CVE-2025-7609 - "Code-projects Simple Shopping Cart SQL Injection Vulnerability"
CVE ID : CVE-2025-7609
Published : July 14, 2025, 2:15 p.m. | 2 hours, 42 minutes ago
Description : A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument ruser_email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7609
Published : July 14, 2025, 2:15 p.m. | 2 hours, 42 minutes ago
Description : A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument ruser_email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7610 - Apache Code-projects Electricity Billing System SQL Injection Vulnerability
CVE ID : CVE-2025-7610
Published : July 14, 2025, 2:15 p.m. | 2 hours, 42 minutes ago
Description : A vulnerability was found in code-projects Electricity Billing System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/change_password.php. The manipulation of the argument new_password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7610
Published : July 14, 2025, 2:15 p.m. | 2 hours, 42 minutes ago
Description : A vulnerability was found in code-projects Electricity Billing System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/change_password.php. The manipulation of the argument new_password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50756 - Wavlink WN535K3 Command Injection Vulnerability
CVE ID : CVE-2025-50756
Published : July 14, 2025, 3:15 p.m. | 1 hour, 42 minutes ago
Description : Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_adm function via the newpass parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50756
Published : July 14, 2025, 3:15 p.m. | 1 hour, 42 minutes ago
Description : Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_adm function via the newpass parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7611 - "Code-Projects Wedding Reservation SQL Injection"
CVE ID : CVE-2025-7611
Published : July 14, 2025, 3:15 p.m. | 1 hour, 42 minutes ago
Description : A vulnerability was found in code-projects Wedding Reservation 1.0. It has been classified as critical. This affects an unknown part of the file /global.php. The manipulation of the argument lu leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7611
Published : July 14, 2025, 3:15 p.m. | 1 hour, 42 minutes ago
Description : A vulnerability was found in code-projects Wedding Reservation 1.0. It has been classified as critical. This affects an unknown part of the file /global.php. The manipulation of the argument lu leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7612 - "Code-projects Mobile Shop SQL Injection Vulnerability"
CVE ID : CVE-2025-7612
Published : July 14, 2025, 3:15 p.m. | 1 hour, 42 minutes ago
Description : A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7612
Published : July 14, 2025, 3:15 p.m. | 1 hour, 42 minutes ago
Description : A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7613 - TOTOLINK T6 Command Injection Vulnerability in CloudSrvVersionCheck
CVE ID : CVE-2025-7613
Published : July 14, 2025, 3:15 p.m. | 1 hour, 42 minutes ago
Description : A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7613
Published : July 14, 2025, 3:15 p.m. | 1 hour, 42 minutes ago
Description : A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7614 - TOTOLINK T6 Command Injection Vulnerability
CVE ID : CVE-2025-7614
Published : July 14, 2025, 3:15 p.m. | 1 hour, 42 minutes ago
Description : A vulnerability classified as critical has been found in TOTOLINK T6 4.1.5cu.748. Affected is the function delDevice of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ipAddr leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7614
Published : July 14, 2025, 3:15 p.m. | 1 hour, 42 minutes ago
Description : A vulnerability classified as critical has been found in TOTOLINK T6 4.1.5cu.748. Affected is the function delDevice of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ipAddr leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7615 - TOTOLINK T6 Command Injection Vulnerability
CVE ID : CVE-2025-7615
Published : July 14, 2025, 4:15 p.m. | 42 minutes ago
Description : A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748. Affected by this vulnerability is the function clearPairCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7615
Published : July 14, 2025, 4:15 p.m. | 42 minutes ago
Description : A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748. Affected by this vulnerability is the function clearPairCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7616 - Snap7 gmg137 Pthread Conditional Destroy Memory Corruption Vulnerability
CVE ID : CVE-2025-7616
Published : July 14, 2025, 4:15 p.m. | 42 minutes ago
Description : A vulnerability, which was classified as critical, has been found in gmg137 snap7-rs up to 1.142.1. Affected by this issue is the function pthread_cond_destroy of the component Public API. The manipulation leads to memory corruption. The exploit has been disclosed to the public and may be used.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7616
Published : July 14, 2025, 4:15 p.m. | 42 minutes ago
Description : A vulnerability, which was classified as critical, has been found in gmg137 snap7-rs up to 1.142.1. Affected by this issue is the function pthread_cond_destroy of the component Public API. The manipulation leads to memory corruption. The exploit has been disclosed to the public and may be used.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-42646 - NanoMQ Denial of Service (DoS) Vulnerability
CVE ID : CVE-2024-42646
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-42646
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-42648 - NanoMQ MQTT Heap Overflow Denial of Service
CVE ID : CVE-2024-42648
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-42648
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-42649 - NanoMQ Memory Leak Denial of Service Vulnerability
CVE ID : CVE-2024-42649
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-42649
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51650 - FoxCMS Remote Code Execution (RCE)
CVE ID : CVE-2025-51650
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to execute arbitrary code via uploading a crafted template file.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51650
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : An arbitrary file upload vulnerability in the component /controller/PicManager.php of FoxCMS v1.2.6 allows attackers to execute arbitrary code via uploading a crafted template file.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51651 - Mccms File Download Vulnerability
CVE ID : CVE-2025-51651
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51651
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51652 - SemCms SQL Injection Vulnerability
CVE ID : CVE-2025-51652
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Categories.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51652
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Categories.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51653 - SemCms SQL Injection Vulnerability
CVE ID : CVE-2025-51653
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_ct.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51653
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_ct.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51654 - SemCms SQL Injection Vulnerability
CVE ID : CVE-2025-51654
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Infocategories.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51654
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Infocategories.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51655 - SemCms v5.0 was discovered to contain a SQL inject
CVE ID : CVE-2025-51655
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Quanxian.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51655
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Quanxian.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51656 - SemCms SQL Injection
CVE ID : CVE-2025-51656
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Link.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51656
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Link.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51657 - SemCms SQL Injection
CVE ID : CVE-2025-51657
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Link.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51657
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Link.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51658 - SemCms SQL Injection Vulnerability
CVE ID : CVE-2025-51658
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_InquiryView.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51658
Published : July 14, 2025, 5:15 p.m. | 3 hours, 42 minutes ago
Description : SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_InquiryView.php.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...