CVE-2025-3038 - Code-projects Payroll Management System SQL Injection Vulnerability
CVE ID : CVE-2025-3038
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : A vulnerability was found in code-projects Payroll Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view_account.php. The manipulation of the argument salary_rate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3038
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : A vulnerability was found in code-projects Payroll Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view_account.php. The manipulation of the argument salary_rate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3039 - Code-projects Payroll Management System SQL Injection Vulnerability
CVE ID : CVE-2025-3039
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : A vulnerability was found in code-projects Payroll Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /add_employee.php. The manipulation of the argument lname/fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3039
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : A vulnerability was found in code-projects Payroll Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /add_employee.php. The manipulation of the argument lname/fname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3040 - Project Worlds Online Time Table Generator File Upload Vulnerability
CVE ID : CVE-2025-3040
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_student.php. The manipulation of the argument pic leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3040
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_student.php. The manipulation of the argument pic leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3059 - Drupal Profile Private Unauthenticated File Upload
CVE ID : CVE-2025-3059
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : Vulnerability in Drupal Profile Private.This issue affects Profile Private: *.*.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3059
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : Vulnerability in Drupal Profile Private.This issue affects Profile Private: *.*.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3060 - Drupal Flattern Cross-Site Scripting (XSS) Vulnerability
CVE ID : CVE-2025-3060
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : Vulnerability in Drupal Flattern – Multipurpose Bootstrap Business Profile.This issue affects Flattern – Multipurpose Bootstrap Business Profile: *.*.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3060
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : Vulnerability in Drupal Flattern – Multipurpose Bootstrap Business Profile.This issue affects Flattern – Multipurpose Bootstrap Business Profile: *.*.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3061 - "Drupal Material Admin Stored Cross-Site Scripting"
CVE ID : CVE-2025-3061
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : Vulnerability in Drupal Material Admin.This issue affects Material Admin: *.*.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3061
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : Vulnerability in Drupal Material Admin.This issue affects Material Admin: *.*.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3062 - "Drupal Admin LTE Theme Cross-Site Scripting Vulnerability"
CVE ID : CVE-2025-3062
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : Vulnerability in Drupal Drupal Admin LTE theme.This issue affects Drupal Admin LTE theme: *.*.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3062
Published : March 31, 2025, 11:15 p.m. | 1 hour, 15 minutes ago
Description : Vulnerability in Drupal Drupal Admin LTE theme.This issue affects Drupal Admin LTE theme: *.*.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3041 - Project Worlds Online Time Table Generator Unrestricted File Upload Vulnerability
CVE ID : CVE-2025-3041
Published : April 1, 2025, 12:15 a.m. | 16 minutes ago
Description : A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file /admin/updatestudent.php. The manipulation of the argument pic leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3041
Published : April 1, 2025, 12:15 a.m. | 16 minutes ago
Description : A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file /admin/updatestudent.php. The manipulation of the argument pic leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21384 - Microsoft Azure Health Bot SSRF Privilege Escalation
CVE ID : CVE-2025-21384
Published : April 1, 2025, 1:15 a.m. | 3 hours, 16 minutes ago
Description : An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21384
Published : April 1, 2025, 1:15 a.m. | 3 hours, 16 minutes ago
Description : An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3042 - Project Worlds Online Time Table Generator Unrestricted File Upload Vulnerability
CVE ID : CVE-2025-3042
Published : April 1, 2025, 1:15 a.m. | 3 hours, 16 minutes ago
Description : A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. This vulnerability affects unknown code of the file /student/updateprofile.php. The manipulation of the argument pic leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3042
Published : April 1, 2025, 1:15 a.m. | 3 hours, 16 minutes ago
Description : A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. This vulnerability affects unknown code of the file /student/updateprofile.php. The manipulation of the argument pic leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3043 - GuoMinJim PersonManage Path Traversal Vulnerability
CVE ID : CVE-2025-3043
Published : April 1, 2025, 1:15 a.m. | 3 hours, 16 minutes ago
Description : A vulnerability, which was classified as critical, has been found in GuoMinJim PersonManage 1.0. This issue affects the function preHandle of the file /login/. The manipulation of the argument Request leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3043
Published : April 1, 2025, 1:15 a.m. | 3 hours, 16 minutes ago
Description : A vulnerability, which was classified as critical, has been found in GuoMinJim PersonManage 1.0. This issue affects the function preHandle of the file /login/. The manipulation of the argument Request leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3045 - "SourceCodester Apartment Visitor Management System SQL Injection"
CVE ID : CVE-2025-3045
Published : April 1, 2025, 1:15 a.m. | 3 hours, 16 minutes ago
Description : A vulnerability, which was classified as critical, was found in oretnom23/SourceCodester Apartment Visitor Management System 1.0. Affected is an unknown function of the file /remove-apartment.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3045
Published : April 1, 2025, 1:15 a.m. | 3 hours, 16 minutes ago
Description : A vulnerability, which was classified as critical, was found in oretnom23/SourceCodester Apartment Visitor Management System 1.0. Affected is an unknown function of the file /remove-apartment.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30672 - Mite for Perl Arbitrary Code Execution Vulnerability
CVE ID : CVE-2025-30672
Published : April 1, 2025, 2:15 a.m. | 2 hours, 16 minutes ago
Description : Mite for Perl before 0.013000 generates code with the current working directory ('.') added to the @INC path similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code execution. This affects the Mite distribution itself, and other distributions that contain code generated by Mite.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30672
Published : April 1, 2025, 2:15 a.m. | 2 hours, 16 minutes ago
Description : Mite for Perl before 0.013000 generates code with the current working directory ('.') added to the @INC path similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code execution. This affects the Mite distribution itself, and other distributions that contain code generated by Mite.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30673 - Perl Sub::HandlesVia Remote Code Execution Vulnerability
CVE ID : CVE-2025-30673
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code execution. Sub::HandlesVia uses Mite to produce the affected code section due to CVE-2025-30672
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30673
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code execution. Sub::HandlesVia uses Mite to produce the affected code section due to CVE-2025-30672
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31515 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-31515
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31515
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31516 - Apache OpenOffice Unvalidated User Input
CVE ID : CVE-2025-31516
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31516
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31517 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-31517
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31517
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31518 - Apache Web Server Cross-Site Request Forgery
CVE ID : CVE-2025-31518
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31518
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31519 - Citrix NetScaler Denial of Service
CVE ID : CVE-2025-31519
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31519
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31520 - VMware VMFS File System Directory Traversal
CVE ID : CVE-2025-31520
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31520
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31521 - Apache HTTP Server Remote Code Execution Vulnerability
CVE ID : CVE-2025-31521
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31521
Published : April 1, 2025, 3:15 a.m. | 1 hour, 16 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...