|
701
|
- |
|
-
|
-
|
School Affairs System from Quanxun has an Exposure of Sensitive Information, allowing unauthenticated attackers to view specific pages and obtain database information as well as plaintext administrat…
New
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2025-1144
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
702
|
- |
|
-
|
-
|
Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing attackers to log in through the SSH service using these credentials and obtain root privilege of th…
New
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2025-1143
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
703
|
- |
|
-
|
-
|
A vulnerability classified as problematic has been found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /Admin/Category.php. The manipulation…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-1170
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
704
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability was found in SourceCodester Image Compressor Tool 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /image-compressor/compressor.php. The m…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-1169
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
705
|
- |
|
-
|
-
|
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-contact.php.…
New
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-1168
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
706
|
- |
|
-
|
-
|
A vulnerability was found in Mayuri K Employee Management System up to 192.168.70.3 and classified as critical. Affected by this issue is some unknown functionality of the file /hr_soft/admin/Update_…
New
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-1167
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
707
|
- |
|
-
|
-
|
A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file endpoint/update.php. The mani…
New
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-1166
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
708
|
- |
|
-
|
-
|
SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any…
New
|
CWE-22
Path Traversal
|
CVE-2025-25243
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
709
|
- |
|
-
|
-
|
Due to a missing authorization check, an attacker who is logged in to application can view/ delete ?My Overtime Requests? which could allow the attacker to access employee information. This leads to …
New
|
CWE-862
Missing Authorization
|
CVE-2025-25241
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
710
|
- |
|
-
|
-
|
The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting ma…
New
|
CWE-601
Open Redirect
|
CVE-2025-24876
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
