Submit #598588: code-projects SIMPLE ONLINE HOTEL RESERVATION SYSTEM V1.0 SQL Injection [Accepted]
Submit #598588 / VDB-313557
Aggregator
Submit #598587: code-projects SIMPLE ONLINE HOTEL RESERVATION SYSTEM V1.0 SQL injection [Accepted]
9 months 3 weeks ago
Submit #598587 / VDB-313556
zzb1
Submit #598586: code-projects SIMPLE ONLINE HOTEL RESERVATION SYSTEM V1.0 SQL injection [Accepted]
9 months 3 weeks ago
Submit #598586 / VDB-313555
zzb1
Submit #598581: Source Code & Projects Simple Online Hotel Reservation System V1.0 SQL Injection [Accepted]
9 months 3 weeks ago
Submit #598581 / VDB-313554
Jww0KA
CVE-2025-5143 | TableOn Plugin up to 1.0.4.1 on WordPress Shortcode tableon_popup_iframe_button cross site scripting (EUVD-2025-18806)
9 months 3 weeks ago
A vulnerability classified as problematic was found in TableOn Plugin up to 1.0.4.1 on WordPress. This vulnerability affects the function tableon_popup_iframe_button of the component Shortcode Handler. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2025-5143. The attack can be initiated remotely. There is no exploit available.
vuldb.com
Submit #598584: code-projects SIMPLE ONLINE HOTEL RESERVATION SYSTEM V1.0 SQL Injection [Duplicate]
9 months 3 weeks ago
Submit #598584 / VDB-313415
yang_yang_yang
CVE-2025-46158 | redoxOS Kernel setitimer denial of service (Issue 164)
9 months 3 weeks ago
A vulnerability classified as problematic has been found in redoxOS Kernel. This affects the function setitimer. The manipulation leads to denial of service.
This vulnerability is uniquely identified as CVE-2025-46158. An attack has to be approached locally. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2025-45890 | xxyopen/201206030 novel-plus up to 5.0.x filePath path traversal
9 months 3 weeks ago
A vulnerability was found in xxyopen/201206030 novel-plus up to 5.0.x. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation of the argument filePath leads to path traversal.
This vulnerability is handled as CVE-2025-45890. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-34021 | Selea Targa IP OCR-ANPR Camera up to CPS 4.013(201105) ipnotify_address/url server-side request forgery (ZSL-2021-5617 / EUVD-2025-18779)
9 months 3 weeks ago
A vulnerability was found in Selea Targa IP OCR-ANPR Camera. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument ipnotify_address/url leads to server-side request forgery.
This vulnerability is known as CVE-2025-34021. The attack can be launched remotely. There is no exploit available.
vuldb.com
Judge overturns Biden-era HHS rule on HIPAA protections for those seeking reproductive care
9 months 3 weeks ago
A federal judge ruled against a Biden administration privacy rule intended to address worries that patients visiting abortion clinics could have their records seized by law enforcement even if their procedure was legal in the state where it took place.
CVE-2024-4994 | GitLab Community Edition/Enterprise Edition up to 16.11.4/17.0.2/17.1.0 GraphQL API cross-site request forgery
9 months 3 weeks ago
A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 16.11.4/17.0.2/17.1.0. It has been classified as problematic. Affected is an unknown function of the component GraphQL API. The manipulation leads to cross-site request forgery.
This vulnerability is traded as CVE-2024-4994. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-52484 | risc0 RISC Zero up to 2.0.x data authenticity (GHSA-g3qg-6746-3mg9)
9 months 3 weeks ago
A vulnerability was found in risc0 RISC Zero up to 2.0.x and classified as problematic. This issue affects some unknown processing. The manipulation leads to insufficient verification of data authenticity.
The identification of this vulnerability is CVE-2025-52484. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-2443 | GitLab Enterprise Edition up to 17.9.6/17.10.4/17.11.0 Content Security Policy cross site scripting (Issue 525363 / Nessus ID 240213)
9 months 3 weeks ago
A vulnerability has been found in GitLab Enterprise Edition up to 17.9.6/17.10.4/17.11.0 and classified as problematic. This vulnerability affects unknown code of the component Content Security Policy Handler. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2025-2443. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-49132 | pterodactyl panel up to 1.11.10 /locales/locale.json locale/namespace code injection (GHSA-24wv-6c99-f843)
9 months 3 weeks ago
A vulnerability, which was classified as critical, was found in pterodactyl panel up to 1.11.10. This affects an unknown part of the file /locales/locale.json. The manipulation of the argument locale/namespace leads to code injection.
This vulnerability is uniquely identified as CVE-2025-49132. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Submit #598499: Source Code & Projects Client Details System V1.0 SQL Injection [Accepted]
9 months 3 weeks ago
Submit #598499 / VDB-313553
Jww0KA
Alleged Data Breach of Unidentified Secret Underground Military Depot Mount Chaâbanbi
9 months 3 weeks ago
Alleged Data Breach of Unidentified Secret Underground Military Depot Mount Chaâbanbi
Dark Web Informer - Cyber Threat Intelligence
CVE-2025-34024 | Edimax EW-7438RPn Mini up to 1.13 mp.asp command os command injection (EUVD-2025-18776)
9 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Edimax EW-7438RPn Mini up to 1.13. Affected by this issue is some unknown functionality of the file mp.asp. The manipulation of the argument command leads to os command injection.
This vulnerability is handled as CVE-2025-34024. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-34023 | Karel IP Phone IP1211 Web Management Panel /cgi-bin/cgiServer.exx page path traversal (EUVD-2025-18777)
9 months 3 weeks ago
A vulnerability classified as critical was found in Karel IP Phone IP1211. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cgiServer.exx of the component Web Management Panel. The manipulation of the argument page leads to path traversal.
This vulnerability is known as CVE-2025-34023. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-4025 | GitLab Community Edition/Enterprise Edition up to 16.11.4/17.0.2/17.1.0 redos
9 months 3 weeks ago
A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition up to 16.11.4/17.0.2/17.1.0. Affected is an unknown function. The manipulation leads to inefficient regular expression complexity.
This vulnerability is traded as CVE-2024-4025. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-5121 | GitLab Community Edition/Enterprise Edition up to 17.11.3/18.0.1 authorization (Issue 545429 / Nessus ID 240212)
9 months 3 weeks ago
A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 17.11.3/18.0.1. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to missing authorization.
The identification of this vulnerability is CVE-2025-5121. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com