CVE-2025-6400 - TOTOLINK N300RH HTTP POST Message Handler Buffer Overflow Vulnerability
CVE ID : CVE-2025-6400
Published : June 21, 2025, 6:15 a.m. | 1 hour, 58 minutes ago
Description : A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formPortFw of the component HTTP POST Message Handler. The manipulation of the argument service_type leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6400
Published : June 21, 2025, 6:15 a.m. | 1 hour, 58 minutes ago
Description : A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formPortFw of the component HTTP POST Message Handler. The manipulation of the argument service_type leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5143 - TableOn - WordPress Posts Table Filterable Stored Cross-Site Scripting
CVE ID : CVE-2025-5143
Published : June 21, 2025, 7:15 a.m. | 58 minutes ago
Description : The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's tableon_popup_iframe_button shortcode in all versions up to, and including, 1.0.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5143
Published : June 21, 2025, 7:15 a.m. | 58 minutes ago
Description : The TableOn – WordPress Posts Table Filterable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's tableon_popup_iframe_button shortcode in all versions up to, and including, 1.0.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6401 - TOTOLINK N300RH HTTP POST Message Handler Denial of Service Vulnerability
CVE ID : CVE-2025-6401
Published : June 21, 2025, 7:15 a.m. | 58 minutes ago
Description : A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6401
Published : June 21, 2025, 7:15 a.m. | 58 minutes ago
Description : A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6402 - TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability
CVE ID : CVE-2025-6402
Published : June 21, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6402
Published : June 21, 2025, 9:15 a.m. | 2 hours, 58 minutes ago
Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6403 - "Code-projects School Fees Payment System SQL Injection Vulnerability"
CVE ID : CVE-2025-6403
Published : June 21, 2025, 10:15 a.m. | 1 hour, 58 minutes ago
Description : A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6403
Published : June 21, 2025, 10:15 a.m. | 1 hour, 58 minutes ago
Description : A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5289 - WordPress 3D FlipBook Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-5289
Published : June 21, 2025, 11:15 a.m. | 58 minutes ago
Description : The 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ and 'mode' parameters in all versions up to, and including, 1.16.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note: This issue affects only block-based themes.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5289
Published : June 21, 2025, 11:15 a.m. | 58 minutes ago
Description : The 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ and 'mode' parameters in all versions up to, and including, 1.16.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note: This issue affects only block-based themes.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6404 - Campcodes Online Teacher Record Management System SQL Injection Vulnerability
CVE ID : CVE-2025-6404
Published : June 21, 2025, 12:15 p.m. | 3 hours, 59 minutes ago
Description : A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6404
Published : June 21, 2025, 12:15 p.m. | 3 hours, 59 minutes ago
Description : A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36016 - IBM Process Mining Open Redirect Phishing Vulnerability
CVE ID : CVE-2025-36016
Published : June 21, 2025, 1:15 p.m. | 2 hours, 59 minutes ago
Description : IBM Process Mining 2.0.1 IF001 and 2.0.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36016
Published : June 21, 2025, 1:15 p.m. | 2 hours, 59 minutes ago
Description : IBM Process Mining 2.0.1 IF001 and 2.0.1 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3221 - IBM InfoSphere Information Server Denial of Service Vulnerability
CVE ID : CVE-2025-3221
Published : June 21, 2025, 1:15 p.m. | 2 hours, 59 minutes ago
Description : IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a remote attacker to cause a denial of service due to insufficient validation of incoming request resources.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3221
Published : June 21, 2025, 1:15 p.m. | 2 hours, 59 minutes ago
Description : IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a remote attacker to cause a denial of service due to insufficient validation of incoming request resources.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3629 - IBM InfoSphere Information Server Authentication Bypass
CVE ID : CVE-2025-3629
Published : June 21, 2025, 1:15 p.m. | 2 hours, 59 minutes ago
Description : IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an authenticated user to delete another user's comments due to improper ownership management.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3629
Published : June 21, 2025, 1:15 p.m. | 2 hours, 59 minutes ago
Description : IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an authenticated user to delete another user's comments due to improper ownership management.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6405 - Campcodes Online Teacher Record Management System SQL Injection
CVE ID : CVE-2025-6405
Published : June 21, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A vulnerability classified as critical was found in Campcodes Online Teacher Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-teacher-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6405
Published : June 21, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A vulnerability classified as critical was found in Campcodes Online Teacher Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-teacher-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6406 - Campcodes Online Hospital Management System SQL Injection Vulnerability
CVE ID : CVE-2025-6406
Published : June 21, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Campcodes Online Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/forgot-password.php. The manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6406
Published : June 21, 2025, 2:15 p.m. | 1 hour, 59 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Campcodes Online Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/forgot-password.php. The manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6407 - Campcodes Online Hospital Management System SQL Injection Vulnerability
CVE ID : CVE-2025-6407
Published : June 21, 2025, 3:15 p.m. | 59 minutes ago
Description : A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. This affects an unknown part of the file /user-login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6407
Published : June 21, 2025, 3:15 p.m. | 59 minutes ago
Description : A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. This affects an unknown part of the file /user-login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6408 - Campcodes Online Hospital Management System SQL Injection Vulnerability
CVE ID : CVE-2025-6408
Published : June 21, 2025, 3:15 p.m. | 59 minutes ago
Description : A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6408
Published : June 21, 2025, 3:15 p.m. | 59 minutes ago
Description : A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6409 - PHPGurukul Art Gallery Management System SQL Injection
CVE ID : CVE-2025-6409
Published : June 21, 2025, 4:15 p.m. | 3 hours, 59 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1 and classified as critical. This issue affects some unknown processing of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6409
Published : June 21, 2025, 4:15 p.m. | 3 hours, 59 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1 and classified as critical. This issue affects some unknown processing of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6410 - PHPGurukul Art Gallery Management System SQL Injection
CVE ID : CVE-2025-6410
Published : June 21, 2025, 5:15 p.m. | 2 hours, 59 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been classified as critical. Affected is an unknown function of the file /admin/edit-art-medium-detail.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6410
Published : June 21, 2025, 5:15 p.m. | 2 hours, 59 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been classified as critical. Affected is an unknown function of the file /admin/edit-art-medium-detail.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6411 - PHPGurukul Art Gallery Management System SQL Injection
CVE ID : CVE-2025-6411
Published : June 21, 2025, 5:15 p.m. | 2 hours, 59 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/changepropic.php. The manipulation of the argument imageid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6411
Published : June 21, 2025, 5:15 p.m. | 2 hours, 59 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/changepropic.php. The manipulation of the argument imageid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6412 - PHPGurukul Art Gallery Management System SQL Injection Vulnerability
CVE ID : CVE-2025-6412
Published : June 21, 2025, 6:15 p.m. | 1 hour, 59 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6412
Published : June 21, 2025, 6:15 p.m. | 1 hour, 59 minutes ago
Description : A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6413 - PHPGurukul Art Gallery Management System SQL Injection Vulnerability
CVE ID : CVE-2025-6413
Published : June 21, 2025, 6:15 p.m. | 1 hour, 59 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Art Gallery Management System 1.1. This affects an unknown part of the file /admin/changeimage1.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6413
Published : June 21, 2025, 6:15 p.m. | 1 hour, 59 minutes ago
Description : A vulnerability classified as critical has been found in PHPGurukul Art Gallery Management System 1.1. This affects an unknown part of the file /admin/changeimage1.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6414 - PHPGurukul Art Gallery Management System SQL Injection Vulnerability
CVE ID : CVE-2025-6414
Published : June 21, 2025, 7:15 p.m. | 59 minutes ago
Description : A vulnerability classified as critical was found in PHPGurukul Art Gallery Management System 1.1. This vulnerability affects unknown code of the file /admin/changeimage2.php. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6414
Published : June 21, 2025, 7:15 p.m. | 59 minutes ago
Description : A vulnerability classified as critical was found in PHPGurukul Art Gallery Management System 1.1. This vulnerability affects unknown code of the file /admin/changeimage2.php. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6415 - PHPGurukul Art Gallery Management System SQL Injection Vulnerability
CVE ID : CVE-2025-6415
Published : June 21, 2025, 7:15 p.m. | 59 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.1. This issue affects some unknown processing of the file /admin/changeimage3.php. The manipulation of the argument editid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6415
Published : June 21, 2025, 7:15 p.m. | 59 minutes ago
Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.1. This issue affects some unknown processing of the file /admin/changeimage3.php. The manipulation of the argument editid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...