Aggregator

Submit #603563 / VDB-314337

A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit_plan.php. The manipulation of the argument editid leads to sql injection. This vulnerability is traded as CVE-2025-6862. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add_plan.php. The manipulation of the argument plan_name/description/duration_days/price leads to sql injection. The identification of this vulnerability is CVE-2025-6861. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/staff_commision.php. The manipulation of the argument fromdate/todate leads to sql injection. This vulnerability was named CVE-2025-6860. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/pro_sale.php. The manipulation of the argument fromdate/todate leads to sql injection. This vulnerability is uniquely identified as CVE-2025-6859. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #603562 / VDB-314336

Submit #603386 / VDB-314335

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-6858. The attack needs to be approached locally. Furthermore, there is an exploit available.

A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5G__node_cmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2025-6857. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FL__reg_gc_list of the file src/H5FL.c. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-6856. Attacking locally is a requirement. Furthermore, there is an exploit available.

Submit #603378 / VDB-314334

Submit #603375 / VDB-314333

Submit #603374 / VDB-314332

Submit #603373 / VDB-314331

A vulnerability, which was classified as critical, has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This issue affects some unknown processing of the file /v1/file. The manipulation of the argument flag leads to path traversal. The identification of this vulnerability is CVE-2025-6855. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.

Submit #602530 / VDB-314330

A vulnerability classified as critical was found in chatchat-space Langchain-Chatchat up to 0.3.1. This vulnerability affects unknown code of the file /v1/files?purpose=assistants. The manipulation leads to path traversal. This vulnerability was named CVE-2025-6854. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This affects the function upload_temp_docs of the file /knowledge_base/upload_temp_docs of the component Backend. The manipulation of the argument flag leads to path traversal. This vulnerability is uniquely identified as CVE-2025-6853. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #602529 / VDB-314329

Submit #602528 / VDB-314328