Aggregator

CVE-2025-9835 | macrozheng mall up to 1.0.3 /order/cancelUserOrder cancelOrder orderId authorization

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability classified as problematic has been found in macrozheng mall up to 1.0.3. This affects the function cancelOrder of the file /order/cancelUserOrder. The manipulation of the argument orderId leads to authorization bypass. This vulnerability is documented as CVE-2025-9835. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com

CVE-2025-9834 | PHPGurukul Small CRM 4.0 /registration.php Username cross site scripting

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability described as problematic has been identified in PHPGurukul Small CRM 4.0. Affected by this issue is some unknown functionality of the file /registration.php. Executing manipulation of the argument Username can lead to cross site scripting. This vulnerability is registered as CVE-2025-9834. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com

CVE-2025-9833 | SourceCodester Online Farm Management System 1.0 /Login/login.php uname sql injection

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability marked as critical has been reported in SourceCodester Online Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/login.php. Performing manipulation of the argument uname results in sql injection. This vulnerability is cataloged as CVE-2025-9833. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-9832 | SourceCodester Food Ordering Management System 1.0 register-router.php phone sql injection

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability labeled as critical has been found in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the file /routers/register-router.php. Such manipulation of the argument phone leads to sql injection. This vulnerability is listed as CVE-2025-9832. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

CVE-2025-9831 | PHPGurukul Beauty Parlour Management System 1.1 /admin/edit-services.php sername sql injection

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability identified as critical has been detected in PHPGurukul Beauty Parlour Management System 1.1. This impacts an unknown function of the file /admin/edit-services.php. This manipulation of the argument sername causes sql injection. This vulnerability is tracked as CVE-2025-9831. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com

Managed ad