|
1771
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in dayrui XunRuiCMS 4.6.3. It has been classified as critical. Affected is the function import_add of the file dayrui/Fcms/Control/Admin/Linkage.php. The manipulation leads …
|
CWE-20
CWE-502
Improper Input Validation
Deserialization of Untrusted Data
|
CVE-2025-1177
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1772
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to h…
|
CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error')
Heap-based Buffer Overflow
|
CVE-2025-1176
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1773
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0. Affected by this issue is some unknown functionality of the file addtocart.php. The…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-1172
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1774
|
- |
|
-
|
-
|
A vulnerability classified as problematic was found in code-projects Real Estate Property Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /Admin/Customer…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-1171
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1775
|
- |
|
-
|
-
|
NetVision Information ISOinsight has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phish…
|
CWE-79
Cross-site Scripting
|
CVE-2025-1145
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1776
|
- |
|
-
|
-
|
School Affairs System from Quanxun has an Exposure of Sensitive Information, allowing unauthenticated attackers to view specific pages and obtain database information as well as plaintext administrat…
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2025-1144
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1777
|
- |
|
-
|
-
|
Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing attackers to log in through the SSH service using these credentials and obtain root privilege of th…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2025-1143
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1778
|
- |
|
-
|
-
|
A vulnerability classified as problematic has been found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /Admin/Category.php. The manipulation…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-1170
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1779
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability was found in SourceCodester Image Compressor Tool 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /image-compressor/compressor.php. The m…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-1169
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1780
|
- |
|
-
|
-
|
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-contact.php.…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-1168
|
2025-02-11 15:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
