QilinSecuro
You must login to view this content
Aggregator
Submit #659479: sourcecodester Pet grooming management software 1.0 SQL Injection [Accepted]
8 months 3 weeks ago
Submit #659479 / VDB-326097
underatted
CVE-2025-11054 | itsourcecode Open Source Job Portal 1.0 index.php?view=edit ID sql injection (EUVD-2025-31419)
8 months 3 weeks ago
A vulnerability was found in itsourcecode Open Source Job Portal 1.0. It has been classified as critical. This impacts an unknown function of the file /jobportal/admin/category/index.php?view=edit. The manipulation of the argument ID leads to sql injection.
This vulnerability is listed as CVE-2025-11054. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com
Submit #659463: ProjectsAndPrograms school-management-system V1.0 SQL Injection [Accepted]
8 months 3 weeks ago
Submit #659463 / VDB-326096
gzhu_yingyi_lin
CVE-2025-11053 | PHPGurukul Small CRM 4.0 /forgot-password.php email sql injection (EUVD-2025-31417)
8 months 3 weeks ago
A vulnerability was found in PHPGurukul Small CRM 4.0 and classified as critical. This affects an unknown function of the file /forgot-password.php. Executing manipulation of the argument email can lead to sql injection.
This vulnerability is tracked as CVE-2025-11053. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com
CVE-2025-11052 | kidaze CourseSelectionSystem 1.0/5.php COUNT3s5.php csslc sql injection (EUVD-2025-31409)
8 months 3 weeks ago
A vulnerability has been found in kidaze CourseSelectionSystem 1.0/5.php and classified as critical. The impacted element is an unknown function of the file /Profilers/PriProfile/COUNT3s5.php. Performing manipulation of the argument csslc results in sql injection.
This vulnerability is identified as CVE-2025-11052. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com
Submit #659456: SourceCodester Online Hotel Reservation System V1.0 SQL injection [Accepted]
8 months 3 weeks ago
Submit #659456 / VDB-326095
diy777
CVE-2025-5069 | GitLab Community Edition/Enterprise Edition up to 18.2.6/18.3.2/18.4.0 incorrect ownership assignment (Nessus ID 265960 / WID-SEC-2025-2140)
8 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 18.2.6/18.3.2/18.4.0. The affected element is an unknown function. Such manipulation leads to incorrect ownership assignment.
This vulnerability is referenced as CVE-2025-5069. It is possible to launch the attack remotely. No exploit is available.
You should upgrade the affected component.
vuldb.com
CVE-2025-11042 | GitLab Community Edition/Enterprise Edition up to 18.2.6/18.3.2/18.4.0 allocation of resources (Nessus ID 265988)
8 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition up to 18.2.6/18.3.2/18.4.0. Impacted is an unknown function. This manipulation causes allocation of resources.
The identification of this vulnerability is CVE-2025-11042. It is possible to initiate the attack remotely. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2025-10868 | GitLab Community Edition/Enterprise Edition up to 18.2.6/18.3.2/18.4.0 logic error (Nessus ID 265961 / WID-SEC-2025-2140)
8 months 3 weeks ago
A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 18.2.6/18.3.2/18.4.0. This issue affects some unknown processing. The manipulation results in business logic errors.
This vulnerability was named CVE-2025-10868. The attack may be performed from remote. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
Submit #659442: SourceCodester Simple To-Do List System 0 Cross Site Scripting [Duplicate]
8 months 3 weeks ago
Submit #659442 / VDB-323087
Kamran Saifullah
CVE-2025-11051 | SourceCodester Pet Grooming Management Software 1.0 cross-site request forgery (EUVD-2025-31416)
8 months 3 weeks ago
A vulnerability classified as problematic has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery.
This vulnerability is uniquely identified as CVE-2025-11051. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com
Submit #659440: itsourcecode Open Source Job Portal V1.0 SQL Injection [Accepted]
8 months 3 weeks ago
Submit #659440 / VDB-326094
zhuyiwen
Submit #659439: phpgurukul Small CRM 4.0 SQL Injection [Accepted]
8 months 3 weeks ago
Submit #659439 / VDB-326093
underatted
CVE-2025-11050 | Portabilis i-Educar up to 2.10 /periodo-lancamento improper authorization (EUVD-2025-31404)
8 months 3 weeks ago
A vulnerability described as critical has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /periodo-lancamento. Executing manipulation can lead to improper authorization.
This vulnerability is handled as CVE-2025-11050. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
CVE-2025-11049 | Portabilis i-Educar up to 2.10 /unificacao-aluno improper authorization (EUVD-2025-31406)
8 months 3 weeks ago
A vulnerability marked as critical has been reported in Portabilis i-Educar up to 2.10. Affected by this issue is some unknown functionality of the file /unificacao-aluno. Performing manipulation results in improper authorization.
This vulnerability is known as CVE-2025-11049. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com
CVE-2025-11048 | Portabilis i-Educar up to 2.10 /consulta-dispensas improper authorization (EUVD-2025-31392)
8 months 3 weeks ago
A vulnerability labeled as critical has been found in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /consulta-dispensas. Such manipulation leads to improper authorization.
This vulnerability is traded as CVE-2025-11048. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-11047 | Portabilis i-Educar up to 2.10 /module/Api/aluno aluno_id improper authorization (EUVD-2025-31393)
8 months 3 weeks ago
A vulnerability identified as critical has been detected in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file /module/Api/aluno. This manipulation of the argument aluno_id causes improper authorization.
This vulnerability appears as CVE-2025-11047. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com
Submit #659370: GitHub CourseSelectionSystem V1.0 SQL Injection [Accepted]
8 months 3 weeks ago
Submit #659370 / VDB-326092
er1czz
Submit #659305: SourceCodester Pet Grooming Management Software 0 Cross-Site Request Forgery [Accepted]
8 months 3 weeks ago
Submit #659305 / VDB-326088
Kamran Saifullah