CVE-2025-34152 - "Aitemi M300 Wi-Fi Repeater OS Command Injection"
CVE ID : CVE-2025-34152
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike other injection points, this vector allows remote compromise without triggering visible configuration changes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34152
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike other injection points, this vector allows remote compromise without triggering visible configuration changes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54392 - Netwrix Directory Manager Cross-Site Scripting
CVE ID : CVE-2025-54392
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54392
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54393 - Netwrix Directory Manager Static Code Injection Vulnerability
CVE ID : CVE-2025-54393
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54393
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54394 - Netwrix Directory Manager Insufficiently Protected Credentials Vulnerability
CVE ID : CVE-2025-54394
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54394
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54395 - Netwrix Directory Manager XSS Vulnerability
CVE ID : CVE-2025-54395
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54395
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54396 - Netwrix Directory Manager SQL Injection
CVE ID : CVE-2025-54396
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54396
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54397 - Netwrix Directory Manager Information Disclosure Vulnerability
CVE ID : CVE-2025-54397
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54397
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55137 - Apache LinkJoin Authentication Bypass
CVE ID : CVE-2025-55137
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : LinkJoin through 882f196 mishandles lacks type checking in password reset.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55137
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : LinkJoin through 882f196 mishandles lacks type checking in password reset.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55138 - LinkJoin Password Reset Token Ownership Vulnerability
CVE ID : CVE-2025-55138
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : LinkJoin through 882f196 mishandles token ownership in password reset.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55138
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : LinkJoin through 882f196 mishandles token ownership in password reset.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-40992 - Apache Hospital Management System SQL Injection Vulnerability
CVE ID : CVE-2023-40992
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System 4 is vulnerable to a SQL injection in /Hospital-Management-System-master/func.php via the password2 parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-40992
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System 4 is vulnerable to a SQL injection in /Hospital-Management-System-master/func.php via the password2 parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41519 - SAM System Cross-Site Scripting Vulnerability
CVE ID : CVE-2023-41519
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a cross-site scripting (XSS) vulnerability via the sessionName parameter at createSessionTerm.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41519
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a cross-site scripting (XSS) vulnerability via the sessionName parameter at createSessionTerm.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41520 - SAM System SQL Injection Vulnerability
CVE ID : CVE-2023-41520
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41520
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41521 - SAM System SQL Injection Vulnerability
CVE ID : CVE-2023-41521
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createSessionTerm.php via the id, termId, and sessionName parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41521
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createSessionTerm.php via the id, termId, and sessionName parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41522 - SAMSS SQL Injection Vulnerability
CVE ID : CVE-2023-41522
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41522
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41523 - SAMSS SQL Injection
CVE ID : CVE-2023-41523
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the emailAddress parameter at createClassTeacher.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41523
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the emailAddress parameter at createClassTeacher.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41524 - SAM System SQL Injection
CVE ID : CVE-2023-41524
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the username parameter at index.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41524
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the username parameter at index.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41525 - MedCare Hospital Management System SQL Injection
CVE ID : CVE-2023-41525
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41525
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41526 - "MediCare Hospital Management System SQL Injection Vulnerability"
CVE ID : CVE-2023-41526
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41526
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41527 - Medcare Hospital Management System SQL Injection
CVE ID : CVE-2023-41527
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41527
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41528 - "MediCare SQL Injection Vulnerability"
CVE ID : CVE-2023-41528
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41528
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41529 - "MediSys Hospital Management System Cross-Site Scripting Vulnerability"
CVE ID : CVE-2023-41529
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in func2.php via the fname and lname parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41529
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in func2.php via the fname and lname parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...