{
"Source": "CVE FEED",
"Title": "CVE-2025-59800 - Ghostscript Heap-Based Buffer Overflow",
"Content": "CVE ID : CVE-2025-59800
Published : Sept. 22, 2025, 7:10 a.m. | 2 hours, 5 minutes ago
Description : In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-59800 - Ghostscript Heap-Based Buffer Overflow",
"Content": "CVE ID : CVE-2025-59800
Published : Sept. 22, 2025, 7:10 a.m. | 2 hours, 5 minutes ago
Description : In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocr_line8.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10788 - SourceCodester Online Hotel Reservation System SQL Injection",
"Content": "CVE ID : CVE-2025-10788
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : A vulnerability was determined in SourceCodester Online Hotel Reservation System 1.0. The affected element is an unknown function of the file deleteroominventory.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10788 - SourceCodester Online Hotel Reservation System SQL Injection",
"Content": "CVE ID : CVE-2025-10788
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : A vulnerability was determined in SourceCodester Online Hotel Reservation System 1.0. The affected element is an unknown function of the file deleteroominventory.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-9487 - WordPress ASE SVG Upload XSS",
"Content": "CVE ID : CVE-2025-9487
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : The Admin and Site Enhancements (ASE) WordPress plugin before 7.9.8 does not sanitise SVG files when uploaded via xmlrpc.php when such uploads are enabled, which could allow users to upload a malicious SVG containing XSS payloads
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-9487 - WordPress ASE SVG Upload XSS",
"Content": "CVE ID : CVE-2025-9487
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : The Admin and Site Enhancements (ASE) WordPress plugin before 7.9.8 does not sanitise SVG files when uploaded via xmlrpc.php when such uploads are enabled, which could allow users to upload a malicious SVG containing XSS payloads
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10787 - MuYuCMS SSRF Vulnerability",
"Content": "CVE ID : CVE-2025-10787
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : A vulnerability was found in MuYuCMS up to 2.7. Impacted is an unknown function of the file /index/index.html of the component Add Fiend Link Handler. Performing manipulation of the argument Link URL results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10787 - MuYuCMS SSRF Vulnerability",
"Content": "CVE ID : CVE-2025-10787
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : A vulnerability was found in MuYuCMS up to 2.7. Impacted is an unknown function of the file /index/index.html of the component Add Fiend Link Handler. Performing manipulation of the argument Link URL results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-9540 - WordPress Markup Markdown Stored Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-9540
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-9540 - WordPress Markup Markdown Stored Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-9540
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-9541 - WordPress Markup Markdown Stored Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-9541
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-9541 - WordPress Markup Markdown Stored Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-9541
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : The Markup Markdown WordPress plugin before 3.20.10 allows links to contain JavaScript which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10785 - Campcodes Grocery Sales and Inventory System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10785
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : A vulnerability was detected in Campcodes Grocery Sales and Inventory System 1.0. This affects an unknown part of the file /manage_user.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10785 - Campcodes Grocery Sales and Inventory System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10785
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : A vulnerability was detected in Campcodes Grocery Sales and Inventory System 1.0. This affects an unknown part of the file /manage_user.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-9115 - Etsy Shop WordPress Plugin Reflected Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-9115
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : The Etsy Shop WordPress plugin before 3.0.7 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-9115 - Etsy Shop WordPress Plugin Reflected Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-9115
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : The Etsy Shop WordPress plugin before 3.0.7 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10786 - Campcodes Grocery Sales and Inventory System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10786
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : A flaw has been found in Campcodes Grocery Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_user. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10786 - Campcodes Grocery Sales and Inventory System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10786
Published : Sept. 22, 2025, 9:13 a.m. | 2 hours, 5 minutes ago
Description : A flaw has been found in Campcodes Grocery Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_user. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10009 - Invoice Ninja File Upload Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-10009
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10009 - Invoice Ninja File Upload Code Execution Vulnerability",
"Content": "CVE ID : CVE-2025-10009
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10789 - SourceCodester Online Hotel Reservation System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10789
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteslide.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10789 - SourceCodester Online Hotel Reservation System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10789
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteslide.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-8079 - Akıllı Ticaret Smart Trade E-Commerce Reflected Cross-site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-8079
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akıllı Ticaret Software Technologies Ltd. Co. Smart Trade E-Commerce allows Reflected XSS.This issue affects Smart Trade E-Commerce: before 4.5.0.0.1.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-8079 - Akıllı Ticaret Smart Trade E-Commerce Reflected Cross-site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-8079
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akıllı Ticaret Software Technologies Ltd. Co. Smart Trade E-Commerce allows Reflected XSS.This issue affects Smart Trade E-Commerce: before 4.5.0.0.1.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10791 - Code-projects Online Bidding System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10791
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10791 - Code-projects Online Bidding System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10791
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-5962 - Lightspeed Chat History Service Unprivileged Access and Manipulation Vulnerability",
"Content": "CVE ID : CVE-2025-5962
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : A flaw was found in the Lightspeed history service. Insufficient access controls allow a local, unprivileged user to access and manipulate the chat history of another user on the same system. By abusing inter-process communication calls to the history service, an attacker can view, delete, or inject arbitrary history entries, including misleading or malicious commands. This can be used to deceive another user into executing harmful actions, posing a risk of privilege misuse or unauthorized command execution through social engineering.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-5962 - Lightspeed Chat History Service Unprivileged Access and Manipulation Vulnerability",
"Content": "CVE ID : CVE-2025-5962
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : A flaw was found in the Lightspeed history service. Insufficient access controls allow a local, unprivileged user to access and manipulate the chat history of another user on the same system. By abusing inter-process communication calls to the history service, an attacker can view, delete, or inject arbitrary history entries, including misleading or malicious commands. This can be used to deceive another user into executing harmful actions, posing a risk of privilege misuse or unauthorized command execution through social engineering.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-0875 - PROLIZ OBS Student Affairs Information System Authorization Bypass Through User-Controlled Key Parameter Injection",
"Content": "CVE ID : CVE-2025-0875
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : Authorization Bypass Through User-Controlled Key vulnerability in PROLIZ Computer Software Hardware Service Trade Ltd. Co. OBS (Student Affairs Information System) allows Parameter Injection.This issue affects OBS (Student Affairs Information System): before v26.0328.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-0875 - PROLIZ OBS Student Affairs Information System Authorization Bypass Through User-Controlled Key Parameter Injection",
"Content": "CVE ID : CVE-2025-0875
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : Authorization Bypass Through User-Controlled Key vulnerability in PROLIZ Computer Software Hardware Service Trade Ltd. Co. OBS (Student Affairs Information System) allows Parameter Injection.This issue affects OBS (Student Affairs Information System): before v26.0328.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-9035 - Horato Virtual Library Platform Reflected XSS",
"Content": "CVE ID : CVE-2025-9035
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Horato Internet Technologies Ind. And Trade Inc. Virtual Library Platform allows Reflected XSS.This issue affects Virtual Library Platform: before v202.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-9035 - Horato Virtual Library Platform Reflected XSS",
"Content": "CVE ID : CVE-2025-9035
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Horato Internet Technologies Ind. And Trade Inc. Virtual Library Platform allows Reflected XSS.This issue affects Virtual Library Platform: before v202.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10790 - SourceCodester Simple Forum Discussion System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10790
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : A security flaw has been discovered in SourceCodester Simple Forum Discussion System 1.0. This affects an unknown function of the file /ajax.php?action=save_category. The manipulation of the argument Description results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10790 - SourceCodester Simple Forum Discussion System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10790
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : A security flaw has been discovered in SourceCodester Simple Forum Discussion System 1.0. This affects an unknown function of the file /ajax.php?action=save_category. The manipulation of the argument Description results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10792 - D-Link DIR-513 Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-10792
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : A security vulnerability has been detected in D-Link DIR-513 A1FW110. Affected is an unknown function of the file /goform/formWPS. Such manipulation of the argument webpage leads to buffer overflow. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10792 - D-Link DIR-513 Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-10792
Published : Sept. 22, 2025, 11:08 a.m. | 2 hours, 12 minutes ago
Description : A security vulnerability has been detected in D-Link DIR-513 A1FW110. Affected is an unknown function of the file /goform/formWPS. Such manipulation of the argument webpage leads to buffer overflow. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10793 - "Code-Projects E-Commerce Website SQL Injection Vulnerability"",
"Content": "CVE ID : CVE-2025-10793
Published : Sept. 22, 2025, 1:08 p.m. | 2 hours, 20 minutes ago
Description : A vulnerability was detected in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/admin_account_delete.php. Performing manipulation of the argument user_id results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10793 - "Code-Projects E-Commerce Website SQL Injection Vulnerability"",
"Content": "CVE ID : CVE-2025-10793
Published : Sept. 22, 2025, 1:08 p.m. | 2 hours, 20 minutes ago
Description : A vulnerability was detected in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/admin_account_delete.php. Performing manipulation of the argument user_id results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-46711 - Adobe Photoshop NULL Pointer Dereference Vulnerability",
"Content": "CVE ID : CVE-2025-46711
Published : Sept. 22, 2025, 1:08 p.m. | 2 hours, 20 minutes ago
Description : Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger NULL pointer dereference kernel exceptions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-46711 - Adobe Photoshop NULL Pointer Dereference Vulnerability",
"Content": "CVE ID : CVE-2025-46711
Published : Sept. 22, 2025, 1:08 p.m. | 2 hours, 20 minutes ago
Description : Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger NULL pointer dereference kernel exceptions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-10796 - Code-projects Hostel Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10796
Published : Sept. 22, 2025, 1:08 p.m. | 2 hours, 20 minutes ago
Description : A vulnerability was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /justines/admin/login.php. The manipulation of the argument email results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-10796 - Code-projects Hostel Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-10796
Published : Sept. 22, 2025, 1:08 p.m. | 2 hours, 20 minutes ago
Description : A vulnerability was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /justines/admin/login.php. The manipulation of the argument email results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "22 Sep 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹