31,594 indexed
CVECVE vulnerabilities
31,594 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 2,701–2,750 of 8,314 in Critical · page 55 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-8967 | CVE-2025-8967 CVSS 9.8 | A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/pack… |
| CVE-2025-8966 | CVE-2025-8966 CVSS 9.8 | A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operation… |
| CVE-2025-8963 | CVE-2025-8963 CVSS 9.8 | A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is some unknown functionality of the file /drag/onlDragDataSource/te… |
| CVE-2025-8960 | CVE-2025-8960 CVSS 9.8 | A vulnerability has been found in Campcodes Online Flight Booking Management System 1.0. Affected by this issue is some unknown functionality of the file /admi… |
| CVE-2025-8957 | CVE-2025-8957 CVSS 9.8 | A vulnerability was determined in Campcodes Online Flight Booking Management System 1.0. Affected is an unknown function of the file /flights.php. The manipula… |
| CVE-2025-8955 | CVE-2025-8955 CVSS 9.8 | A vulnerability has been found in PHPGurukul Hospital Management System 4.0. This vulnerability affects unknown code of the file /admin/edit-doctor.php. The ma… |
| CVE-2025-8954 | CVE-2025-8954 CVSS 9.8 | A vulnerability was identified in PHPGurukul Hospital Management System 4.0. This affects an unknown part of the file /admin/doctor-specilization.php. The mani… |
| CVE-2025-8953 | CVE-2025-8953 CVSS 9.8 | A vulnerability was determined in SourceCodester COVID 19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /chec… |
| CVE-2025-8952 | CVE-2025-8952 CVSS 9.8 | A vulnerability was found in Campcodes Online Flight Booking Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /adm… |
| CVE-2025-8951 | CVE-2025-8951 CVSS 9.8 | A vulnerability has been found in PHPGurukul Teachers Record Management System 2.1. Affected is an unknown function of the file /admin/search.php. The manipula… |
| CVE-2025-8950 | CVE-2025-8950 CVSS 9.8 | A vulnerability was identified in Campcodes Online Recruitment Management System 1.0. This issue affects some unknown processing of the file /Recruitment/index… |
| CVE-2025-8949 | CVE-2025-8949 CVSS 9.8 | A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function get_ping_app_stat of the file ping_response.cgi of the co… |
| CVE-2025-8948 | CVE-2025-8948 CVSS 9.8 | A vulnerability was determined in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /front.php. The manipulation of the … |
| CVE-2025-8947 | CVE-2025-8947 CVSS 9.8 | A vulnerability was found in projectworlds Visitor Management System 1.0. This issue affects some unknown processing of the file /query_data.php. The manipulat… |
| CVE-2025-8946 | CVE-2025-8946 CVSS 9.8 | A vulnerability has been found in projectworlds Online Notes Sharing Platform 1.0. This vulnerability affects unknown code of the file /login.php. The manipula… |
| CVE-2025-8943 | CVE-2025-8943 CVSS 9.8 | The Custom MCPs feature is designed to execute OS commands, for instance, using tools like `npx` to spin up local MCP Servers. However, Flowise's inherent auth… |
| CVE-2025-8942 | CVE-2025-8942 CVSS 9.1 | The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server-side validation for review ratings, allowing an attacker to manipulate the rating value … |
| CVE-2025-8936 | CVE-2025-8936 CVSS 9.8 | A vulnerability was determined in 1000 Projects Sales Management System 1.0. Affected by this issue is some unknown functionality of the file /superstore/dist/… |
| CVE-2025-8935 | CVE-2025-8935 CVSS 9.8 | A vulnerability was found in 1000 Projects Sales Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /superstore/cust… |
| CVE-2025-8932 | CVE-2025-8932 CVSS 9.8 | A vulnerability was determined in 1000 Projects Sales Management System 1.0. This vulnerability affects unknown code of the file /superstore/admin/sales.php. T… |
| CVE-2025-8926 | CVE-2025-8926 CVSS 9.8 | A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /log… |
| CVE-2025-8925 | CVE-2025-8925 CVSS 9.8 | A vulnerability has been found in itsourcecode Sports Management System 1.0. Affected is an unknown function of the file /Admin/match.php. The manipulation of … |
| CVE-2025-8924 | CVE-2025-8924 CVSS 9.8 | A vulnerability was identified in Campcodes Online Water Billing System 1.0. This issue affects some unknown processing of the file /viewbill.php. The manipula… |
| CVE-2025-8923 | CVE-2025-8923 CVSS 9.8 | A vulnerability was determined in code-projects Job Diary 1.0. This vulnerability affects unknown code of the file /edit-details.php. The manipulation of the a… |
| CVE-2025-8922 | CVE-2025-8922 CVSS 9.8 | A vulnerability was found in code-projects Job Diary 1.0. This affects an unknown part of the file /admin-inbox.php. The manipulation of the argument ID leads … |
| CVE-2025-8921 | CVE-2025-8921 CVSS 9.8 | A vulnerability has been found in code-projects Job Diary 1.0. Affected by this issue is some unknown functionality of the file /user-apply.php. The manipulati… |
| CVE-2025-8913 | CVE-2025-8913 CVSS 9.8 | Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary cod… |
| CVE-2025-8908 | CVE-2025-8908 CVSS 9.8 | A vulnerability was determined in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4. Affected by this issue is some unknown functionality of … |
| CVE-2025-8900 | CVE-2025-8900 CVSS 9.8 | The Doccure Core plugin for WordPress is vulnerable to privilege escalation in versions up to, and excluding, 1.5.4. This is due to the plugin allowing users w… |
| CVE-2025-8898 | CVE-2025-8898 CVSS 9.8 | The Taxi Booking Manager for Woocommerce | E-cab plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and inc… |
| CVE-2025-8895 | CVE-2025-8895 CVSS 9.8 | The WP Webhooks plugin for WordPress is vulnerable to arbitrary file copy due to missing validation of user-supplied input in all versions up to, and including… |
| CVE-2025-8861 | CVE-2025-8861 CVSS 9.8 | TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents. |
| CVE-2025-8857 | CVE-2025-8857 CVSS 9.8 | Clinic Image System developed by Changing contains hard-coded Credentials, allowing unauthenticated remote attackers to log into the system using administrator… |
| CVE-2025-8854 | CVE-2025-8854 CVSS 9.8 | Stack-based buffer overflow in LoadOFF in bulletphysics bullet3 before 3.26 on all platforms allows remote attackers to execute arbitrary code via a crafted OF… |
| CVE-2025-8853 | CVE-2025-8853 CVSS 9.8 | Official Document Management System developed by 2100 Technology has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to obtai… |
| CVE-2025-8838 | CVE-2025-8838 CVSS 9.8 | A vulnerability has been found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. This vulnerability affects the function preHandle of the … |
| CVE-2025-8815 | CVE-2025-8815 CVSS 9.8 | A vulnerability was found in 猫宁i Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e. It has been classified as critical. Affected is an unknown function of… |
| CVE-2025-8811 | CVE-2025-8811 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality… |
| CVE-2025-8809 | CVE-2025-8809 CVSS 9.8 | A vulnerability classified as critical has been found in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /addelidetails.ph… |
| CVE-2025-8806 | CVE-2025-8806 CVSS 9.8 | A vulnerability was found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. It has been classified as critical. This affects an unknow… |
| CVE-2025-8795 | CVE-2025-8795 CVSS 9.9 | A vulnerability, which was classified as critical, was found in LitmusChaos Litmus up to 3.19.0. This affects an unknown part of the file /auth/login. The mani… |
| CVE-2025-8775 | CVE-2025-8775 CVSS 9.8 | A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of t… |
| CVE-2025-8773 | CVE-2025-8773 CVSS 9.8 | A vulnerability, which was classified as critical, was found in Dinstar Monitoring Platform 甘肃省危险品库监控平台 1.0. Affected is an unknown function of the file /itc/$… |
| CVE-2025-8769 | CVE-2025-8769 CVSS 9.8 | Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can i… |
| CVE-2025-8760 | CVE-2025-8760 CVSS 9.8 | A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function base64_decode of the component fcgi_server. The manipulation o… |
| CVE-2025-8752 | CVE-2025-8752 CVSS 9.8 | A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerabi… |
| CVE-2025-8731 | CVE-2025-8731 CVSS 9.8 | A vulnerability was identified in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. This affects an unknown part of the component SSH Service. The man… |
| CVE-2025-8730 | CVE-2025-8730 CVSS 9.8 | A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the… |
| CVE-2025-8729 | CVE-2025-8729 CVSS 9.1 | A vulnerability has been found in MigoXLab LMeterX 1.2.0 and classified as critical. Affected by this vulnerability is the function process_cert_files of the f… |
| CVE-2025-8723 | CVE-2025-8723 CVSS 9.8 | The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within it… |