Latest CVE Feed
-
8.8
HIGHCVE-2025-13259
A flaw has been found in Campcodes Supplier Management System 1.0. This affects an unknown function of the file /manufacturer/edit_unit.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has b... Read more
Affected Products : supplier_management_system- Published: Nov. 17, 2025
- Modified: Nov. 19, 2025
- Vuln Type: Injection
-
9.0
HIGHCVE-2025-13258
A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto results in buffer overflow. The attack can be launched remotely. The... Read more
- Published: Nov. 17, 2025
- Modified: Nov. 19, 2025
- Vuln Type: Memory Corruption
-
9.4
CRITICALCVE-2025-10460
A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no longer maintained or patched by the vendor, allows an unauthorised user to retrieve sensitive database contents via unsanitized parameter input. This vulnera... Read more
Affected Products :- Published: Nov. 17, 2025
- Modified: Nov. 18, 2025
- Vuln Type: Injection
-
9.8
CRITICALCVE-2025-13257
A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can... Read more
Affected Products : inventory_management_system- Published: Nov. 17, 2025
- Modified: Nov. 19, 2025
- Vuln Type: Injection
-
8.8
HIGHCVE-2025-13256
A weakness has been identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrow.php. Executing manipulation of the argument roll_number can lead to sql injection. It is possible to launch the att... Read more
Affected Products : advanced_library_management_system- Published: Nov. 17, 2025
- Modified: Nov. 19, 2025
- Vuln Type: Injection
-
8.8
HIGHCVE-2025-13255
A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /book_search.php. Performing manipulation of the argument book_pub/book_title results in sql injection. It ... Read more
Affected Products : advanced_library_management_system- Published: Nov. 17, 2025
- Modified: Nov. 19, 2025
- Vuln Type: Injection
-
8.8
HIGHCVE-2025-13254
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /add_member.php. Such manipulation of the argument roll_number leads to sql injection. The attack may be performed ... Read more
Affected Products : advanced_library_management_system- Published: Nov. 17, 2025
- Modified: Nov. 19, 2025
- Vuln Type: Injection
-
8.8
HIGHCVE-2025-13253
A vulnerability was determined in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /add_librarian.php. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out ... Read more
Affected Products : advanced_library_management_system- Published: Nov. 17, 2025
- Modified: Nov. 19, 2025
- Vuln Type: Injection
-
7.5
HIGHCVE-2025-13252
A vulnerability was found in shsuishang ShopSuite ModulithShop up to 45a99398cec3b7ad7ff9383694f0b53339f2d35a. Affected by this issue is some unknown functionality of the component RSA/OAuth2/Database. The manipulation results in hard-coded credentials. T... Read more
Affected Products :- Published: Nov. 16, 2025
- Modified: Nov. 18, 2025
- Vuln Type: Authentication