Aggregator

2025北京网络安全大会蓄势待发，这场汇聚智慧、交流技术、共商发展的盛会，必将为网络安全领域带来新的活力与突破。

在这个行动周还没收了价值350万欧元的密币

Submit #582936 / VDB-310312

A vulnerability was found in Kashipara Responsive Online Learing Platform 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /courses/course_detail_user_new.php. The manipulation of the argument ID leads to sql injection. This vulnerability is handled as CVE-2025-5214. The attack may be launched remotely. Furthermore, there is an exploit available. The name of the affected product appears to have a typo in it.

Submit #582935 / VDB-310311

A vulnerability was found in projectworlds Responsive E-Learning System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/delete_file.php. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2025-5213. The attack can be launched remotely. Furthermore, there is an exploit available.

Submit #582929 / VDB-310310

Submit #582909 / VDB-310309

A vulnerability was found in PHPGurukul Employee Record Management System 1.3. It has been classified as critical. Affected is an unknown function of the file /admin/editempexp.php. The manipulation of the argument emp1name leads to sql injection. This vulnerability is traded as CVE-2025-5212. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This issue affects some unknown processing of the file /myprofile.php. The manipulation of the argument EmpCode leads to sql injection. The identification of this vulnerability is CVE-2025-5211. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This vulnerability affects unknown code of the file /loginerms.php. The manipulation of the argument Email leads to sql injection. This vulnerability was named CVE-2025-5210. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in SourceCodester Online Hospital Management System 1.0. This affects an unknown part of the file /admin/check_availability.php. The manipulation of the argument emailid leads to sql injection. This vulnerability is uniquely identified as CVE-2025-5208. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #582812 / VDB-310308

Submit #582809 / VDB-310307

Submit #582802 / VDB-310306

A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this issue is some unknown functionality of the file /superadmin_update_profile.php. The manipulation of the argument nickname/email leads to sql injection. This vulnerability is handled as CVE-2025-5207. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #582279 / VDB-310305

A vulnerability classified as critical was found in Pixelimity 1.0. Affected by this vulnerability is an unknown functionality of the file /install/index.php of the component Installation. The manipulation of the argument site_description leads to sql injection. This vulnerability is known as CVE-2025-5206. The attack can be launched remotely. Furthermore, there is an exploit available.