Aggregator

A vulnerability was found in code-projects Library System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /approve.php. The manipulation of the argument ID leads to sql injection. This vulnerability was named CVE-2025-7185. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Library System 1.0. It has been classified as critical. This affects an unknown part of the file /user/teacher/books.php. The manipulation of the argument Search leads to sql injection. This vulnerability is uniquely identified as CVE-2025-7184. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #607198 / VDB-315128

Submit #607197 / VDB-315127

Submit #607196 / VDB-315126

Submit #607195 / VDB-315125

Sudo发现两个严重漏洞（CVE-2025-32463和CVE-2025-32462），分别评分9.3和2.8。前者允许普通用户获取root权限；后者使用户执行针对其他主机的命令。已修复并发布补丁版本1.9.17p1，建议立即更新以防止攻击。

A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/customer_account.php. The manipulation of the argument Customer leads to sql injection. This vulnerability is handled as CVE-2025-7183. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/modules/subject/edit.php. The manipulation of the argument pre leads to cross site scripting. This vulnerability is known as CVE-2025-7182. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in code-projects Staff Audit System 1.0. Affected is an unknown function of the file /test.php. The manipulation of the argument uploadedfile leads to unrestricted upload. This vulnerability is traded as CVE-2025-7181. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument User leads to sql injection. The identification of this vulnerability is CVE-2025-7180. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #607186 / VDB-315124

Submit #607185 / VDB-315123

Submit #607184 / VDB-314280

A vulnerability classified as critical was found in code-projects Library System 1.0. This vulnerability affects unknown code of the file /add-teacher.php. The manipulation of the argument Username leads to sql injection. This vulnerability was named CVE-2025-7179. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #607127 / VDB-315122

Submit #607104 / VDB-315121

Submit #606917 / VDB-315120

Submit #606916 / VDB-315119

Submit #606912 / VDB-315118