Submit #673721: TOTOLINK A3300R V17.0.0cu.557_B20221024 Buffer Overflow [Accepted]
Submit #673721 / VDB-329909
Aggregator
CVE-2025-12237 | projectworlds Advanced Library Management System 1.0 /index.php keywords sql injection
3 months 2 weeks ago
A vulnerability labeled as critical has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /index.php. Such manipulation of the argument keywords leads to sql injection.
This vulnerability is documented as CVE-2025-12237. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
CVE-2025-12236 | Tenda CH22 1.0.0.1 /goform/DhcpListClient fromDhcpListClient page buffer overflow
3 months 2 weeks ago
A vulnerability identified as critical has been detected in Tenda CH22 1.0.0.1. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. This manipulation of the argument page causes buffer overflow.
This vulnerability is registered as CVE-2025-12236. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com
CVE-2025-12235 | Tenda CH22 1.0.0.1 /goform/SetIpBind fromSetIpBind page buffer overflow
3 months 2 weeks ago
A vulnerability categorized as critical has been discovered in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow.
This vulnerability is cataloged as CVE-2025-12235. The attack must originate from the local network. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-12234 | Tenda CH22 1.0.0.1 /goform/SafeMacFilter fromSafeMacFilter page buffer overflow
3 months 2 weeks ago
A vulnerability was found in Tenda CH22 1.0.0.1. It has been rated as critical. This affects the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page leads to buffer overflow.
This vulnerability is listed as CVE-2025-12234. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com
CVE-2025-12233 | Tenda CH22 1.0.0.1 /goform/SafeUrlFilter fromSafeUrlFilter page buffer overflow
3 months 2 weeks ago
A vulnerability was found in Tenda CH22 1.0.0.1. It has been declared as critical. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Executing manipulation of the argument page can lead to buffer overflow.
This vulnerability is tracked as CVE-2025-12233. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com
CVE-2025-12232 | Tenda CH22 1.0.0.1 /goform/SafeClientFilter fromSafeClientFilter page buffer overflow
3 months 2 weeks ago
A vulnerability was found in Tenda CH22 1.0.0.1. It has been classified as critical. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Performing manipulation of the argument page results in buffer overflow.
This vulnerability is identified as CVE-2025-12232. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com
Submit #673719: code-projects Automated Voting System 1.0 SQL Injection [Accepted]
3 months 2 weeks ago
Submit #673719 / VDB-329908
xmqaq
CVE-2025-12231 | projectworlds Expense Management System 1.0 Expense Categories Page create cross site scripting
3 months 2 weeks ago
A vulnerability was found in projectworlds Expense Management System 1.0 and classified as problematic. Affected is an unknown function of the file /public/admin/expense_categories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting.
This vulnerability is referenced as CVE-2025-12231. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com
CVE-2025-12230 | projectworlds Expense Management System 1.0 Currency Page create cross site scripting
3 months 2 weeks ago
A vulnerability has been found in projectworlds Expense Management System 1.0 and classified as problematic. This impacts an unknown function of the file /public/admin/currencies/create of the component Currency Page. This manipulation causes cross site scripting.
The identification of this vulnerability is CVE-2025-12230. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-12229 | projectworlds Expense Management System 1.0 Roles Page create cross site scripting
3 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting.
This vulnerability was named CVE-2025-12229. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com
CVE-2025-12228 | projectworlds Expense Management System 1.0 Users Page create cross site scripting
3 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2025-12228. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com
Submit #673715: projectworlds Advanced Library Management System 1.0 SQL Injection [Accepted]
3 months 2 weeks ago
Submit #673715 / VDB-329907
j-jcp
Submit #673724: Tenda CH22 v1.0.0.1 Buffer Overflow [Accepted]
3 months 2 weeks ago
Submit #673724 / VDB-329906
LINXI666
Submit #673720: Tenda CH22 v1.0.0.1 Buffer Overflow [Accepted]
3 months 2 weeks ago
Submit #673720 / VDB-329905
LINXI666
Submit #673718: Tenda CH22 v1.0.0.1 Buffer Overflow [Accepted]
3 months 2 weeks ago
Submit #673718 / VDB-329904
LINXI666
Submit #673714: Tenda CH22 V1.0.0.1 Buffer Overflow [Accepted]
3 months 2 weeks ago
Submit #673714 / VDB-329903
LINXI666
Submit #673713: Tenda CH22 V1.0.0.1 Buffer Overflow Vulnerability [Accepted]
3 months 2 weeks ago
Submit #673713 / VDB-329902
LINXI666
CVE-2025-12227 | projectworlds Gate Pass Management System 1.0 /add-pass.php cross site scripting
3 months 2 weeks ago
A vulnerability classified as problematic was found in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing manipulation can lead to cross site scripting.
This vulnerability is handled as CVE-2025-12227. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
CVE-2025-12226 | SourceCodester Best House Rental Management System 1.0 /admin_class.php save_house house_no sql injection
3 months 2 weeks ago
A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. Impacted is the function save_house of the file /admin_class.php. Performing manipulation of the argument house_no results in sql injection.
This vulnerability is known as CVE-2025-12226. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com