VulDB Recent Entries

A vulnerability classified as critical was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-ambulance.php. The manipulation of the argument ambregnum leads to sql injection. This vulnerability is known as CVE-2025-6309. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /admin/bwdates-request-report-details.php. The manipulation of the argument fromdate/todate leads to sql injection. This vulnerability is traded as CVE-2025-6308. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /function/edit_customer.php. The manipulation of the argument firstname leads to sql injection. The identification of this vulnerability is CVE-2025-6307. The attack may be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/admin_index.php. The manipulation of the argument Username leads to sql injection. This vulnerability was named CVE-2025-6306. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been classified as critical. This affects an unknown part of the file /admin/admin_feature.php. The manipulation of the argument product_code leads to sql injection. This vulnerability is uniquely identified as CVE-2025-6305. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /cart.php. The manipulation of the argument qty[] leads to sql injection. This vulnerability is handled as CVE-2025-6304. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /contactus1.php. The manipulation of the argument Message leads to sql injection. This vulnerability is known as CVE-2025-6303. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is the function setStaticDhcpConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Comment leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-6302. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file /admin/manage-notices.php of the component Add Notice. The manipulation of the argument Title/Description leads to cross site scripting. The identification of this vulnerability is CVE-2025-6301. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. This vulnerability affects unknown code of the file /admin/editempeducation.php. The manipulation of the argument yopgra leads to sql injection. This vulnerability was named CVE-2025-6300. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boa/formWSC. The manipulation of the argument targetAPSsid leads to os command injection. This vulnerability is uniquely identified as CVE-2025-6299. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Hostel Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /empty_rooms.php. The manipulation of the argument search_box leads to sql injection. This vulnerability is handled as CVE-2025-6296. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Hostel Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /allocated_rooms.php. The manipulation of the argument search_box leads to sql injection. This vulnerability is known as CVE-2025-6295. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /contact.php. The manipulation of the argument hostel_name leads to sql injection. This vulnerability is traded as CVE-2025-6294. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /contact_manager.php. The manipulation of the argument student_roll_no leads to sql injection. The identification of this vulnerability is CVE-2025-6293. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in D-Link DIR-825 2.03 and classified as critical. This vulnerability affects the function sub_4091AC of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2025-6292. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in D-Link DIR-825 2.03. This affects the function do_file of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is uniquely identified as CVE-2025-6291. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in PHPGurukul Bus Pass Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/admin-profile.php of the component Profile Page. The manipulation of the argument profile name leads to cross site scripting. This vulnerability is handled as CVE-2025-6288. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /test-details.php of the component Take Action. The manipulation of the argument remark leads to cross site scripting. This vulnerability is known as CVE-2025-6287. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in PHPGurukul COVID19 Testing Management System 2021. Affected is an unknown function of the file /search-report-result.php. The manipulation of the argument q leads to open redirect. This vulnerability is traded as CVE-2025-6286. It is possible to launch the attack remotely. Furthermore, there is an exploit available.