33,897 indexed
CVECVE vulnerabilities
33,897 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 7,601–7,650 of 8,314 in Critical · page 153 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-13297 | CVE-2025-13297 CVSS 9.8 | A security vulnerability has been detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. The impacted element is an unknown function of … |
| CVE-2025-13291 | CVE-2025-13291 CVSS 9.8 | A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirm_order.php. Performing a m… |
| CVE-2025-13285 | CVE-2025-13285 CVSS 9.8 | A vulnerability was identified in itsourcecode Online Voting System 1.0. The affected element is an unknown function of the file /login.php. Such manipulation … |
| CVE-2025-13284 | CVE-2025-13284 CVSS 9.8 | ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute… |
| CVE-2025-13280 | CVE-2025-13280 CVSS 9.8 | A vulnerability was determined in CodeAstro Simple Inventory System 1.0. The impacted element is an unknown function of the file /index.php of the component Lo… |
| CVE-2025-13277 | CVE-2025-13277 CVSS 9.8 | A flaw has been found in code-projects Nero Social Networking Site 1.0. This issue affects some unknown processing of the file /friendsphoto.php. This manipula… |
| CVE-2025-13272 | CVE-2025-13272 CVSS 9.8 | A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Affected is an unknown function of the file /manage_course.php. Such man… |
| CVE-2025-13271 | CVE-2025-13271 CVSS 9.8 | A vulnerability was determined in Campcodes School Fees Payment Management System 1.0. This impacts an unknown function of the file /ajax.php?action=login. Thi… |
| CVE-2025-13267 | CVE-2025-13267 CVSS 9.8 | A vulnerability was detected in SourceCodester Dental Clinic Appointment Reservation System 1.0. Impacted is an unknown function of the file /success.php. Perf… |
| CVE-2025-13265 | CVE-2025-13265 CVSS 9.1 | A weakness has been identified in lsfusion platform up to 6.1. This vulnerability affects the function unpackFile of the file server/src/main/java/lsfusion/ser… |
| CVE-2025-13262 | CVE-2025-13262 CVSS 9.8 | A vulnerability was determined in lsfusion platform up to 6.1. Affected by this vulnerability is the function UploadFileRequestHandler of the file platform/web… |
| CVE-2025-13257 | CVE-2025-13257 CVSS 9.8 | A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /admin/user… |
| CVE-2025-13248 | CVE-2025-13248 CVSS 9.8 | A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. The impacted element is an unknown function of the file /ph… |
| CVE-2025-13247 | CVE-2025-13247 CVSS 9.8 | A security flaw has been discovered in PHPGurukul Tourism Management System 1.0. The affected element is an unknown function of the file /admin/user-bookings.p… |
| CVE-2025-13242 | CVE-2025-13242 CVSS 9.8 | A vulnerability has been found in code-projects Student Information System 2.0. This issue affects some unknown processing of the file /register.php. The manip… |
| CVE-2025-13241 | CVE-2025-13241 CVSS 9.8 | A flaw has been found in code-projects Student Information System 2.0. This vulnerability affects unknown code of the file /index.php. Executing manipulation o… |
| CVE-2025-13240 | CVE-2025-13240 CVSS 9.8 | A vulnerability was detected in code-projects Student Information System 2.0. This affects an unknown part of the file /searchquery.php. Performing manipulatio… |
| CVE-2025-13237 | CVE-2025-13237 CVSS 9.8 | A security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. The manipul… |
| CVE-2025-13236 | CVE-2025-13236 CVSS 9.8 | A vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php?view=edi… |
| CVE-2025-13235 | CVE-2025-13235 CVSS 9.8 | A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipu… |
| CVE-2025-13234 | CVE-2025-13234 CVSS 9.8 | A vulnerability was found in itsourcecode Inventory Management System 1.0. The impacted element is an unknown function of the file /index.php?q=product. Perfor… |
| CVE-2025-13233 | CVE-2025-13233 CVSS 9.8 | A vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=single-ite… |
| CVE-2025-1323 | CVE-2025-1323 CVSS 9.8 | The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to SQL Injection via the 'databeat' parameter in all versions up to, … |
| CVE-2025-13210 | CVE-2025-13210 CVSS 9.8 | A security vulnerability has been detected in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.… |
| CVE-2025-13203 | CVE-2025-13203 CVSS 9.8 | A weakness has been identified in code-projects Simple Cafe Ordering System 1.0. This vulnerability affects unknown code of the file /addmem.php. Executing man… |
| CVE-2025-13201 | CVE-2025-13201 CVSS 9.8 | A vulnerability was identified in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /login.php. S… |
| CVE-2025-13191 | CVE-2025-13191 CVSS 9.8 | A vulnerability was determined in D-Link DIR-816L 2_06_b09_beta. This issue affects the function soapcgi_main of the file /soap.cgi. This manipulation causes s… |
| CVE-2025-13189 | CVE-2025-13189 CVSS 9.8 | A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument … |
| CVE-2025-13188 | CVE-2025-13188 CVSS 9.8 | A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /authenticatio… |
| CVE-2025-13184 | CVE-2025-13184 CVSS 9.8 | Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root login with a blank password on factory/reset X5000R V9.1.0u.636… |
| CVE-2025-13170 | CVE-2025-13170 CVSS 9.8 | A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/edit_ac… |
| CVE-2025-13169 | CVE-2025-13169 CVSS 9.8 | A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /ad… |
| CVE-2025-13168 | CVE-2025-13168 CVSS 9.8 | A weakness has been identified in ury-erp ury up to 0.2.0. This affects the function overrided_past_order_list of the file ury/ury/api/pos_extend.py. This mani… |
| CVE-2025-1316 | Edimax IC-7100 IP Camera OS Command Injection Vulnerability KEVCVSS 9.8Edimax | Edimax IC-7100 IP camera contains an OS command injection vulnerability due to improper input sanitization that allows an attacker to achieve remote code execu… |
| CVE-2025-1315 | CVE-2025-1315 CVSS 9.8 | The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 3.5.1. This is due to the p… |
| CVE-2025-13123 | CVE-2025-13123 CVSS 9.8 | A flaw has been found in AMTT Hotel Broadband Operation System 1.0. The impacted element is an unknown function of the file /user/portal/get_firstdate.php. Exe… |
| CVE-2025-13122 | CVE-2025-13122 CVSS 9.8 | A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of… |
| CVE-2025-13076 | CVE-2025-13076 CVSS 9.8 | A flaw has been found in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/usersetting.php. Executing man… |
| CVE-2025-13075 | CVE-2025-13075 CVSS 9.8 | A vulnerability was detected in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/usersettingdel.php. Performing mani… |
| CVE-2025-1307 | CVE-2025-1307 CVSS 9.8 | The Newscrunch theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check in the newscrunch_install_and_activate_plugin() fu… |
| CVE-2025-13060 | CVE-2025-13060 CVSS 9.8 | A security vulnerability has been detected in SourceCodester Survey Application System 1.0. This affects an unknown function of the file /view_survey.php. Such… |
| CVE-2025-13059 | CVE-2025-13059 CVSS 9.8 | A weakness has been identified in SourceCodester Alumni Management System 1.0. The impacted element is an unknown function of the file /manage_career.php. This… |
| CVE-2025-13057 | CVE-2025-13057 CVSS 9.8 | A vulnerability was identified in Campcodes School Fees Payment Management System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_studen… |
| CVE-2025-13030 | CVE-2025-13030 CVSS 9.8 | All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload… |
| CVE-2025-13026 | CVE-2025-13026 CVSS 9.8 | Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. |
| CVE-2025-13024 | CVE-2025-13024 CVSS 9.8 | JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. |
| CVE-2025-13023 | CVE-2025-13023 CVSS 9.8 | Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. |
| CVE-2025-13022 | CVE-2025-13022 CVSS 9.8 | Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. |
| CVE-2025-13021 | CVE-2025-13021 CVSS 9.8 | Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. |
| CVE-2025-1302 | CVE-2025-1302 CVSS 9.8 | Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute a… |