CVE-2025-67866 - Apache HTTP Server Command Injection
CVE ID : CVE-2025-67866
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-67866
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-67867 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-67867
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-67867
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-67868 - Adobe Flash Buffer Overread
CVE ID : CVE-2025-67868
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-67868
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-67869 - Apache Unvalidated User Input
CVE ID : CVE-2025-67869
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-67869
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-67870 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-67870
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-67870
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-67871 - Apache HTTP Server Directory Traversal
CVE ID : CVE-2025-67871
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-67871
Published : Dec. 13, 2025, 4:16 p.m. | 1 hour, 19 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14621 - code-projects Student File Management System update_user.php sql injection
CVE ID : CVE-2025-14621
Published : Dec. 13, 2025, 5:15 p.m. | 21 minutes ago
Description : A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14621
Published : Dec. 13, 2025, 5:15 p.m. | 21 minutes ago
Description : A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14622 - code-projects Student File Management System save_user.php sql injection
CVE ID : CVE-2025-14622
Published : Dec. 13, 2025, 6:15 p.m. | 3 hours, 21 minutes ago
Description : A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14622
Published : Dec. 13, 2025, 6:15 p.m. | 3 hours, 21 minutes ago
Description : A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14623 - code-projects Student File Management System update_student.php sql injection
CVE ID : CVE-2025-14623
Published : Dec. 13, 2025, 6:15 p.m. | 3 hours, 21 minutes ago
Description : A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14623
Published : Dec. 13, 2025, 6:15 p.m. | 3 hours, 21 minutes ago
Description : A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14636 - Tenda AX9 httpd image_check weak hash
CVE ID : CVE-2025-14636
Published : Dec. 13, 2025, 7:15 p.m. | 2 hours, 21 minutes ago
Description : A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14636
Published : Dec. 13, 2025, 7:15 p.m. | 2 hours, 21 minutes ago
Description : A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14637 - itsourcecode Online Pet Shop Management System addcnp.php sql injection
CVE ID : CVE-2025-14637
Published : Dec. 13, 2025, 8:15 p.m. | 1 hour, 21 minutes ago
Description : A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14637
Published : Dec. 13, 2025, 8:15 p.m. | 1 hour, 21 minutes ago
Description : A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13832 - Apache HTTP Server Remote Code Execution Vulnerability
CVE ID : CVE-2025-13832
Published : Dec. 13, 2025, 11:15 p.m. | 22 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13832
Published : Dec. 13, 2025, 11:15 p.m. | 22 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14638 - itsourcecode Online Pet Shop Management System update_cnp.php sql injection
CVE ID : CVE-2025-14638
Published : Dec. 14, 2025, 1:15 a.m. | 2 hours, 23 minutes ago
Description : A security vulnerability has been detected in itsourcecode Online Pet Shop Management System 1.0. This issue affects some unknown processing of the file /pet1/update_cnp.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14638
Published : Dec. 14, 2025, 1:15 a.m. | 2 hours, 23 minutes ago
Description : A security vulnerability has been detected in itsourcecode Online Pet Shop Management System 1.0. This issue affects some unknown processing of the file /pet1/update_cnp.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14639 - itsourcecode Student Management System uprec.php sql injection
CVE ID : CVE-2025-14639
Published : Dec. 14, 2025, 2:15 a.m. | 1 hour, 23 minutes ago
Description : A vulnerability was detected in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /uprec.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14639
Published : Dec. 14, 2025, 2:15 a.m. | 1 hour, 23 minutes ago
Description : A vulnerability was detected in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /uprec.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14640 - code-projects Student File Management System save_student.php sql injection
CVE ID : CVE-2025-14640
Published : Dec. 14, 2025, 2:15 a.m. | 1 hour, 23 minutes ago
Description : A flaw has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /admin/save_student.php. Executing manipulation of the argument stud_no can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14640
Published : Dec. 14, 2025, 2:15 a.m. | 1 hour, 23 minutes ago
Description : A flaw has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /admin/save_student.php. Executing manipulation of the argument stud_no can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14643 - code-projects Simple Attendance Record System check.php sql injection
CVE ID : CVE-2025-14643
Published : Dec. 14, 2025, 3:02 a.m. | 36 minutes ago
Description : A vulnerability was found in code-projects Simple Attendance Record System 2.0. The affected element is an unknown function of the file /check.php. Performing manipulation of the argument student results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14643
Published : Dec. 14, 2025, 3:02 a.m. | 36 minutes ago
Description : A vulnerability was found in code-projects Simple Attendance Record System 2.0. The affected element is an unknown function of the file /check.php. Performing manipulation of the argument student results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14641 - code-projects Computer Laboratory System admin_pic.php unrestricted upload
CVE ID : CVE-2025-14641
Published : Dec. 14, 2025, 3:15 a.m. | 23 minutes ago
Description : A flaw has been found in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing of the file admin/admin_pic.php. This manipulation of the argument image causes unrestricted upload. The attack may be initiated remotely. The exploit has been published and may be used.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14641
Published : Dec. 14, 2025, 3:15 a.m. | 23 minutes ago
Description : A flaw has been found in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing of the file admin/admin_pic.php. This manipulation of the argument image causes unrestricted upload. The attack may be initiated remotely. The exploit has been published and may be used.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14642 - code-projects Computer Laboratory System technical_staff_pic.php unrestricted upload
CVE ID : CVE-2025-14642
Published : Dec. 14, 2025, 3:15 a.m. | 23 minutes ago
Description : A vulnerability has been found in code-projects Computer Laboratory System 1.0. Impacted is an unknown function of the file technical_staff_pic.php. Such manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14642
Published : Dec. 14, 2025, 3:15 a.m. | 23 minutes ago
Description : A vulnerability has been found in code-projects Computer Laboratory System 1.0. Impacted is an unknown function of the file technical_staff_pic.php. Such manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14644 - itsourcecode Student Management System update_subject.php sql injection
CVE ID : CVE-2025-14644
Published : Dec. 14, 2025, 4:15 a.m. | 3 hours, 23 minutes ago
Description : A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /update_subject.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14644
Published : Dec. 14, 2025, 4:15 a.m. | 3 hours, 23 minutes ago
Description : A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /update_subject.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-67896 - Exim Heap Corruption Vulnerability
CVE ID : CVE-2025-67896
Published : Dec. 14, 2025, 4:15 a.m. | 3 hours, 23 minutes ago
Description : Exim before 4.99.1 allows remote heap corruption that will be further described on 2025-12-18.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-67896
Published : Dec. 14, 2025, 4:15 a.m. | 3 hours, 23 minutes ago
Description : Exim before 4.99.1 allows remote heap corruption that will be further described on 2025-12-18.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13126 - wpForo Forum <= 2.4.12 - Unauthenticated SQL Injection
CVE ID : CVE-2025-13126
Published : Dec. 14, 2025, 5:15 a.m. | 2 hours, 23 minutes ago
Description : The wpForo Forum plugin for WordPress is vulnerable to generic SQL Injection via the `post_args` and `topic_args` parameters in all versions up to, and including, 2.4.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13126
Published : Dec. 14, 2025, 5:15 a.m. | 2 hours, 23 minutes ago
Description : The wpForo Forum plugin for WordPress is vulnerable to generic SQL Injection via the `post_args` and `topic_args` parameters in all versions up to, and including, 2.4.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...