Aggregator

CVE-2025-11356 | Tenda AC23 up to 16.03.07.52 SetStaticRouteCfg sscanf list buffer overflow

VulDB Recent Entries
1 day 18 hours ago
A vulnerability was found in Tenda AC23 up to 16.03.07.52 and classified as critical. Affected by this issue is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. This vulnerability is known as CVE-2025-11356. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com

CVE-2025-11355 | UTT 1250GW up to v2v3.2.2-200710 /goform/aspChangeChannel strcpy pvid buffer overflow

VulDB Recent Entries
1 day 18 hours ago
A vulnerability has been found in UTT 1250GW up to v2v3.2.2-200710 and classified as critical. Affected by this vulnerability is the function strcpy of the file /goform/aspChangeChannel. The manipulation of the argument pvid leads to buffer overflow. This vulnerability is traded as CVE-2025-11355. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-11354 | code-projects Online Hotel Reservation System 1.0 /admin/addslideexec.php image unrestricted upload

VulDB Recent Entries
1 day 18 hours ago
A vulnerability, which was classified as critical, was found in code-projects Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/addslideexec.php. Executing manipulation of the argument image can lead to unrestricted upload. This vulnerability appears as CVE-2025-11354. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

CVE-2025-11353 | code-projects Online Hotel Reservation System 1.0 addgalleryexec.php image unrestricted upload

VulDB Recent Entries
1 day 18 hours ago
A vulnerability, which was classified as critical, has been found in code-projects Online Hotel Reservation System 1.0. This impacts an unknown function of the file /admin/addgalleryexec.php. Performing manipulation of the argument image results in unrestricted upload. This vulnerability is reported as CVE-2025-11353. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com

CVE-2025-11352 | code-projects Online Hotel Reservation System 1.0 /admin/addexec.php image unrestricted upload

VulDB Recent Entries
1 day 18 hours ago
A vulnerability classified as critical was found in code-projects Online Hotel Reservation System 1.0. This affects an unknown function of the file /admin/addexec.php. Such manipulation of the argument image leads to unrestricted upload. This vulnerability is documented as CVE-2025-11352. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com

CVE-2025-11351 | code-projects Online Hotel Reservation System 1.0 /admin/editpicexec.php image unrestricted upload

VulDB Recent Entries
1 day 18 hours ago
A vulnerability classified as critical has been found in code-projects Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/editpicexec.php. This manipulation of the argument image causes unrestricted upload. This vulnerability is registered as CVE-2025-11351. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com

CVE-2025-11350 | Campcodes Online Apartment Visitor Management System 1.0 bwdates-reports-details.php fromdate/todate sql injection

VulDB Recent Entries
1 day 18 hours ago
A vulnerability described as critical has been identified in Campcodes Online Apartment Visitor Management System 1.0. The affected element is an unknown function of the file /bwdates-reports-details.php. The manipulation of the argument fromdate/todate results in sql injection. This vulnerability is cataloged as CVE-2025-11350. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-11349 | Campcodes Online Apartment Visitor Management System 1.0 /search-visitor.php searchdata sql injection

VulDB Recent Entries
1 day 18 hours ago
A vulnerability marked as critical has been reported in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown function of the file /search-visitor.php. The manipulation of the argument searchdata leads to sql injection. This vulnerability is listed as CVE-2025-11349. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com

CVE-2025-11348 | Campcodes Online Apartment Visitor Management System 1.0 /index.php Username sql injection

VulDB Recent Entries
1 day 18 hours ago
A vulnerability labeled as critical has been found in Campcodes Online Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /index.php. Executing manipulation of the argument Username can lead to sql injection. This vulnerability is tracked as CVE-2025-11348. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com

CVE-2025-11347 | code-projects Student Crud Operation up to 3.3 Add Student Page/Edit Student Page add.php move_uploaded_file unrestricted upload

VulDB Recent Entries
1 day 18 hours ago
A vulnerability identified as critical has been detected in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function move_uploaded_file of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. This vulnerability is identified as CVE-2025-11347. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com

Managed ad