๐จ CVE-2025-11557
A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
[Open Source Project]"Gate Pass Management System PHP MySQL" Project V1.0 " "/add-pass.php" SQL injection ยท Issue #6 ยท QIU-DIE/CVE
Projectworlds Gate Pass Management System PHP MySQL Project V1.0 /add-pass.php SQL injection NAME OF AFFECTED PRODUCT(S) Gate Pass Management System PHP MySQL Vendor Homepage https://projectworlds....
๐จ CVE-2025-11558
A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/user_index_search.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
๐@cveNotify
A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/user_index_search.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
๐@cveNotify
๐จ CVE-2025-11506
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. The affected element is an unknown function of the file /admin/search-appointment.php. The manipulation of the argument searchdata results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
๐@cveNotify
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. The affected element is an unknown function of the file /admin/search-appointment.php. The manipulation of the argument searchdata results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
๐@cveNotify
GitHub
phpgurukul Beauty Parlour Management System Project V1.1 /admin/search-appointment.php SQL injection ยท Issue #11 ยท f000x0/cve
NAME OF AFFECTED PRODUCT(S) Beauty Parlour Management System Vendor Homepage https://phpgurukul.com/beauty-parlour-management-system-using-php-and-mysql/ AFFECTED AND/OR FIXED VERSION(S) submitter ...
๐จ CVE-2025-11507
A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument searchdata causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
๐@cveNotify
A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument searchdata causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
๐@cveNotify
GitHub
phpgurukul Beauty Parlour Management System Project V1.1 /admin/search-invoices.php SQL injection ยท Issue #13 ยท f000x0/cve
NAME OF AFFECTED PRODUCT(S) Beauty Parlour Management System Vendor Homepage https://phpgurukul.com/beauty-parlour-management-system-using-php-and-mysql/ AFFECTED AND/OR FIXED VERSION(S) submitter ...
๐จ CVE-2025-11523
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
๐@cveNotify
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
๐@cveNotify
GitHub
IoT-vulnerable/Tenda/AC7/AdvSetLanip.md at main ยท noahze01/IoT-vulnerable
Contribute to noahze01/IoT-vulnerable development by creating an account on GitHub.
๐จ CVE-2025-11524
A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used.
๐@cveNotify
A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used.
๐@cveNotify
GitHub
IoT-vulnerable/Tenda/AC7/SetDDNSCfg.md at main ยท noahze01/IoT-vulnerable
Contribute to noahze01/IoT-vulnerable development by creating an account on GitHub.
๐จ CVE-2025-11525
A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
IoT-vulnerable/Tenda/AC7/SetUpnpCfg.md at main ยท noahze01/IoT-vulnerable
Contribute to noahze01/IoT-vulnerable development by creating an account on GitHub.
๐จ CVE-2025-11526
A vulnerability was found in Tenda AC7 15.03.06.44. The affected element is an unknown function of the file /goform/WifiMacFilterSet. Performing manipulation of the argument wifi_chkHz results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.
๐@cveNotify
A vulnerability was found in Tenda AC7 15.03.06.44. The affected element is an unknown function of the file /goform/WifiMacFilterSet. Performing manipulation of the argument wifi_chkHz results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.
๐@cveNotify
GitHub
IoT-vulnerable/Tenda/AC7/WifiMacFilterSet.md at main ยท noahze01/IoT-vulnerable
Contribute to noahze01/IoT-vulnerable development by creating an account on GitHub.
๐จ CVE-2025-9900
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file.
By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
๐@cveNotify
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file.
By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
๐@cveNotify
๐จ CVE-2025-11449
ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the browsers of ServiceNow users who click on a specially crafted link.
ServiceNow has addressed this vulnerability by deploying a relevant security update to the majority of hosted instances. Relevant security updates also have been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configuration. Further, the vulnerability is addressed in the listed patches and hot fixes. We recommend customers promptly apply appropriate updates or upgrade if they have not already done so.
๐@cveNotify
ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the browsers of ServiceNow users who click on a specially crafted link.
ServiceNow has addressed this vulnerability by deploying a relevant security update to the majority of hosted instances. Relevant security updates also have been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configuration. Further, the vulnerability is addressed in the listed patches and hot fixes. We recommend customers promptly apply appropriate updates or upgrade if they have not already done so.
๐@cveNotify
Servicenow
CVE-2025-11449 & CVE-2025-11450 - Reflected Cross Site Scripting in ServiceNow AI Platform - Security - Now Support Portal
ServiceNow has addressed unauthenticated reflected cross-site scripting vulnerabilities that were identified in the ServiceNow AI Platform. These vulnerabilities, which are being tracked as CVE-2025-114549
๐จ CVE-2025-11450
ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the browsers of ServiceNow users who click on a specially crafted link.
ServiceNow has addressed this vulnerability by deploying a relevant security update to the majority of hosted instances. Relevant security updates also have been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configurations. Further, the vulnerability is addressed in the listed patches and hot fixes. We recommend customers promptly apply appropriate updates or upgrade if they have not already done so.
๐@cveNotify
ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the browsers of ServiceNow users who click on a specially crafted link.
ServiceNow has addressed this vulnerability by deploying a relevant security update to the majority of hosted instances. Relevant security updates also have been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configurations. Further, the vulnerability is addressed in the listed patches and hot fixes. We recommend customers promptly apply appropriate updates or upgrade if they have not already done so.
๐@cveNotify
Servicenow
CVE-2025-11449 & CVE-2025-11450 - Reflected Cross Site Scripting in ServiceNow AI Platform - Security - Now Support Portal
ServiceNow has addressed unauthenticated reflected cross-site scripting vulnerabilities that were identified in the ServiceNow AI Platform. These vulnerabilities, which are being tracked as CVE-2025-114549
๐จ CVE-2025-11569
All versions of the package cross-zip are vulnerable to Directory Traversal via consecutive usage of zipSync() and unzipSync () functions that allow arguments such as __dirname. An attacker can access system files by selectively doing zip/unzip operations.
๐@cveNotify
All versions of the package cross-zip are vulnerable to Directory Traversal via consecutive usage of zipSync() and unzipSync () functions that allow arguments such as __dirname. An attacker can access system files by selectively doing zip/unzip operations.
๐@cveNotify
Gist
Package cross-zip: Possible to access system files by selectively doing zip/unzip operations (path-traversal).
Package cross-zip: Possible to access system files by selectively doing zip/unzip operations (path-traversal). - cross-zip-4.0.0_readFile-traversal-poc.js
๐จ CVE-2025-11570
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting (XSS) due to insufficient filtering of data.**Note:**This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Pattern Lab.The package drupal-pattern-lab/unified-twig-extensions is unmaintained, the fix for this issue exists in version 1.1.1 of [drupal/unified_twig_ext](https://www.drupal.org/project/unified_twig_ext)
๐@cveNotify
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting (XSS) due to insufficient filtering of data.**Note:**This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Pattern Lab.The package drupal-pattern-lab/unified-twig-extensions is unmaintained, the fix for this issue exists in version 1.1.1 of [drupal/unified_twig_ext](https://www.drupal.org/project/unified_twig_ext)
๐@cveNotify
๐จ CVE-2025-61871
NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.
๐@cveNotify
NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.
๐@cveNotify
jvn.jp
JVN#69099112: BUFFALO NAS Navigator2 registers a Windows service with an unquoted file path
Japan Vulnerability Notes
๐จ CVE-2025-10124
The Booking Manager WordPress plugin before 2.1.15 registers a shortcode that deletes bookings and makes that shortcode available to anyone with contributor and above privileges. When a page containing the shortcode is visited, the bookings are deleted.
๐@cveNotify
The Booking Manager WordPress plugin before 2.1.15 registers a shortcode that deletes bookings and makes that shortcode available to anyone with contributor and above privileges. When a page containing the shortcode is visited, the bookings are deleted.
๐@cveNotify
WPScan
Booking Manager < 2.1.15 - Contributor+ Booking Deletion
See details on Booking Manager < 2.1.15 - Contributor+ Booking Deletion CVE 2025-10124. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2025-3511
Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY, MELSEC iQ-R Series CC-Link IE TSN Master/Local Module, MELSEC iQ-R Series Ethernet Interface Module, and CC-Link IE TSN Master/Local Station Communication LSI CP610 allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets.
A system reset of the product is required for recovery.
๐@cveNotify
Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY, MELSEC iQ-R Series CC-Link IE TSN Master/Local Module, MELSEC iQ-R Series Ethernet Interface Module, and CC-Link IE TSN Master/Local Station Communication LSI CP610 allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets.
A system reset of the product is required for recovery.
๐@cveNotify
jvn.jp
JVNVU#96620683: ไธ่ฑ้ปๆฉ่ฃฝFA่ฃฝๅใฎEthernetๆฉ่ฝใซใใใใตใผใใน้็จๅฆจๅฎณ๏ผDoS๏ผใฎ่ๅผฑๆง
Japan Vulnerability Notes
๐จ CVE-2025-21044
Out-of-bounds write in fingerprint trustlet prior to SMR Oct-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
๐@cveNotify
Out-of-bounds write in fingerprint trustlet prior to SMR Oct-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
๐@cveNotify
๐จ CVE-2025-21045
Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information.
๐@cveNotify
Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information.
๐@cveNotify
๐จ CVE-2025-21046
Improper access control in WindowManager in Samsung DeX prior to SMR Oct-2025 Release 1 allows physical attackers to temporarily access to recent app list.
๐@cveNotify
Improper access control in WindowManager in Samsung DeX prior to SMR Oct-2025 Release 1 allows physical attackers to temporarily access to recent app list.
๐@cveNotify
๐จ CVE-2025-21047
Improper access control in KnoxGuard prior to SMR Oct-2025 Release 1 allows physical attackers to use the privileged APIs.
๐@cveNotify
Improper access control in KnoxGuard prior to SMR Oct-2025 Release 1 allows physical attackers to use the privileged APIs.
๐@cveNotify
๐จ CVE-2025-21048
Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers to execute arbitrary code.
๐@cveNotify
Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers to execute arbitrary code.
๐@cveNotify