CVE-2025-54397 - Netwrix Directory Manager Information Disclosure Vulnerability
CVE ID : CVE-2025-54397
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54397
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55137 - Apache LinkJoin Authentication Bypass
CVE ID : CVE-2025-55137
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : LinkJoin through 882f196 mishandles lacks type checking in password reset.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55137
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : LinkJoin through 882f196 mishandles lacks type checking in password reset.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55138 - LinkJoin Password Reset Token Ownership Vulnerability
CVE ID : CVE-2025-55138
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : LinkJoin through 882f196 mishandles token ownership in password reset.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55138
Published : Aug. 7, 2025, 5:15 p.m. | 1 hour, 21 minutes ago
Description : LinkJoin through 882f196 mishandles token ownership in password reset.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-40992 - Apache Hospital Management System SQL Injection Vulnerability
CVE ID : CVE-2023-40992
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System 4 is vulnerable to a SQL injection in /Hospital-Management-System-master/func.php via the password2 parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-40992
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System 4 is vulnerable to a SQL injection in /Hospital-Management-System-master/func.php via the password2 parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41519 - SAM System Cross-Site Scripting Vulnerability
CVE ID : CVE-2023-41519
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a cross-site scripting (XSS) vulnerability via the sessionName parameter at createSessionTerm.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41519
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a cross-site scripting (XSS) vulnerability via the sessionName parameter at createSessionTerm.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41520 - SAM System SQL Injection Vulnerability
CVE ID : CVE-2023-41520
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41520
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41521 - SAM System SQL Injection Vulnerability
CVE ID : CVE-2023-41521
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createSessionTerm.php via the id, termId, and sessionName parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41521
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createSessionTerm.php via the id, termId, and sessionName parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41522 - SAMSS SQL Injection Vulnerability
CVE ID : CVE-2023-41522
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41522
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41523 - SAMSS SQL Injection
CVE ID : CVE-2023-41523
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the emailAddress parameter at createClassTeacher.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41523
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the emailAddress parameter at createClassTeacher.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41524 - SAM System SQL Injection
CVE ID : CVE-2023-41524
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the username parameter at index.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41524
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the username parameter at index.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41525 - MedCare Hospital Management System SQL Injection
CVE ID : CVE-2023-41525
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41525
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41526 - "MediCare Hospital Management System SQL Injection Vulnerability"
CVE ID : CVE-2023-41526
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41526
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41527 - Medcare Hospital Management System SQL Injection
CVE ID : CVE-2023-41527
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41527
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41528 - "MediCare SQL Injection Vulnerability"
CVE ID : CVE-2023-41528
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41528
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41529 - "MediSys Hospital Management System Cross-Site Scripting Vulnerability"
CVE ID : CVE-2023-41529
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in func2.php via the fname and lname parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41529
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in func2.php via the fname and lname parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41530 - "MediCare SQL Injection"
CVE ID : CVE-2023-41530
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41530
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41531 - Hospital Management System SQL Injection Vulnerability
CVE ID : CVE-2023-41531
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func3.php via the username1 and password2 parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41531
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func3.php via the username1 and password2 parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41532 - Medicore Hospital Management System SQL Injection
CVE ID : CVE-2023-41532
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the doctor_contact parameter in doctorsearch.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41532
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the doctor_contact parameter in doctorsearch.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51629 - Eccobook PdfViewer XSS
CVE ID : CVE-2025-51629
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : A cross-site scripting (XSS) vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51629
Published : Aug. 7, 2025, 6:15 p.m. | 21 minutes ago
Description : A cross-site scripting (XSS) vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50675 - GPMAW Unprivileged Privilege Escalation Vulnerability
CVE ID : CVE-2025-50675
Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 21 minutes ago
Description : GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file permissions in its installation directory. The directory is accessible with full read, write, and execute permissions for all users, allowing unprivileged users to manipulate files within the directory, including executable files like GPMAW3.exe, Fragment.exe, and the uninstaller GPsetup64_17028.exe. An attacker with user-level access can exploit this misconfiguration by replacing or modifying the uninstaller (GPsetup64_17028.exe) with a malicious version. While the application itself runs in the user's context, the uninstaller is typically executed with administrative privileges when an administrator attempts to uninstall the software. By exploiting this flaw, an attacker could gain administrative privileges and execute arbitrary code in the context of the admin, resulting in privilege escalation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50675
Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 21 minutes ago
Description : GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file permissions in its installation directory. The directory is accessible with full read, write, and execute permissions for all users, allowing unprivileged users to manipulate files within the directory, including executable files like GPMAW3.exe, Fragment.exe, and the uninstaller GPsetup64_17028.exe. An attacker with user-level access can exploit this misconfiguration by replacing or modifying the uninstaller (GPsetup64_17028.exe) with a malicious version. While the application itself runs in the user's context, the uninstaller is typically executed with administrative privileges when an administrator attempts to uninstall the software. By exploiting this flaw, an attacker could gain administrative privileges and execute arbitrary code in the context of the admin, resulting in privilege escalation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50692 - FoxCMS Remote Code Execution Vulnerability
CVE ID : CVE-2025-50692
Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 21 minutes ago
Description : FoxCMS <=v1.2.5 is vulnerable to Code Execution in admin/template_file/editFile.html.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50692
Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 21 minutes ago
Description : FoxCMS <=v1.2.5 is vulnerable to Code Execution in admin/template_file/editFile.html.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...