Submit #647589: 1Panel-dev MaxKB 2.0.2, 2.1.0 Deserialization [Accepted]
Submit #647589 / VDB-323867
Aggregator
CVE-2025-10432 | Tenda AC1206 15.03.06.23 HTTP Request /goform/AdvSetMacMtuWa check_param_changed wanMTU stack-based overflow (EUVD-2025-29161)
3 weeks 6 days ago
A vulnerability has been found in Tenda AC1206 15.03.06.23 and classified as critical. This vulnerability affects the function check_param_changed of the file /goform/AdvSetMacMtuWa of the component HTTP Request Handler. Performing manipulation of the argument wanMTU results in stack-based buffer overflow.
This vulnerability is known as CVE-2025-10432. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com
CVE-2025-10431 | SourceCodester Pet Grooming Management Software 1.0 ajax_represent.php ID sql injection (EUVD-2025-29157)
3 weeks 6 days ago
A vulnerability, which was classified as critical, was found in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/ajax_represent.php. Such manipulation of the argument ID leads to sql injection.
This vulnerability is traded as CVE-2025-10431. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-10430 | SourceCodester Pet Grooming Management Software 1.0 /admin/barcode.php ID sql injection (EUVD-2025-29158)
3 weeks 6 days ago
A vulnerability, which was classified as critical, has been found in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/barcode.php. This manipulation of the argument ID causes sql injection.
This vulnerability appears as CVE-2025-10430. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com
CVE-2025-10429 | SourceCodester Pet Grooming Management Software 1.0 /admin/ajax_product.php drop_services sql injection (EUVD-2025-29154)
3 weeks 6 days ago
A vulnerability classified as critical was found in SourceCodester Pet Grooming Management Software 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax_product.php. The manipulation of the argument drop_services results in sql injection.
This vulnerability is reported as CVE-2025-10429. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com
CVE-2025-10428 | SourceCodester Pet Grooming Management Software 1.0 Setting /admin/seo_setting.php website_image unrestricted upload (EUVD-2025-29156)
3 weeks 6 days ago
A vulnerability classified as critical has been found in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/seo_setting.php of the component Setting Handler. The manipulation of the argument website_image leads to unrestricted upload.
This vulnerability is documented as CVE-2025-10428. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com
CVE-2025-10427 | SourceCodester Pet Grooming Management Software 1.0 user.php website_image unrestricted upload (EUVD-2025-29151)
3 weeks 6 days ago
A vulnerability described as critical has been identified in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/operation/user.php. Executing manipulation of the argument website_image can lead to unrestricted upload.
This vulnerability is registered as CVE-2025-10427. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com
Submit #647527: Tenda AC1206 AC1206V1.0RTL_V15.03.06.23 Stack-based Buffer Overflow [Accepted]
3 weeks 6 days ago
Submit #647527 / VDB-323866
nevv of Red-Shield Security Lab
Submit #647493: sourcecodester Pet grooming management software August 30, 2025 SQL Injection [Accepted]
3 weeks 6 days ago
Submit #647493 / VDB-323865
joinia
Submit #647488: sourcecodester Pet grooming management software August 30, 2025 SQL Injection [Accepted]
3 weeks 6 days ago
Submit #647488 / VDB-323864
joinia
Submit #647470: sourcecodester Pet grooming management software August 30, 2025 SQL Injection [Accepted]
3 weeks 6 days ago
Submit #647470 / VDB-323863
joinia
Submit #647464: sourcecodester Pet grooming management software August 30, 2025 Unrestricted Upload [Accepted]
3 weeks 6 days ago
Submit #647464 / VDB-323862
joinia
Submit #647463: sourcecodester Pet grooming management software August 30, 2025 Unrestricted Upload [Accepted]
3 weeks 6 days ago
Submit #647463 / VDB-323861
joinia
CVE-2025-10394 | fcba_zzm ics-park Smart Park Management System 2.0 Scheduled Task JobController.java code injection (EUVD-2025-29114)
3 weeks 6 days ago
A vulnerability categorized as critical has been discovered in fcba_zzm ics-park Smart Park Management System 2.0. Affected is an unknown function of the file ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/JobController.java of the component Scheduled Task Module. Such manipulation leads to code injection.
This vulnerability is listed as CVE-2025-10394. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com
CVE-2024-47081 | psf requests URL src/requests/utils.py information disclosure (Nessus ID 240162 / WID-SEC-2025-1699)
3 weeks 6 days ago
A vulnerability marked as problematic has been reported in psf requests. This impacts an unknown function of the file src/requests/utils.py of the component URL Handler. The manipulation leads to information disclosure.
This vulnerability is traded as CVE-2024-47081. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-24495 | Intel Core Ultra Processor initialization of resource (intel-sa-01322 / Nessus ID 236930)
3 weeks 6 days ago
A vulnerability marked as problematic has been reported in Intel Core Ultra Processor. The affected element is an unknown function. This manipulation causes incorrect initialization of resource.
The identification of this vulnerability is CVE-2025-24495. The attack can only be executed locally. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2009-2569 | Verlihub Control Panel 1.7e index.php nick cross site scripting (EDB-32989 / BID-34856)
3 weeks 6 days ago
A vulnerability was found in Verlihub Control Panel 1.7e. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.php of the component Control Panel. This manipulation of the argument nick causes cross site scripting.
This vulnerability is registered as CVE-2009-2569. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com
CVE-2009-2571 | VerliAdmin 0.3.7/0.3.8 index.php nick cross site scripting (EDB-32988 / XFDB-50347)
3 weeks 6 days ago
A vulnerability categorized as problematic has been discovered in VerliAdmin 0.3.7/0.3.8. This affects an unknown part of the file index.php. Such manipulation of the argument nick leads to cross site scripting.
This vulnerability is documented as CVE-2009-2571. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
CVE-2009-4547 | ViArt CMS 3.3.2 forums.php forum_id cross site scripting (EDB-33157 / XFDB-52371)
3 weeks 6 days ago
A vulnerability classified as problematic was found in ViArt CMS 3.3.2. Impacted is an unknown function of the file forums.php. The manipulation of the argument forum_id results in cross site scripting.
This vulnerability was named CVE-2009-4547. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com
CVE-2009-3495 | Vastal DVD Zone view_mag.php mag_id sql injection (EDB-33240 / BID-36487)
3 weeks 6 days ago
A vulnerability was found in Vastal DVD Zone and classified as critical. This vulnerability affects unknown code of the file view_mag.php. Such manipulation of the argument mag_id leads to sql injection.
This vulnerability is documented as CVE-2009-3495. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com