🚨 CVE-2025-24902
WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `salvar_cargo.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive information. This issue has been addressed in version 3.2.12 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
🎖@cveNotify
WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `salvar_cargo.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive information. This issue has been addressed in version 3.2.12 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
🎖@cveNotify
GitHub
Resolução SQL Injection [Security https://github.com/LabRedesCefetRJ/… · LabRedesCefetRJ/WeGIA@f535e87
…WeGIA/security/advisories/GHSA-pg73-w9vx-8mgp]
🚨 CVE-2025-32442
Fastify is a fast and low overhead web framework, for Node.js. In versions 5.0.0 to 5.3.0 as well as version 4.29.0, applications that specify different validation strategies for different content types have a possibility to bypass validation by providing a _slightly altered_ content type such as with different casing or altered whitespacing before `;`. This was patched in v5.3.1, but the initial patch did not cover all problems. This has been fully patched in v5.3.2 and v4.29.1. A workaround involves not specifying individual content types in the schema.
🎖@cveNotify
Fastify is a fast and low overhead web framework, for Node.js. In versions 5.0.0 to 5.3.0 as well as version 4.29.0, applications that specify different validation strategies for different content types have a possibility to bypass validation by providing a _slightly altered_ content type such as with different casing or altered whitespacing before `;`. This was patched in v5.3.1, but the initial patch did not cover all problems. This has been fully patched in v5.3.2 and v4.29.1. A workaround involves not specifying individual content types in the schema.
🎖@cveNotify
GitHub
Merge commit from fork · fastify/fastify@436da4c
* fix: schema validation bypass
* chore: update comments
Co-authored-by: James Sumners <321201+jsumners@users.noreply.github.com>
Signed-off-by: KaKa <23028015+climba03003@us...
* chore: update comments
Co-authored-by: James Sumners <321201+jsumners@users.noreply.github.com>
Signed-off-by: KaKa <23028015+climba03003@us...
🚨 CVE-2025-24021
iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, anyone with an account having portal access can set value to object fields when they're not supposed to. Versions 2.7.12, 3.1.3, and 3.2.1 contain a fix for the issue.
🎖@cveNotify
iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, anyone with an account having portal access can set value to object fields when they're not supposed to. Versions 2.7.12, 3.1.3, and 3.2.1 contain a fix for the issue.
🎖@cveNotify
GitHub
N°8134 - Portal user profile is broken, regression from 7776 · Combodo/iTop@44290db
A simple, web based IT Service Management tool . Contribute to Combodo/iTop development by creating an account on GitHub.
🚨 CVE-2024-45062
A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer that supports IPP-over-USB can cause a buffer overflow which can lead to a arbitrary code execution in a privileged service. To trigger the vulnerability, a malicious device would need to be connected to the vulnerable system over USB.
🎖@cveNotify
A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer that supports IPP-over-USB can cause a buffer overflow which can lead to a arbitrary code execution in a privileged service. To trigger the vulnerability, a malicious device would need to be connected to the vulnerable system over USB.
🎖@cveNotify
🚨 CVE-2025-55734
flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, the code checks if the userRole is "admin" only when visiting the /admin page, but not when visiting its subroutes. Specifically, only the file routes/adminPanel.py checks the user role when a user is trying to access the admin page, but that control is not done for the pages routes/adminPanelComments.py and routes/adminPanelPosts.py. Thus, an unauthorized user can bypass the intended restrictions, leaking sensitive data and accessing the following pages: /admin/posts, /adminpanel/posts, /admin/comments, and /adminpanel/comments.
🎖@cveNotify
flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, the code checks if the userRole is "admin" only when visiting the /admin page, but not when visiting its subroutes. Specifically, only the file routes/adminPanel.py checks the user role when a user is trying to access the admin page, but that control is not done for the pages routes/adminPanelComments.py and routes/adminPanelPosts.py. Thus, an unauthorized user can bypass the intended restrictions, leaking sensitive data and accessing the following pages: /admin/posts, /adminpanel/posts, /admin/comments, and /adminpanel/comments.
🎖@cveNotify
GitHub
Arbitrary privilege escalation, Arbitrary comment delete, Stored XSS, Authorization Bypass
## 1. Arbitrary privilege escalation
### Description
An arbitrary user can change his role to "admin", giving its relative privileges (e.g. delete users, posts, comments etc.). The prob...
### Description
An arbitrary user can change his role to "admin", giving its relative privileges (e.g. delete users, posts, comments etc.). The prob...
🚨 CVE-2025-55735
flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, when creating a post, there's no validation of the content of the post stored in the variable "postContent". The vulnerability arises when displaying the content of the post using the | safe filter, that tells the engine to not escape the rendered content. This can lead to a stored XSS inside the content of the post. The code that causes the problem is in template/routes.html.
🎖@cveNotify
flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, when creating a post, there's no validation of the content of the post stored in the variable "postContent". The vulnerability arises when displaying the content of the post using the | safe filter, that tells the engine to not escape the rendered content. This can lead to a stored XSS inside the content of the post. The code that causes the problem is in template/routes.html.
🎖@cveNotify
GitHub
Stored XSS
## Disclaimer
This advisor is referred to my other [security advisor](https://github.com/DogukanUrker/FlaskBlog/security/advisories/GHSA-h239-vv39-v3vx), where GitHub asked for separate posts in o...
This advisor is referred to my other [security advisor](https://github.com/DogukanUrker/FlaskBlog/security/advisories/GHSA-h239-vv39-v3vx), where GitHub asked for separate posts in o...
🚨 CVE-2025-9302
A vulnerability was identified in PHPGurukul User Management System 1.0. This vulnerability affects unknown code of the file /signup.php. Such manipulation of the argument emailid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.
🎖@cveNotify
A vulnerability was identified in PHPGurukul User Management System 1.0. This vulnerability affects unknown code of the file /signup.php. Such manipulation of the argument emailid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.
🎖@cveNotify
GitHub
PHPGurukul User Management System in PHP using Stored Procedure v1.0 /signup.php SQL Injection · Issue #5 · chenjunjie3/cve
NAME OF AFFECTED PRODUCT(S) User Management System in PHP using Stored Procedure Vendor Homepage https://phpgurukul.com/user-management-system-in-php-using-stored-procedure/ AFFECTED AND/OR FIXED V...
🚨 CVE-2025-9304
A weakness has been identified in SourceCodester Online Bank Management System 1.0. Impacted is an unknown function of the file /bank/show.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from a remote location. The exploit has been made available to the public and could be exploited.
🎖@cveNotify
A weakness has been identified in SourceCodester Online Bank Management System 1.0. Impacted is an unknown function of the file /bank/show.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from a remote location. The exploit has been made available to the public and could be exploited.
🎖@cveNotify
GitHub
SourceCodester - Online Bank Management System V1.0 SQL injection · Issue #7 · CVE-Hunter-Leo/CVE
NAME OF AFFECTED PRODUCT(S) SourceCodester Vendor Homepage https://www.sourcecodester.com submitter Wong Chun Wing Vulnerable File GET /bank/show.php VERSION(S) v1.0 Software Link https://www.sourc...
🚨 CVE-2025-9305
A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. The affected element is an unknown function of the file /bank/mnotice.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
🎖@cveNotify
A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. The affected element is an unknown function of the file /bank/mnotice.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
🎖@cveNotify
GitHub
SourceCodester - Online Bank Management System V1.0 SQL injection · Issue #8 · CVE-Hunter-Leo/CVE
NAME OF AFFECTED PRODUCT(S) SourceCodester Vendor Homepage https://www.sourcecodester.com submitter Wong Chun Wing Vulnerable File GET /bank/mnotice.php VERSION(S) v1.0 Software Link https://www.so...
🚨 CVE-2025-9306
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.
🎖@cveNotify
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.
🎖@cveNotify
GitHub
SourceCodester Advanced School Management System with Complete Features V1.0 /index.php/notice/addNotice Stored Cross-Site Scripting…
SourceCodester Advanced School Management System with Complete Features V1.0 /index.php/notice/addNotice Stored Cross-Site Scripting (Stored XSS) NAME OF AFFECTED PRODUCT(S) Advanced School Managem...
🚨 CVE-2025-9307
A flaw has been found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /admin/session.php. This manipulation of the argument sesssion causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used.
🎖@cveNotify
A flaw has been found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /admin/session.php. This manipulation of the argument sesssion causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used.
🎖@cveNotify
GitHub
phpgurukul Online Course Registration Project V3.1 /admin/session.php SQL injection · Issue #2 · zzx-yyds/mycve
phpgurukul Online Course Registration Project V3.1 /admin/session.php SQL injection NAME OF AFFECTED PRODUCT(S) Online Course Registration Vendor Homepage https://phpgurukul.com/online-course-regis...
🚨 CVE-2025-57761
WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependente_remover.php endpoint, specifically in the id_funcionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This vulnerability is fixed in 3.4.10.
🎖@cveNotify
WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependente_remover.php endpoint, specifically in the id_funcionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This vulnerability is fixed in 3.4.10.
🎖@cveNotify
GitHub
Alteração da query para buscar um dependente no BD [Issue #1129] · LabRedesCefetRJ/WeGIA@baec5c7
WeGIA: Web gerenciador para instituições assistenciais - Alteração da query para buscar um dependente no BD [Issue #1129] · LabRedesCefetRJ/WeGIA@baec5c7
🚨 CVE-2025-57762
WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting (XSS) vulnerability in the dependente_docdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the nome parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.4.7.
🎖@cveNotify
WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting (XSS) vulnerability in the dependente_docdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the nome parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.4.7.
🎖@cveNotify
GitHub
Resolução XSS [Security https://github.com/LabRedesCefetRJ/WeGIA/secu… · LabRedesCefetRJ/WeGIA@fb1ab40
…rity/advisories/GHSA-494r-43f3-p828]
🚨 CVE-2025-57763
WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Reflected Cross-Site Scripting (XSS) vulnerability in the insere_despacho.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the cpf sccs. This vulnerability is fixed in 3.4.7.
🎖@cveNotify
WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Reflected Cross-Site Scripting (XSS) vulnerability in the insere_despacho.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the cpf sccs. This vulnerability is fixed in 3.4.7.
🎖@cveNotify
GitHub
Cross-Site Scripting (XSS) Reflected in 'insere_despacho.php' parameter 'sccs'
### Summary
A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `insere_despacho.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject mal...
A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `insere_despacho.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject mal...
🚨 CVE-2025-9311
A vulnerability was identified in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /fair/addfair.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
🎖@cveNotify
A vulnerability was identified in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /fair/addfair.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
🎖@cveNotify
GitHub
itsourcecode Apartment Management System Project V1.0 /fair/addfair.php SQL injection · Issue #42 · zzb1388/cve
itsourcecode Apartment Management System Project V1.0 /fair/addfair.php SQL injection NAME OF AFFECTED PRODUCT(S) Apartment Management System Vendor Homepage https://itsourcecode.com/free-projects/...
🚨 CVE-2022-31491
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this to run arbitrary code immediately regardless of any managed UPS state or presence.
🎖@cveNotify
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this to run arbitrary code immediately regardless of any managed UPS state or presence.
🎖@cveNotify
🚨 CVE-2022-43110
Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a remote attacker to configure the system via an unspecified web interface. An unauthenticated remote attacker can make changes to the system including: changing the web interface admin password, view/change system configuration, enumerate connected UPS devices and shut down connected UPS devices. This extends to being able to configure operating system commands that should run if the system detects a connected UPS shutting down.
🎖@cveNotify
Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a remote attacker to configure the system via an unspecified web interface. An unauthenticated remote attacker can make changes to the system including: changing the web interface admin password, view/change system configuration, enumerate connected UPS devices and shut down connected UPS devices. This extends to being able to configure operating system commands that should run if the system detects a connected UPS shutting down.
🎖@cveNotify
🚨 CVE-2022-45133
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload.
🎖@cveNotify
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload.
🎖@cveNotify
Launchpad
Bug #1995819 “Skin font upload file can be manipulated to be a p...” : Bugs : Mahara
For example if you had a skin to import and the font part of the XML markup was a string that had path information, eg
<?xml version="1.0" encoding="UTF-8"?>
<skin>
<font name="PoC" title="PoC" font-variants="PD9waHAgc3lzdGVtKCdpZCcpOyA/Pg=="…
<?xml version="1.0" encoding="UTF-8"?>
<skin>
<font name="PoC" title="PoC" font-variants="PD9waHAgc3lzdGVtKCdpZCcpOyA/Pg=="…
🚨 CVE-2024-41165
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
🎖@cveNotify
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
🎖@cveNotify
🚨 CVE-2024-42220
A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially crafted library can leverage Outlook's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
🎖@cveNotify
A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially crafted library can leverage Outlook's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
🎖@cveNotify
🚨 CVE-2024-43106
A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted library can leverage Excel's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
🎖@cveNotify
A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted library can leverage Excel's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.
🎖@cveNotify