Total
3944 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-14650 | 1 Admerc | 1 Online Cake Ordering System | 2025-12-31 | 7.5 HIGH | 7.3 HIGH |
| A flaw has been found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown part of the file /cakeshop/product.php. Executing manipulation of the argument Product can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. | |||||
| CVE-2025-15003 | 1 Seacms | 1 Seacms | 2025-12-30 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file admin_video.php. Performing manipulation of the argument e_id results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. | |||||
| CVE-2025-15002 | 1 Seacms | 1 Seacms | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-15053 | 1 Fabian | 1 Student Information System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A flaw has been found in code-projects Student Information System 1.0. This issue affects some unknown processing of the file /searchresults.php. Executing manipulation of the argument searchbox can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. | |||||
| CVE-2025-15049 | 1 Anisha | 1 Online Farm System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was identified in code-projects Online Farm System 1.0. Affected is an unknown function of the file /addProduct.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-15167 | 1 Admerc | 1 Online Cake Ordering System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was determined in itsourcecode Online Cake Ordering System 1.0. This impacts an unknown function of the file /detailtransac.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-15166 | 1 Admerc | 1 Online Cake Ordering System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown function of the file /updatesupplier.php?action=edit. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used. | |||||
| CVE-2025-15165 | 1 Admerc | 1 Online Cake Ordering System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in itsourcecode Online Cake Ordering System 1.0. The impacted element is an unknown function of the file /updatecustomer.php?action=edit. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-15078 | 1 Angeljudesuarez | 1 Student Management System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was detected in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /list_report.php. The manipulation of the argument sy results in sql injection. The attack may be launched remotely. The exploit is now public and may be used. | |||||
| CVE-2025-15077 | 1 Angeljudesuarez | 1 Student Management System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A security vulnerability has been detected in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /form137.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-15075 | 1 Angeljudesuarez | 1 Student Management System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A security flaw has been discovered in itsourcecode Student Management System 1.0. This issue affects some unknown processing of the file /student_p.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-15073 | 1 Itsourcecode | 1 Online Frozen Foods Ordering System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contact_us.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-15074 | 1 Itsourcecode | 1 Online Frozen Foods Ordering System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. This vulnerability affects unknown code of the file /customer_details.php. Such manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-15186 | 1 Fabian | 1 Refugee Food Management System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in code-projects Refugee Food Management System 1.0. Affected by this issue is some unknown functionality of the file /home/addusers.php. Such manipulation of the argument a leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-15185 | 1 Fabian | 1 Refugee Food Management System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A flaw has been found in code-projects Refugee Food Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /home/refugeesreport.php. This manipulation of the argument a causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2025-15184 | 1 Fabian | 1 Refugee Food Management System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was detected in code-projects Refugee Food Management System 1.0. Affected is an unknown function of the file /home/refugeesreport2.php. The manipulation of the argument a results in sql injection. The attack may be performed from remote. The exploit is now public and may be used. | |||||
| CVE-2025-15183 | 1 Fabian | 1 Refugee Food Management System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A security vulnerability has been detected in code-projects Refugee Food Management System 1.0. This impacts an unknown function of the file /home/viewtakenfd.php. The manipulation of the argument tfid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-15182 | 1 Fabian | 1 Refugee Food Management System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown function of the file /home/served.php. Executing manipulation of the argument refNo can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-15181 | 1 Fabian | 1 Refugee Food Management System | 2025-12-30 | 7.5 HIGH | 7.3 HIGH |
| A security flaw has been discovered in code-projects Refugee Food Management System 1.0. The impacted element is an unknown function of the file /home/pagenateRefugeesList.php. Performing manipulation of the argument rfid results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-15192 | 1 Dlink | 2 Dwr-m920, Dwr-m920 Firmware | 2025-12-30 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fota_url leads to command injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. | |||||