Vuldb Updates

A vulnerability marked as critical has been reported in PHPCafe Tutorial Manager 1.0. This vulnerability affects unknown code of the file index.php. This manipulation of the argument ID causes sql injection. This vulnerability is handled as CVE-2005-3478. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability labeled as problematic has been found in phpBB. This affects an unknown function of the file sessions.php. Executing manipulation of the argument userdata[user_level can lead to information disclosure. This vulnerability appears as CVE-2005-0614. The attack may be performed from remote. In addition, an exploit is available. The affected component should be upgraded.

A vulnerability was found in Vasion Print Virtual Appliance Host and Print Application 22.0.843/22.0.1002. It has been classified as problematic. Affected is an unknown function of the component Environment Variable Handler. Performing manipulation results in cleartext transmission of sensitive information. This vulnerability is identified as CVE-2025-34199. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in itsourcecode Online Discussion Forum 1.0. It has been declared as critical. The impacted element is an unknown function of the file /index.php. Executing manipulation of the argument email/password can lead to sql injection. This vulnerability is handled as CVE-2025-10800. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability was found in SourceCodester Pet Grooming Management Software 1.0. It has been rated as critical. This affects an unknown function of the file /admin/edit_tax.php. The manipulation of the argument ID leads to sql injection. This vulnerability is uniquely identified as CVE-2025-10801. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability identified as critical has been detected in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of the argument ID causes sql injection. The identification of this vulnerability is CVE-2025-10802. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability labeled as critical has been found in Tenda AC23 up to 16.03.07.52. Affected by this vulnerability is the function sscanf of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. This vulnerability is referenced as CVE-2025-10803. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability marked as critical has been reported in Campcodes Online Beauty Parlor Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/add-customer.php. Performing manipulation of the argument mobilenum results in sql injection. This vulnerability is identified as CVE-2025-10804. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability described as critical has been identified in Campcodes Online Beauty Parlor Management System 1.0. This affects an unknown part of the file /admin/add-services.php. Executing manipulation of the argument sername can lead to sql injection. This vulnerability is tracked as CVE-2025-10805. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability classified as critical has been found in Campcodes Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. This vulnerability is listed as CVE-2025-10806. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability classified as critical was found in Campcodes Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/edit-customer-detailed.php. The manipulation of the argument editid results in sql injection. This vulnerability is cataloged as CVE-2025-10807. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Vasion Print Virtual Appliance Host and Print Application 22.0.843/22.0.893/22.0.951 and classified as very critical. This affects an unknown function of the component Docker Container. This manipulation causes dependency on vulnerable third-party component. This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2025-34203. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.

A vulnerability classified as very critical has been found in Vasion Print Virtual Appliance Host and Print Application. The impacted element is an unknown function. The manipulation leads to reliance on ip address for authentication. This vulnerability is traded as CVE-2025-34202. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Vasion Print Virtual Appliance Host and Print Application and classified as very critical. This impacts an unknown function of the file /var/www/app/resetroot.php. Such manipulation leads to dead code. This vulnerability is referenced as CVE-2025-34205. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability was found in Vasion Print Virtual Appliance Host and Print Application. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Docker Container. Executing manipulation can lead to improper privilege management. This vulnerability is tracked as CVE-2025-34204. The attack can be launched remotely. No exploit exists.

A vulnerability classified as problematic has been found in Vasion Print Virtual Appliance Host and Print Application. Affected is an unknown function of the file /etc/issue. This manipulation causes cleartext storage of sensitive information. This vulnerability appears as CVE-2025-34200. The attack requires local access. There is no available exploit.

A vulnerability, which was classified as very critical, was found in Vasion Print Virtual Appliance Host and Print Application. Affected is an unknown function of the file /var/www/efs_storage. Such manipulation leads to incorrect permission assignment. This vulnerability is uniquely identified as CVE-2025-34206. The attack can be launched remotely. No exploit exists.

A vulnerability was found in Vasion Print Virtual Appliance Host and Print Application. It has been declared as critical. This vulnerability affects unknown code of the component Docker Container. The manipulation results in improper isolation or compartmentalization. This vulnerability is identified as CVE-2025-34201. The attack is only possible with local access. There is not any exploit available.

A vulnerability marked as problematic has been reported in Microsoft Windows XP. This affects an unknown part of the component ZIP Manager. This manipulation causes memory corruption. This vulnerability is tracked as CVE-2004-2289. The attack is only possible within the local network. Moreover, an exploit is present. It is suggested to swap out the affected component for an alternative.

A vulnerability was found in Microsoft Windows 2000/XP. It has been classified as critical. This vulnerability affects unknown code of the file desktop.ini of the component CLSID Handler. Performing manipulation results in memory corruption. This vulnerability was named CVE-2004-2289. The attack needs to be approached within the local network. In addition, an exploit is available. Upgrading the affected component is recommended.