33,897 indexed
CVECVE vulnerabilities
33,897 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 8,001–8,050 of 8,314 in Critical · page 161 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-11032 | CVE-2025-11032 CVSS 9.8 | A flaw has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This issue affects some unknown processing of the file /P… |
| CVE-2025-11024 | CVE-2025-11024 CVSS 9.8 | Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce… |
| CVE-2025-11023 | CVE-2025-11023 CVSS 9.8 | Inclusion of Functionality from Untrusted Control Sphere, Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion… |
| CVE-2025-11022 | CVE-2025-11022 CVSS 9.6 | Cross-Site Request Forgery (CSRF) vulnerability in Personal Project Panilux allows Cross Site Request Forgery. This CSRF vulnerability resulting in Command… |
| CVE-2025-11008 | CVE-2025-11008 CVSS 9.8 | The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it… |
| CVE-2025-11007 | CVE-2025-11007 CVSS 9.8 | The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the wp_ajax_nopriv_ce21_single_si… |
| CVE-2025-11005 | CVE-2025-11005 CVSS 9.8 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.This is… |
| CVE-2025-1100 | CVE-2025-1100 CVSS 9.8 | A CWE-259 "Use of Hard-coded Password" for the root account in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to… |
| CVE-2025-10970 | CVE-2025-10970 CVSS 9.8 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kolay Software Inc. Talentics allows Blind SQL Injection.… |
| CVE-2025-10969 | CVE-2025-10969 CVSS 9.8farktor | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Pack… |
| CVE-2025-1093 | CVE-2025-1093 CVSS 9.8 | The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the generate_image function in all versions up to,… |
| CVE-2025-10916 | CVE-2025-10916 CVSS 9.1 | The FormGent WordPress plugin before 1.0.4 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unaut… |
| CVE-2025-10915 | CVE-2025-10915 CVSS 9.8 | The Dreamer Blog WordPress theme through 1.2 is vulnerable to arbitrary installations due to a missing capability check. |
| CVE-2025-10894 | CVE-2025-10894 CVSS 9.6 | Malicious code was inserted into the Nx (build system) package and several related plugins. The tampered package was published to the npm software registry, vi… |
| CVE-2025-10890 | CVE-2025-10890 CVSS 9.1 | Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (C… |
| CVE-2025-10878 | CVE-2025-10878 CVSS 10.0 | A SQL injection vulnerability exists in the login functionality of Fikir Odalari AdminPando 1.0.1 before 2026-01-26. The username and password parameters are v… |
| CVE-2025-10857 | CVE-2025-10857 CVSS 9.8 | A security flaw has been discovered in Campcodes Point of Sale System POS 1.0. Affected by this issue is some unknown functionality of the file /login.php. Per… |
| CVE-2025-10851 | CVE-2025-10851 CVSS 9.8 | A security flaw has been discovered in Campcodes Gym Management System 1.0. Impacted is an unknown function of the file /ajax.php?action=login. Performing mani… |
| CVE-2025-10850 | CVE-2025-10850 CVSS 9.8 | The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up to, and including, 1.1.4. This is due to the hardcoded passwor… |
| CVE-2025-10843 | CVE-2025-10843 CVSS 9.8 | A flaw has been found in Reservation Online Hotel Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file /reservation/p… |
| CVE-2025-10842 | CVE-2025-10842 CVSS 9.8 | A vulnerability was detected in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/wew.php. Performing manipul… |
| CVE-2025-10841 | CVE-2025-10841 CVSS 9.8 | A security vulnerability has been detected in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/weweee.php. … |
| CVE-2025-10836 | CVE-2025-10836 CVSS 9.8 | A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/print1.php. Executing… |
| CVE-2025-10834 | CVE-2025-10834 CVSS 9.8 | A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. This affects an unknown function of the file /jobportal/admin/login.php. Such manipu… |
| CVE-2025-10833 | CVE-2025-10833 CVSS 9.8 | A vulnerability was determined in 1000projects Bookstore Management System 1.0. The impacted element is an unknown function of the file /login.php. This manipu… |
| CVE-2025-10832 | CVE-2025-10832 CVSS 9.8 | A vulnerability was found in SourceCodester Pet Grooming Management Software 1.0. The affected element is an unknown function of the file /admin/fetch_product_… |
| CVE-2025-10831 | CVE-2025-10831 CVSS 9.8 | A vulnerability has been found in Campcodes Computer Sales and Inventory System 1.0. Impacted is an unknown function of the file /pages/pro_edit1.php. The mani… |
| CVE-2025-10830 | CVE-2025-10830 CVSS 9.8 | A flaw has been found in Campcodes Computer Sales and Inventory System 1.0. This issue affects some unknown processing of the file /pages/inv_edit1.php. Execut… |
| CVE-2025-10829 | CVE-2025-10829 CVSS 9.8 | A vulnerability was detected in Campcodes Computer Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /pages/sup_edit1.php. Pe… |
| CVE-2025-10817 | CVE-2025-10817 CVSS 9.8 | A weakness has been identified in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/admin_user.php. E… |
| CVE-2025-10816 | CVE-2025-10816 CVSS 9.8 | A security flaw has been discovered in Jinher OA 2.0. This affects an unknown part of the file /c6/Jhsoft.Web.module/ToolBar/GetWordFileName.aspx/?text=GetUrl&… |
| CVE-2025-10813 | CVE-2025-10813 CVSS 9.8 | A vulnerability was found in code-projects Hostel Management System 1.0. Affected is an unknown function of the file /justines/admin/mod_reports/index.php. The… |
| CVE-2025-10812 | CVE-2025-10812 CVSS 9.8 | A vulnerability has been found in code-projects Hostel Management System 1.0. This impacts an unknown function of the file /justines/admin/mod_amenities/index.… |
| CVE-2025-10811 | CVE-2025-10811 CVSS 9.8 | A flaw has been found in code-projects Hostel Management System 1.0. This affects an unknown function of the file /justines/admin/mod_comments/index.php?view=v… |
| CVE-2025-10810 | CVE-2025-10810 CVSS 9.8 | A vulnerability was detected in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/edit_user.php. … |
| CVE-2025-10809 | CVE-2025-10809 CVSS 9.8 | A security vulnerability has been detected in Campcodes Online Learning Management System 1.0. The affected element is an unknown function of the file /admin/d… |
| CVE-2025-10808 | CVE-2025-10808 CVSS 9.8 | A weakness has been identified in Campcodes Farm Management System 1.0. Impacted is an unknown function of the file /uploadProduct.php. This manipulation of th… |
| CVE-2025-10802 | CVE-2025-10802 CVSS 9.8 | A flaw has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of t… |
| CVE-2025-10801 | CVE-2025-10801 CVSS 9.8 | A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown function of the file /admin/edit_tax… |
| CVE-2025-10800 | CVE-2025-10800 CVSS 9.8 | A weakness has been identified in itsourcecode Online Discussion Forum 1.0. The impacted element is an unknown function of the file /index.php. Executing manip… |
| CVE-2025-10799 | CVE-2025-10799 CVSS 9.8 | A security flaw has been discovered in code-projects Hostel Management System 1.0. The affected element is an unknown function of the file /justines/admin/mod_… |
| CVE-2025-10798 | CVE-2025-10798 CVSS 9.8 | A vulnerability was identified in code-projects Hostel Management System 1.0. Impacted is an unknown function of the file /justines/admin/mod_roomtype/index.ph… |
| CVE-2025-10797 | CVE-2025-10797 CVSS 9.8 | A vulnerability was determined in code-projects Hostel Management System 1.0. This issue affects some unknown processing of the file /justines/index.php. This … |
| CVE-2025-10796 | CVE-2025-10796 CVSS 9.8 | A vulnerability was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /justines/admin/login.php. The man… |
| CVE-2025-10795 | CVE-2025-10795 CVSS 9.8 | A vulnerability has been found in code-projects Online Bidding System 1.0. This affects an unknown part of the file /administrator/bidupdate.php. The manipulat… |
| CVE-2025-10793 | CVE-2025-10793 CVSS 9.8 | A vulnerability was detected in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/admin_accou… |
| CVE-2025-10791 | CVE-2025-10791 CVSS 9.8 | A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipula… |
| CVE-2025-10789 | CVE-2025-10789 CVSS 9.8 | A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteslide.php. … |
| CVE-2025-10788 | CVE-2025-10788 CVSS 9.8 | A vulnerability was determined in SourceCodester Online Hotel Reservation System 1.0. The affected element is an unknown function of the file deleteroominvento… |
| CVE-2025-10786 | CVE-2025-10786 CVSS 9.8 | A flaw has been found in Campcodes Grocery Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_user. Th… |