Latest CVE Feed
-
8.1
CVSS31CVE-2025-26186
SQL Injection vulnerability in openSIS v.9.1 allows a remote attacker to execute arbitrary code via the id parameter in Ajax.php... Read more
Affected Products :- Published: Jul. 15, 2025
- Modified: Jul. 15, 2025
-
9.8
CVSS31CVE-2025-7609
A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument ruser_email leads to sql injection.... Read more
Affected Products : simple_shopping_cart- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
9.8
CVSS31CVE-2025-7610
A vulnerability was found in code-projects Electricity Billing System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/change_password.php. The manipulation of the argument new_password leads to sql in... Read more
Affected Products : electricity_billing_system- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
9.8
CVSS31CVE-2025-7611
A vulnerability was found in code-projects Wedding Reservation 1.0. It has been classified as critical. This affects an unknown part of the file /global.php. The manipulation of the argument lu leads to sql injection. It is possible to initiate the attack... Read more
Affected Products : wedding_reservation- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
6.5
CVSS31CVE-2025-53820
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `index.php` endpoint of the WeGIA application prior to version 3.4.5. This ... Read more
Affected Products : wegia- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
6.5
CVSS31CVE-2025-53822
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `relatorio_geracao.php` endpoint of the WeGIA application prior to version ... Read more
Affected Products : wegia- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
8.8
CVSS31CVE-2025-53823
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint `/WeGIA/html/socio/sistema/processa_deletar_socio.php`, in the `id_socio` p... Read more
Affected Products : wegia- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
5.4
CVSS31CVE-2025-53824
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the editar_permissoes.php endpoint of the WeGIA application prior to version 3.... Read more
Affected Products : wegia- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
7.6
CVSS31CVE-2025-53959
In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible... Read more
Affected Products :- Published: Jul. 15, 2025
- Modified: Jul. 15, 2025
-
7.5
CVSS31CVE-2024-51770
An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17.... Read more
Affected Products :- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
9.8
CVSS31CVE-2025-7612
A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remote... Read more
Affected Products : mobile_shop- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
7.5
CVSS31CVE-2024-42646
A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.... Read more
Affected Products : nanomq- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
6.5
CVSS31CVE-2024-42648
NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message.... Read more
Affected Products : nanomq- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
6.5
CVSS31CVE-2024-42649
NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.... Read more
Affected Products : nanomq- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
5.6
CVSS31CVE-2025-51650
An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to execute arbitrary code via uploading a crafted template file.... Read more
Affected Products : foxcms- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
5.4
CVSS31CVE-2025-51652
SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Categories.php.... Read more
Affected Products : semcms- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
5.4
CVSS31CVE-2025-51653
SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_ct.php.... Read more
Affected Products : semcms- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
5.4
CVSS31CVE-2025-51654
SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Infocategories.php.... Read more
Affected Products : semcms- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
5.4
CVSS31CVE-2025-51655
SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Quanxian.php.... Read more
Affected Products : semcms- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025
-
5.4
CVSS31CVE-2025-51656
SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Link.php.... Read more
Affected Products : semcms- Published: Jul. 14, 2025
- Modified: Jul. 15, 2025