Aggregator

A vulnerability classified as critical has been found in Perception LiteServe 2.0/2.0.1/2.0.2. This vulnerability affects unknown code of the component HTTP Request Handler. This manipulation with the input <request>. causes information disclosure (Source). This vulnerability is tracked as CVE-2002-1986. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability classified as critical was found in Caucho Technology Resin 2.1.2. This issue affects some unknown processing of the file view_source.jsp. Such manipulation leads to path traversal. This vulnerability is listed as CVE-2002-1987. The attack may be performed from remote. There is no available exploit.

A vulnerability classified as critical was found in SourceCodester Eye Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file /main/search_index_Diagnosis.php. Such manipulation of the argument Search leads to sql injection. This vulnerability is referenced as CVE-2025-9771. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability classified as critical has been found in Campcodes Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ of the component Admin Dashboard Login. This manipulation of the argument Password causes sql injection. The identification of this vulnerability is CVE-2025-9770. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #640865 / VDB-322071

Submit #640811 / VDB-322058

A vulnerability described as critical has been identified in D-Link DI-7400G+ 19.12.25A1. Affected is the function sub_478D28 of the file /mng_platform.asp. The manipulation of the argument addr with the input `echo 12345 > poc.txt` results in command injection. This vulnerability was named CVE-2025-9769. An attack on the physical device is feasible. In addition, an exploit is available.

Submit #640807 / VDB-322070

A vulnerability marked as critical has been reported in itsourcecode Sports Management System 1.0. This impacts an unknown function of the file /Admin/mode.php. The manipulation of the argument code leads to sql injection. This vulnerability is uniquely identified as CVE-2025-9768. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability labeled as critical has been found in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /Admin/sporttype.php. Executing manipulation of the argument code can lead to sql injection. This vulnerability is handled as CVE-2025-9767. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability identified as critical has been detected in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/facilitator.php. Performing manipulation of the argument code results in sql injection. This vulnerability is known as CVE-2025-9766. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability categorized as critical has been discovered in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/tournament_details.php. Such manipulation of the argument ID leads to sql injection. This vulnerability is traded as CVE-2025-9765. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in itsourcecode Sports Management System 1.0. It has been rated as critical. Impacted is an unknown function of the file /Admin/resultdetails.php. This manipulation of the argument ID causes sql injection. This vulnerability appears as CVE-2025-9764. The attack may be initiated remotely. In addition, an exploit is available.

Submit #640797 / VDB-299965

Submit #640779 / VDB-322069

A vulnerability was found in Campcodes Online Learning Management System 1.0. It has been declared as critical. This issue affects some unknown processing of the file /student_signup.php. The manipulation of the argument Username results in sql injection. This vulnerability is reported as CVE-2025-9763. The attack can be launched remotely. Moreover, an exploit is present.

Submit #641753 / VDB-322068

Submit #641113 / VDB-322067

Submit #641112 / VDB-322066

Submit #641111 / VDB-322065