Aggregator

CVE-2025-5758 | SourceCodester Open Source Clinic Management System 1.0 /doctor.php doctorname sql injection (EUVD-2025-17114)

Vuldb Updates
6 months 1 week ago
A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. This affects an unknown part of the file /doctor.php. The manipulation of the argument doctorname leads to sql injection. This vulnerability is uniquely identified as CVE-2025-5758. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.
vuldb.com

CVE-2025-5652 | PHPGurukul Complaint Management System 2.0 between-date-complaintreport.php fromdate/todate sql injection (EUVD-2025-16980)

Vuldb Updates
6 months 1 week ago
A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/between-date-complaintreport.php. The manipulation of the argument fromdate/todate leads to sql injection. This vulnerability is traded as CVE-2025-5652. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5660 | PHPGurukul Complaint Management System 2.0 register-complaint.php noc sql injection (EUVD-2025-16993)

Vuldb Updates
6 months 1 week ago
A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint Management System 2.0. Affected by this issue is some unknown functionality of the file /user/register-complaint.php. The manipulation of the argument noc leads to sql injection. This vulnerability is handled as CVE-2025-5660. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5659 | PHPGurukul Complaint Management System 2.0 /user/profile.php pincode sql injection (EUVD-2025-16994)

Vuldb Updates
6 months 1 week ago
A vulnerability classified as critical was found in PHPGurukul Complaint Management System 2.0. Affected by this vulnerability is an unknown functionality of the file /user/profile.php. The manipulation of the argument pincode leads to sql injection. This vulnerability is known as CVE-2025-5659. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5663 | PHPGurukul Auto Taxi Stand Management System 1.0 search-autoortaxi.php searchdata sql injection (EUVD-2025-16995)

Vuldb Updates
6 months 1 week ago
A vulnerability has been found in PHPGurukul Auto Taxi Stand Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search-autoortaxi.php. The manipulation of the argument searchdata leads to sql injection. This vulnerability was named CVE-2025-5663. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5639 | PHPGurukul Notice Board System 1.0 /forgot-password.php email sql injection (EUVD-2025-16969)

Vuldb Updates
6 months 1 week ago
A vulnerability was found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. This vulnerability is handled as CVE-2025-5639. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5638 | PHPGurukul Notice Board System 1.0 /admin-profile.php mobilenumber sql injection (EUVD-2025-16963)

Vuldb Updates
6 months 1 week ago
A vulnerability has been found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. This vulnerability is known as CVE-2025-5638. The attack can be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.
vuldb.com

Hundreds of GitHub Malware Repos Targeting Novice Cybercriminals Linked to Single User

Cyber Security News
6 months 1 week ago

A sophisticated malware distribution campaign has weaponized over 140 GitHub repositories to target inexperienced cybercriminals and gaming cheat users, representing one of the largest documented cases of supply chain attacks on the platform. The repositories, masquerading as legitimate malware tools and game cheats, contain elaborate backdoors designed to infect users who compile the seemingly authentic […]

The post Hundreds of GitHub Malware Repos Targeting Novice Cybercriminals Linked to Single User appeared first on Cyber Security News.

Tushar Subhra Dutta

CVE-2023-51073 | Buffalo LS210D 1.78-0.03 Firmware Update Script update_notifications.sh privilege escalation

Vuldb Updates
6 months 1 week ago
A vulnerability was found in Buffalo LS210D 1.78-0.03. It has been classified as critical. Affected is an unknown function of the file /etc/init.d/update_notifications.sh of the component Firmware Update Script. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2023-51073. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

CVE-2024-24262 | ireader media-server 1.0.0 sip-uac-transaction.c sip_uac_stop_timer use after free

Vuldb Updates
6 months 1 week ago
A vulnerability, which was classified as problematic, has been found in ireader media-server 1.0.0. Affected by this issue is the function sip_uac_stop_timer of the file /uac/sip-uac-transaction.c. The manipulation leads to use after free. This vulnerability is handled as CVE-2024-24262. The attack can only be initiated within the local network. There is no exploit available.
vuldb.com

CVE-2025-47544 | acowebs Dynamic Pricing With Discount Rules for WooCommerce Plugin sql injection

Vuldb Updates
6 months 1 week ago
A vulnerability, which was classified as critical, has been found in acowebs Dynamic Pricing With Discount Rules for WooCommerce Plugin up to 4.5.8 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. This vulnerability is handled as CVE-2025-47544. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2025-39507 | NasaTheme Nasa Core Plugin up to 6.3.2 on WordPress filename control

Vuldb Updates
6 months 1 week ago
A vulnerability classified as problematic was found in NasaTheme Nasa Core Plugin up to 6.3.2 on WordPress. This vulnerability affects unknown code. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability was named CVE-2025-39507. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-48146 | Michael Lups SEO Flow by LupsOnline Plugin up to 2.2.0 on WordPress cross-site request forgery

Vuldb Updates
6 months 1 week ago
A vulnerability was found in Michael Lups SEO Flow by LupsOnline Plugin up to 2.2.0 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2025-48146. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

Managed ad