Latest CVE Feed
-
8.8
CVSS31CVE-2025-7570
A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been rated as critical. Affected by this issue is some unknown functionality of the file /goform/aspRemoteApConfTempSend. The manipulation of the argument remoteSrcTemp leads to buffer... Read more
Affected Products :- Published: Jul. 14, 2025
- Modified: Jul. 14, 2025
-
8.8
CVSS31CVE-2025-7586
A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been declared as critical. Affected by this vulnerability is the function formSetAPCfg of the file /goform/setWtpData. The manipulation of the argument radio_2g_1 leads to stack-based buffer o... Read more
Affected Products :- Published: Jul. 14, 2025
- Modified: Jul. 14, 2025
-
8.8
CVSS31CVE-2025-7468
A vulnerability has been found in Tenda FH1201 1.2.0.14 and classified as critical. This vulnerability affects the function fromSafeUrlFilter of the file /goform/fromSafeUrlFilter of the component HTTP POST Request Handler. The manipulation of the argumen... Read more
Affected Products : fh1201_firmware- Published: Jul. 12, 2025
- Modified: Jul. 12, 2025
-
7.5
CVSS31CVE-2025-7504
The Friends plugin for WordPress is vulnerable to PHP Object Injection in version 3.5.1 via deserialization of untrusted input of the query_vars parameter This makes it possible for authenticated attackers, with subscriber-level access and above, to injec... Read more
Affected Products : friends- Published: Jul. 12, 2025
- Modified: Jul. 12, 2025
-
7.5
CVSS31CVE-2020-36848
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it... Read more
Affected Products : total_upkeep- Published: Jul. 12, 2025
- Modified: Jul. 12, 2025
-
7.3
CVSS31CVE-2025-7513
A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/slideupdate.php. The manipulation of the argument idSlide leads to sql injection. Th... Read more
Affected Products : modern_bag- Published: Jul. 13, 2025
- Modified: Jul. 13, 2025
-
7.3
CVSS31CVE-2025-7467
A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /product-detail.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack r... Read more
Affected Products : modern_bag- Published: Jul. 12, 2025
- Modified: Jul. 12, 2025
-
7.3
CVSS31CVE-2025-7480
A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Affected by this issue is some unknown functionality of the file /users/signup.php. The manipulation of the argument email leads to sql injection. T... Read more
Affected Products : vehicle_parking_management_system- Published: Jul. 12, 2025
- Modified: Jul. 12, 2025
-
7.3
CVSS31CVE-2025-7478
A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. Affected is an unknown function of the file /admin/category-list.php. The manipulation of the argument idCate leads to sql injection. It is possible to launch th... Read more
Affected Products : modern_bag- Published: Jul. 12, 2025
- Modified: Jul. 12, 2025
-
7.3
CVSS31CVE-2025-7475
A vulnerability classified as critical has been found in code-projects Simple Car Rental System 1.0. This affects an unknown part of the file /pay.php. The manipulation of the argument mpesa leads to sql injection. It is possible to initiate the attack re... Read more
Affected Products : simple_car_rental_system- Published: Jul. 12, 2025
- Modified: Jul. 12, 2025
-
7.3
CVSS31CVE-2025-7476
A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. This vulnerability affects unknown code of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated... Read more
Affected Products : simple_car_rental_system- Published: Jul. 12, 2025
- Modified: Jul. 12, 2025
-
7.3
CVSS31CVE-2025-7510
A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/productadd_back.php. The manipulation of the argument namepro leads to sql injection. The attack can be i... Read more
Affected Products : modern_bag- Published: Jul. 13, 2025
- Modified: Jul. 13, 2025
-
7.3
CVSS31CVE-2025-7534
A vulnerability was found in PHPGurukul Student Result Management System 2.0. It has been classified as critical. Affected is an unknown function of the file /notice-details.php of the component GET Parameter Handler. The manipulation of the argument nid ... Read more
Affected Products : student_result_management_system- Published: Jul. 13, 2025
- Modified: Jul. 13, 2025
-
7.3
CVSS31CVE-2025-7471
A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login-back.php. The manipulation of the argument user-name leads to sql injection. T... Read more
Affected Products : modern_bag- Published: Jul. 12, 2025
- Modified: Jul. 12, 2025
-
7.3
CVSS31CVE-2025-7512
A vulnerability was found in code-projects Modern Bag 1.0. It has been classified as critical. Affected is an unknown function of the file /contact-back.php. The manipulation of the argument contact-name leads to sql injection. It is possible to launch th... Read more
Affected Products : modern_bag- Published: Jul. 13, 2025
- Modified: Jul. 13, 2025
-
7.3
CVSS31CVE-2025-7515
A vulnerability classified as critical has been found in code-projects Online Appointment Booking System 1.0. This affects an unknown part of the file /ulocateus.php. The manipulation of the argument doctorname leads to sql injection. It is possible to in... Read more
Affected Products :- Published: Jul. 13, 2025
- Modified: Jul. 13, 2025
-
7.3
CVSS31CVE-2025-7474
A vulnerability was found in code-projects Job Diary 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. The attack may be launch... Read more
Affected Products :- Published: Jul. 12, 2025
- Modified: Jul. 12, 2025
-
7.3
CVSS31CVE-2025-7509
A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /admin/slide.php. The manipulation of the argument idSlide leads to sql injection. It is possible to initiate the attack... Read more
Affected Products : modern_bag- Published: Jul. 13, 2025
- Modified: Jul. 13, 2025
-
7.3
CVSS31CVE-2025-7521
A vulnerability, which was classified as critical, was found in PHPGurukul Vehicle Parking Management System 1.13. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possib... Read more
Affected Products : vehicle_parking_management_system- Published: Jul. 13, 2025
- Modified: Jul. 13, 2025
-
7.3
CVSS31CVE-2025-7523
A vulnerability was found in Jinher OA 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /c6/Jhsoft.Web.message/ToolBar/DelTemp.aspx. The manipulation leads to xml external entity reference. The attack may... Read more
Affected Products :- Published: Jul. 13, 2025
- Modified: Jul. 13, 2025