File Handler. The manipulation leads to heap-based buffer overflow.
The identification of this vulnerability is CVE-2025-2368. The attack may be initiated remotely. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
Submit #515329: Totolink EX1800T V9.1.0cu.2112_B20220316 Stack-based Buffer Overflow [Accepted]
6 months ago
Submit #515329 / VDB-299869
selph
Submit #515328: Totolink EX1800T V9.1.0cu.2112_B20220316 Stack-based Buffer Overflow [Accepted]
6 months ago
Submit #515328 / VDB-299868
selph