Aggregator
Submit #561890: code-projects Patient Record Management System 1.0 SQL Injection [Accepted]
9 months 1 week ago
Submit #561890 / VDB-306810
zhuxun
Submit #561880: SourceCodester Patient Record Management System 1.0 SQL Injection [Accepted]
9 months 1 week ago
Submit #561880 / VDB-306809
zhuxun
Submit #561888: code-projects PATIENT_RECORD_MANAGEMENT_SYSTEM 1.0 SQL Injection [Duplicate]
9 months 1 week ago
Submit #561888 / VDB-303269
zhuxun
Microsoft Readies Administrator Protection Option for Windows 11
9 months 1 week ago
Microsoft's David Weston describes the new feature as the most significant architectural Windows security change in a generation.
Jeffrey Schwartz
Submit #561886: code-projects code-projects Patient Record Management System 1.0 SQL Injection [Duplicate]
9 months 1 week ago
Submit #561886 / VDB-303165
zhuxun
Submit #561876: itsourcecode Gym Management System V1.0 SQL Injection [Accepted]
9 months 1 week ago
Submit #561876 / VDB-306808
Submit #561872: PHPGurukul COVID19 Testing Management System V1.0 SQL Injection [Duplicate]
9 months 1 week ago
Submit #561872 / VDB-306341
FLYFISH567
Submit #561838: itsourcecode Restaurant Management System V1.0 SQL Injection [Accepted]
9 months 1 week ago
Submit #561838 / VDB-306807
Submit #561849: itsourcecode Restaurant Management System V1.0 SQL Injection [Accepted]
9 months 1 week ago
Submit #561849 / VDB-306806
Submit #561816: PHPGurukul Employee Record Management System V1.3 SQL Injection [Accepted]
9 months 1 week ago
Submit #561816 / VDB-306805
valli
CVE-2020-8887 | Telestream Tektronix Medius/Sentry up to 10.7.4 Server Login Page index.php page sql injection
9 months 1 week ago
A vulnerability, which was classified as critical, has been found in Telestream Tektronix Medius and Sentry up to 10.7.4. This issue affects some unknown processing of the file index.php of the component Server Login Page. The manipulation of the argument page as part of Parameter leads to sql injection.
The identification of this vulnerability is CVE-2020-8887. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-4163 | PHPGurukul Land Record System 1.0 /admin/aboutus.php pagetitle sql injection
9 months 1 week ago
A vulnerability, which was classified as critical, has been found in PHPGurukul Land Record System 1.0. This issue affects some unknown processing of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection.
The identification of this vulnerability is CVE-2025-4163. The attack may be initiated remotely. Furthermore, there is an exploit available.
Other parameters might be affected as well.
vuldb.com
CVE-2025-4164 | PHPGurukul Employee Record Management System 1.3 changepassword.php currentpassword sql injection
9 months 1 week ago
A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file changepassword.php. The manipulation of the argument currentpassword leads to sql injection.
This vulnerability is traded as CVE-2025-4164. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-3874 | Simple Shopping Cart Plugin up to 5.1.3 on WordPress resource injection
9 months 1 week ago
A vulnerability, which was classified as critical, has been found in Simple Shopping Cart Plugin up to 5.1.3 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to improper control of resource identifiers.
This vulnerability is handled as CVE-2025-3874. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-3889 | Simple Shopping Cart Plugin up to 5.1.3 on WordPress process_payment_data quantity resource injection
9 months 1 week ago
A vulnerability, which was classified as critical, was found in Simple Shopping Cart Plugin up to 5.1.3 on WordPress. This affects the function process_payment_data. The manipulation of the argument quantity leads to improper control of resource identifiers.
This vulnerability is uniquely identified as CVE-2025-3889. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-1529 | AM LottiePlayer up to 3.5.3 on WordPress cross site scripting
9 months 1 week ago
A vulnerability classified as problematic was found in AM LottiePlayer up to 3.5.3 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2025-1529. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-3890 | Simple Shopping Cart Plugin up to 5.1.3 on WordPress Shortcode wp_cart_button cross site scripting
9 months 1 week ago
A vulnerability has been found in Simple Shopping Cart Plugin up to 5.1.3 on WordPress and classified as problematic. Affected by this vulnerability is the function wp_cart_button of the component Shortcode Handler. The manipulation leads to cross site scripting.
This vulnerability is known as CVE-2025-3890. The attack can be launched remotely. There is no exploit available.
vuldb.com
Thirteen new MCP servers from Cloudflare you can use today
9 months 1 week ago
You can now connect to Cloudflare's first publicly available remote Model Context Protocol (MCP) servers from any MCP client that supports remote servers.
Nevi Shah
MCP Demo Day: How 10 leading AI companies built MCP servers on Cloudflare
9 months 1 week ago
We’re teaming up with Anthropic, Asana, Atlassian, Block, Intercom, Linear, PayPal, Sentry, Stripe, and Webflow to launch new remote MCP servers, built on Cloudflare, to enable Claude users to manage
Dina Kozlov