CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2025-5610 A vulnerability, which was classified as critical, has been found in CodeAstro Real Estate Management System 1.0. Affected by this issue is some unknown functionality of the file /submitpropertydelete... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5611 A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown part of the file /submitpropertyupdate.php. The manipulation of the... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5612 A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown code of the file /reporting.php. The manipulation of the ar... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5613 A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This issue affects some unknown processing of the file /request-details.php. The manipulation of th... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5614 A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. Affected is an unknown function of the file /search-report-result.php. The manipulation of... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5615 A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /details.php. The man... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5690 PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert ... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-5616 A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/profile.php. The manipu... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5617 A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part of the file /admin/manage-teams.php. The manipulation of the argument... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5618 A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. This vulnerability affects unknown code of the file /admin/edit-team.php. The manipulation of the argum... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5619 A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argume... | 8.8 | HIGH | — | 0 |
| CVE-2025-5620 A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05. Affected is the function setipsec_config of the file /goform/setipsec_config. The manipulation of the argument... | 7.3 | HIGH | — | 0 |
| CVE-2025-5621 A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this vulnerability is the function qosClassifier of the file /goform/qosClassifier. The manipulation ... | 7.3 | HIGH | — | 0 |
| CVE-2025-5622 A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli_5g of the file /goform/wirelessApcli_5g. The manipulation of the ... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-5623 A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This affects the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument d... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-49008 Atheos is a self-hosted browser-based cloud integrated development environment. Prior to version 6.0.4, improper use of `escapeshellcmd()` in `/components/codegit/traits/execute.php` allows argument i... | N/A | NONE | — | 0 |
| CVE-2025-5624 A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as critical. This vulnerability affects the function QoSPortSetup of the file /goform/QoSPortSetup. The manipulation of the ... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-5625 A vulnerability was found in Campcodes Online Teacher Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /search-teacher.php. The manip... | 7.3 | HIGH | — | 0 |
| CVE-2025-41365 Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability allows an attacker to store malicious payload in software that will run in the victim's browser. Exploit... | N/A | NONE | — | 0 |
| CVE-2025-5626 A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown function of the file /admin/edit-subjects-detail.php. The manipul... | 7.3 | HIGH | — | 0 |
| CVE-2025-5627 A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /sputum_form.php. The man... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5628 A vulnerability, which was classified as problematic, has been found in SourceCodester Food Menu Manager 1.0. Affected by this issue is some unknown functionality of the file /index.php of the compone... | 3.5 | LOW | — | 0 |
| CVE-2025-49466 aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path concatenation of the name of an attachment part, | 5.8 | MEDIUM | — | 0 |
| CVE-2025-5629 A vulnerability, which was classified as critical, was found in Tenda AC10 up to 15.03.06.47. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg of the component HTTP Han... | 8.8 | HIGH | — | 0 |
| CVE-2025-5630 A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. This vulnerability affects unknown code of the file /goform/form2lansetup.cgi. The manipulation of the argument i... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-5631 A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been classified as critical. Affected is an unknown function of the file /publicposts.php. ... | 7.3 | HIGH | — | 0 |
| CVE-2025-5632 A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of th... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5633 A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /a... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5635 A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component PLS Command Handler. The manipulation leads to buffer overflow. The... | 7.3 | HIGH | — | 0 |
| CVE-2025-5638 A vulnerability has been found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin-profile.php. The manipula... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-3054 The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload_files() function in all versions up to, and including, 4.1.3. Th... | 8.8 | HIGH | — | 0 |
| CVE-2025-3055 The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_avatar_ajax() function in all versions up to, and includin... | 8.1 | HIGH | — | 0 |
| CVE-2025-5639 A vulnerability was found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of t... | 7.3 | HIGH | — | 0 |
| CVE-2025-5640 A vulnerability was found in PX4-Autopilot 1.12.3. It has been classified as problematic. This affects the function MavlinkReceiver::handle_message_trajectory_representation_waypoints of the file mavl... | 3.3 | LOW | — | 0 |
| CVE-2025-5641 A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects the function r_cons_is_breaked in the library /libr/cons/cons.c of the component radiff2. The manipulat... | 2.5 | LOW | — | 0 |
| CVE-2025-5642 A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation leads to ... | 2.5 | LOW | — | 0 |
| CVE-2025-41366 In IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04, a configuration error has been detected in cross-origin resource sharing (CORS). Exploiting this vulnerability requires authenticating to the device and... | N/A | NONE | — | 0 |
| CVE-2025-5643 A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability is the function cons_stack_load in the library /libr/cons/cons.c of the component radiff2. The mani... | 2.5 | LOW | — | 0 |
| CVE-2025-5644 A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected by this issue is the function r_cons_flush in the library /libr/cons/cons.c of the component radiff2. Th... | 2.5 | LOW | — | 0 |
| CVE-2025-5645 A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation o... | 2.5 | LOW | — | 0 |
| CVE-2025-5646 A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability affects the function r_cons_rainbow_free in the library /libr/cons/pal.c of the component radiff2. The... | 2.5 | LOW | — | 0 |
| CVE-2025-5647 A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function r_cons_context_break_pop in the library /libr/cons/cons.c of the component radiff2. The manipu... | 2.5 | LOW | — | 0 |
| CVE-2025-5648 A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. The manipulation o... | 2.5 | LOW | — | 0 |
| CVE-2025-5649 A vulnerability classified as critical has been found in SourceCodester Student Result Management System 1.0. This affects an unknown part of the file /admin/core/new_user of the component Register In... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-4568 Improper neutralization of input provided by an unauthorized user into changes__reference_id parameter in URL allows for boolean-based Blind SQL Injection attacks. | N/A | NONE | — | 0 |
| CVE-2025-5650 A vulnerability classified as critical was found in 1000projects Online Notice Board 1.0. This vulnerability affects unknown code of the file /register.php. The manipulation of the argument fname lead... | 7.3 | HIGH | — | 0 |
| CVE-2025-5652 A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/between-date-complaintreport.php. The man... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5653 A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/between-date-user... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5654 A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-state.php. The manipula... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5655 A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of t... | 6.3 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.