VulDB Recent Entries

A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file academic/core/drop_student.php. The manipulation of the argument img leads to path traversal. This vulnerability was named CVE-2025-4720. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Hitachi JP1 IT Desktop Management 2 on Windows. It has been classified as problematic. This affects an unknown part. The manipulation leads to use of web browser cache containing sensitive information. This vulnerability is uniquely identified as CVE-2025-27525. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/cash_transaction.php. The manipulation of the argument cid leads to sql injection. This vulnerability is handled as CVE-2025-4719. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pages/customer_add.php. The manipulation of the argument last leads to sql injection. This vulnerability is known as CVE-2025-4718. The attack can be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability, which was classified as critical, was found in PHPGurukul Company Visitor Management System 2.0. Affected is an unknown function of the file /visitors-form.php. The manipulation of the argument fullname leads to sql injection. This vulnerability is traded as CVE-2025-4717. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in Microsoft Windows. This issue affects some unknown processing of the component xrm-ms File Handler. The manipulation leads to xml injection. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in Hitachi JP1 IT Desktop Management 2 on Windows. This vulnerability affects unknown code. The manipulation leads to xml external entity reference. This vulnerability was named CVE-2025-27523. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Hitachi JP1 IT Desktop Management 2 on Windows. This affects an unknown part. The manipulation leads to inadequate encryption strength. This vulnerability is uniquely identified as CVE-2025-27524. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pages/credit_transaction_add.php. The manipulation of the argument prod_name leads to sql injection. This vulnerability is handled as CVE-2025-4716. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /pages/view_application.php. The manipulation of the argument cid leads to sql injection. This vulnerability is known as CVE-2025-4715. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been classified as critical. Affected is an unknown function of the file /pages/reprint.php. The manipulation of the argument sid leads to sql injection. This vulnerability is traded as CVE-2025-4714. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/print.php. The manipulation of the argument sid leads to sql injection. The identification of this vulnerability is CVE-2025-4713. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pages/account_summary.php. The manipulation of the argument cid leads to sql injection. This vulnerability was named CVE-2025-4712. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /pages/stockin_add.php. The manipulation of the argument prod_name leads to sql injection. This vulnerability is uniquely identified as CVE-2025-4711. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Campcodes Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /pages/transaction.php. The manipulation of the argument cid leads to sql injection. This vulnerability is handled as CVE-2025-4710. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Campcodes Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/transaction_del.php. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2025-4709. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Campcodes Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/sales_add.php. The manipulation of the argument discount leads to sql injection. This vulnerability is traded as CVE-2025-4708. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pages/transaction_add.php. The manipulation of the argument prod_name leads to sql injection. The identification of this vulnerability is CVE-2025-4707. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in projectworlds Online Examination System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /Procedure3b_yearwiseVisit.php. The manipulation of the argument Visit_year leads to sql injection. This vulnerability was named CVE-2025-4706. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been classified as critical. This affects an unknown part of the file /admin/view-incomingvehicle-detail.php. The manipulation of the argument viewid leads to sql injection. This vulnerability is uniquely identified as CVE-2025-4705. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.