Aggregator

Submit #653875 / VDB-325143

A vulnerability was found in Campcodes Grocery Sales and Inventory System 1.0. It has been classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=delete_user. This manipulation of the argument ID causes sql injection. This vulnerability is handled as CVE-2025-10786. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability was found in Campcodes Grocery Sales and Inventory System 1.0 and classified as critical. This affects an unknown part of the file /manage_user.php. The manipulation of the argument ID results in sql injection. This vulnerability is known as CVE-2025-10785. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability has been found in Campcodes Online Learning Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit_subject.php. The manipulation of the argument subject_code leads to sql injection. This vulnerability is traded as CVE-2025-10784. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Campcodes Online Learning Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add_subject.php. Executing manipulation of the argument subject_code can lead to sql injection. This vulnerability appears as CVE-2025-10783. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability, which was classified as critical, has been found in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /admin/class.php. Performing manipulation of the argument class_name results in sql injection. This vulnerability is reported as CVE-2025-10782. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability classified as critical was found in Campcodes Online Learning Management System 1.0. This impacts an unknown function of the file /admin/edit_class.php. Such manipulation of the argument class_name leads to sql injection. This vulnerability is documented as CVE-2025-10781. The attack can be executed remotely. Additionally, an exploit exists.

Submit #653785 / VDB-325142

Submit #653786 / VDB-325141

Submit #653784 / VDB-325141

Airports in Brussels, Berlin, and the UK and Ireland Impacted
Flight cancellations and delays lasting hours at several major European airports including London's Heathrow on Saturday occurred after a cyberattack against a provider of check-in and boarding systems. Hackers late Friday targeted software developed by Collins Aerospace.

A vulnerability classified as critical has been found in CodeAstro Simple Pharmacy Management 1.0. This affects an unknown function of the file /view.php. This manipulation of the argument bar_code causes sql injection. This vulnerability is registered as CVE-2025-10780. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Submit #653783 / VDB-325140

Submit #653782 / VDB-325139

Submit #653781 / VDB-325138

Submit #653780 / VDB-325137

A vulnerability described as critical has been identified in D-Link DCS-935L up to 1.13.01. The impacted element is the function sub_402280 of the file /HNAP1/. The manipulation of the argument HNAP_AUTH/SOAPAction results in stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is cataloged as CVE-2025-10779. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #653714 / VDB-310663

Submit #653704 / VDB-325136