Low
CVE-2025-10946
A vulnerability was detected in nuz007 smsboom up to 01b2f35bbbc23f3e0f60f38ca0e3d1b286f8d674. The affected element is an unknown function of the file dy.php. Performing manipulation of the argument…
Tag: PHP
All CVEs associated with "PHP". Page 36/312 • 37332 CVEs.
Subscribe CVEs: RSS for “PHP” · RSS (High+Critical only)
About “PHP”
A curated feed of “PHP”-related CVEs appears below. We currently track 37332 CVEs for this tag (all time). In the last 365 days, 6068 were published. Average CVSS is 6.7 (all time; 6.9 over 365d), and 50% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion').
In our taxonomy this topic maps to a LOW impact class. Language runtimes and libraries cascade through dependency graphs. Upgrade runtime and toolchain, pin versions, rebuild images, and enable SAST or DAST and linters. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2025-09-25
Low
CVE-2025-10945
A security vulnerability has been detected in nuz007 smsboom up to 01b2f35bbbc23f3e0f60f38ca0e3d1b286f8d674. Impacted is an unknown function of the file d.php. Such manipulation of the argument hm le…
Low
CVE-2025-10944
A weakness has been identified in yi-ge get-header-ip up to 589b23d0eb0043c310a6a13ce4bbe2505d0d0b15. This issue affects the function ip of the file ip.php. This manipulation of the argument callback…
Low
CVE-2025-10943
A security flaw has been discovered in MikeCen WeChat-Face-Recognition up to 6e3f72bf8547d80b59e330f1137e4aa505f492c1. This vulnerability affects the function valid of the file wx.php. The manipulati…
2025-09-23
Medium
CVE-2025-45326
An issue in PocketVJ CP PocketVJ-CP-v3 pvj 3.9.1 allows remote attackers to execute arbitrary code via the submit_size.php component.
Medium
CVE-2025-29084
SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the execSqlFile function in the Upgrade.php file.
Medium
CVE-2025-29083
SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the execSqlFile function in the Plugin_Manager.php file.
High
CVE-2025-10857
A security flaw has been discovered in Campcodes Point of Sale System POS 1.0. Affected by this issue is some unknown functionality of the file /login.php. Performing manipulation of the argument Use…
High
CVE-2025-10851
A security flaw has been discovered in Campcodes Gym Management System 1.0. Impacted is an unknown function of the file /ajax.php?action=login. Performing manipulation of the argument Username result…
Medium
CVE-2025-10848
A vulnerability was identified in Campcodes Society Membership Information System 1.0. This issue affects some unknown processing of the file /check_student.php. Such manipulation of the argument stu…
High
CVE-2025-10843
A flaw has been found in Reservation Online Hotel Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file /reservation/paypalpayout.php. Executing manipulation…
High
CVE-2025-10842
A vulnerability was detected in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/wew.php. Performing manipulation of the argument ID results in sql…
High
CVE-2025-10841
A security vulnerability has been detected in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/weweee.php. Such manipulation of the argument ID lea…
Medium
CVE-2025-10840
A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown function of the file /admin/print-payment.php. This manipulation of the argument sql111…
Medium
CVE-2025-10839
A security flaw has been discovered in SourceCodester Pet Grooming Management Software 1.0. The impacted element is an unknown function of the file /admin/inv-print.php. The manipulation of the argum…
Low
CVE-2025-10837
A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /ordersimple/order.php. The manipul…
High
CVE-2025-10836
A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/print1.php. Executing manipulation of the argument ID can lea…
Medium
CVE-2025-10835
A security flaw has been discovered in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/view_payorder.php. Performing manipulation of the argum…
High
CVE-2025-10380
The Advanced Views – Display Posts, Custom Fields, and More plugin for WordPress is vulnerable to Server-Side Template Injection in all versions up to, and including, 3.7.19. This is due to insuffici…
High
CVE-2025-10834
A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. This affects an unknown function of the file /jobportal/admin/login.php. Such manipulation of the argument user_email leads…
High
CVE-2025-10833
A vulnerability was determined in 1000projects Bookstore Management System 1.0. The impacted element is an unknown function of the file /login.php. This manipulation of the argument unm causes sql in…
High
CVE-2025-10832
A vulnerability was found in SourceCodester Pet Grooming Management Software 1.0. The affected element is an unknown function of the file /admin/fetch_product_details.php. The manipulation of the arg…
High
CVE-2025-10831
A vulnerability has been found in Campcodes Computer Sales and Inventory System 1.0. Impacted is an unknown function of the file /pages/pro_edit1.php. The manipulation of the argument prodcode leads…
High
CVE-2025-10830
A flaw has been found in Campcodes Computer Sales and Inventory System 1.0. This issue affects some unknown processing of the file /pages/inv_edit1.php. Executing manipulation of the argument idd can…
High
CVE-2025-10829
A vulnerability was detected in Campcodes Computer Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /pages/sup_edit1.php. Performing manipulation of the argument ID…
Medium
CVE-2025-10828
A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/edit.php. Such manipulation of the argument ID leads…
Medium
CVE-2025-10827
A weakness has been identified in PHPJabbers Restaurant Menu Maker up to 1.1. Affected by this issue is some unknown functionality of the file /preview.php. This manipulation of the argument theme ca…
Medium
CVE-2025-10826
A security flaw has been discovered in Campcodes Online Beauty Parlor Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/sales-reports-detail.php. Th…
Medium
CVE-2025-10825
A vulnerability was identified in Campcodes Online Beauty Parlor Management System 1.0. Affected is an unknown function of the file /admin/view-appointment.php. The manipulation of the argument viewi…
2025-09-22
High
CVE-2025-10817
A weakness has been identified in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/admin_user.php. Executing manipulation of the argument fi…
High
CVE-2025-10813
A vulnerability was found in code-projects Hostel Management System 1.0. Affected is an unknown function of the file /justines/admin/mod_reports/index.php. The manipulation of the argument Home resul…
High
CVE-2025-10812
A vulnerability has been found in code-projects Hostel Management System 1.0. This impacts an unknown function of the file /justines/admin/mod_amenities/index.php?view=view. The manipulation of the a…
High
CVE-2025-59588
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PenciDesign Soledad soledad allows PHP Local File Inclusion.This issue affects…
High
CVE-2025-58973
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in hashthemes Easy Elementor Addons easy-elementor-addons allows PHP Local File I…
High
CVE-2025-57925
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in immonex immonex Kickstart Team immonex-kickstart-team allows PHP Local File In…
High
CVE-2025-53450
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Pluginwale Easy Pricing Table WP easy-pricing-table-wp allows PHP Local File I…
High
CVE-2025-10811
A flaw has been found in code-projects Hostel Management System 1.0. This affects an unknown function of the file /justines/admin/mod_comments/index.php?view=view. Executing manipulation of the argum…
High
CVE-2025-10810
A vulnerability was detected in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/edit_user.php. Performing manipulation of the argument…
High
CVE-2025-57439
Creacast Creabox Manager 4.4.4 contains a critical Remote Code Execution vulnerability accessible via the edit.php endpoint. An authenticated attacker can inject arbitrary Lua code into the configura…
Medium
CVE-2025-55885
SQL Injection vulnerability in Alpes Recherche et Developpement ARD GEC en Lign before v.2025-04-23 allows a remote attacker to escalate privileges via the GET parameters in index.php
High
CVE-2025-10809
A security vulnerability has been detected in Campcodes Online Learning Management System 1.0. The affected element is an unknown function of the file /admin/department.php. Such manipulation of the…
High
CVE-2025-10808
A weakness has been identified in Campcodes Farm Management System 1.0. Impacted is an unknown function of the file /uploadProduct.php. This manipulation of the argument Type causes sql injection. Re…
Medium
CVE-2025-10807
A security flaw has been discovered in Campcodes Online Beauty Parlor Management System 1.0. This issue affects some unknown processing of the file /admin/edit-customer-detailed.php. The manipulation…
Medium
CVE-2025-10806
A vulnerability was identified in Campcodes Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/bwdates-reports-details.php. The manipulation of the…
Medium
CVE-2025-57433
The 2wcom IP-4c 2.15.5 device's web interface includes an information disclosure vulnerability. By sending a crafted POST request to a specific endpoint (/cwi/ajax_request/get_data.php), an authentic…
Medium
CVE-2025-10805
A vulnerability was determined in Campcodes Online Beauty Parlor Management System 1.0. This affects an unknown part of the file /admin/add-services.php. Executing manipulation of the argument sernam…
Medium
CVE-2025-10804
A vulnerability was found in Campcodes Online Beauty Parlor Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/add-customer.php. Performing manipulation of…
High
CVE-2025-10802
A flaw has been found in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of the argument ID causes sql injection. It…
Medium
CVE-2025-56075
A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute…
Critical
CVE-2025-56074
A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execu…
High
CVE-2025-10801
A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown function of the file /admin/edit_tax.php. The manipulation of the argument I…
High
CVE-2025-10800
A weakness has been identified in itsourcecode Online Discussion Forum 1.0. The impacted element is an unknown function of the file /index.php. Executing manipulation of the argument email/password c…
High
CVE-2025-10799
A security flaw has been discovered in code-projects Hostel Management System 1.0. The affected element is an unknown function of the file /justines/admin/mod_reservation/index.php?view=view. Perform…
High
CVE-2025-10798
A vulnerability was identified in code-projects Hostel Management System 1.0. Impacted is an unknown function of the file /justines/admin/mod_roomtype/index.php?view=view. Such manipulation of the ar…
High
CVE-2025-10797
A vulnerability was determined in code-projects Hostel Management System 1.0. This issue affects some unknown processing of the file /justines/index.php. This manipulation of the argument log_email c…
High
CVE-2025-10796
A vulnerability was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /justines/admin/login.php. The manipulation of the argument email results…
High
CVE-2025-10795
A vulnerability has been found in code-projects Online Bidding System 1.0. This affects an unknown part of the file /administrator/bidupdate.php. The manipulation of the argument ID leads to sql inje…
Medium
CVE-2025-10794
A flaw has been found in PHPGurukul Car Rental Project 3.0. Affected by this issue is some unknown functionality of the file /carrental/search.php. Executing manipulation of the argument autofocus ca…
High
CVE-2025-10793
A vulnerability was detected in code-projects E-Commerce Website 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/admin_account_delete.php. Performing manipulation o…
High
CVE-2025-10009
Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja <= 5.11.72 allows attackers with admin credentials to execute arbitrary code on the server via uploaded .php file…
High
CVE-2025-10791
A weakness has been identified in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/index.php. This manipulation of the argument aduser causes sql i…
Medium
CVE-2025-10790
A security flaw has been discovered in SourceCodester Simple Forum Discussion System 1.0. This affects an unknown function of the file /ajax.php?action=save_category. The manipulation of the argument…
High
CVE-2025-10789
A vulnerability was identified in SourceCodester Online Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteslide.php. The manipulation of the argument ID lead…
High
CVE-2025-10788
A vulnerability was determined in SourceCodester Online Hotel Reservation System 1.0. The affected element is an unknown function of the file deleteroominventory.php. Executing manipulation of the ar…
High
CVE-2025-10786
A flaw has been found in Campcodes Grocery Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_user. This manipulation of the argument ID cause…
Medium
CVE-2025-9487
The Admin and Site Enhancements (ASE) WordPress plugin before 7.9.8 does not sanitise SVG files when uploaded via xmlrpc.php when such uploads are enabled, which could allow users to upload a malicio…
High
CVE-2025-10785
A vulnerability was detected in Campcodes Grocery Sales and Inventory System 1.0. This affects an unknown part of the file /manage_user.php. The manipulation of the argument ID results in sql injecti…
High
CVE-2025-10784
A security vulnerability has been detected in Campcodes Online Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edit_subject.php. The manipulati…
High
CVE-2025-10783
A weakness has been identified in Campcodes Online Learning Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add_subject.php. Executing manipulatio…
High
CVE-2025-10782
A security flaw has been discovered in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /admin/class.php. Performing manipulation of the argument class_nam…
High
CVE-2025-10781
A vulnerability was identified in Campcodes Online Learning Management System 1.0. This impacts an unknown function of the file /admin/edit_class.php. Such manipulation of the argument class_name lea…
Medium
CVE-2025-10780
A vulnerability was determined in CodeAstro Simple Pharmacy Management 1.0. This affects an unknown function of the file /view.php. This manipulation of the argument bar_code causes sql injection. Re…
Medium
CVE-2025-10774
A weakness has been identified in Ruijie 6000-E10 up to 2.4.3.6-20171117. This affects an unknown part of the file /view/vpn/autovpn/sub_commit.php. This manipulation of the argument key causes os co…
2025-09-21
Medium
CVE-2025-10762
A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the…
2025-09-20
Medium
CVE-2025-9887
The Custom Login And Signup Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation in…
2025-09-19
Medium
CVE-2025-56762
Paracrawl KeOPs v2 is vulnerable to Cross Site Scripting (XSS) in error.php.
Critical
CVE-2025-34205
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 (VA and SaaS deployments) contains dangerous PHP dead code present in multipl…
Critical
CVE-2025-34204
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) contains multiple Docker containers that run primary application processes (for example PHP worke…
Critical
CVE-2025-34203
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior to 20.0.2614 (VA and SaaS deployments) contain multiple Docker containers that i…
High
CVE-2025-34199
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1049 and Application versions prior to 20.0.2786 (VA and SaaS deployments) contain insecure defaults and code patter…
Medium
CVE-2025-55910
CMSEasy v7.7.8.0 and before is vulnerable to Arbitrary file deletion in database_admin.php.
High
CVE-2025-10712
A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This issue affects some unknown processing of the file /index.php/Login/login. Performing manipulation of the argument Us…
Medium
CVE-2025-10711
A vulnerability has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This vulnerability affects unknown code of the file /index.php/sysmanage/Login. Such manipulation of the argument Na…
Medium
CVE-2025-10710
A flaw has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This affects an unknown part of the file /index.php. This manipulation of the argument Name causes cross site scripting. The…
2025-09-18
High
CVE-2025-10688
A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file /admin/operation/paid.php. This manipulation of the argument…
High
CVE-2025-10687
A vulnerability was found in SourceCodester Responsive E-Learning System 1.0. This affects an unknown part of the file /admin/add_teacher.php. The manipulation of the argument Username results in sql…
High
CVE-2025-55912
An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photo_uploader.php to upload arbitrary files without any authentication, due to…
Medium
CVE-2025-55911
An issue Clip Bucket v.5.5.2 Build#90 allows a remote attacker to execute arbitrary codes via the file_downloader.php and the file parameter
High
CVE-2025-10673
A vulnerability was determined in itsourcecode Student Information Management System 1.0. The impacted element is an unknown function of the file /admin/modules/class/index.php. This manipulation of…
High
CVE-2025-10670
A flaw has been found in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This issue affects some unknown processing of the file /check_profile.php. Executing manipulation of th…
High
CVE-2025-10668
A security vulnerability has been detected in itsourcecode Online Discussion Forum 1.0. This affects an unknown part of the file /members/compose_msg_admin.php. Such manipulation of the argument ID l…
High
CVE-2025-10667
A weakness has been identified in itsourcecode Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /members/compose_msg.php. This manipulation of the argumen…
Medium
CVE-2025-10665
A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Affected is an unknown function of the file /Profilers/PProfile/COUNT3s3.php. The manipu…
High
CVE-2025-10664
A vulnerability was determined in PHPGurukul Small CRM 4.0. This impacts an unknown function of the file /create-ticket.php. Executing manipulation of the argument subject can lead to sql injection.…
High
CVE-2025-10663
A vulnerability was found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /my-profile.php. Performing manipulation of the argument cgpa results in sql injec…
Medium
CVE-2025-10662
A vulnerability has been found in SeaCMS up to 13.3. The impacted element is an unknown function of the file /admin_members.php?ac=editsave. Such manipulation of the argument ID leads to sql injectio…
Critical
CVE-2025-9083
The Ninja Forms WordPress plugin before 3.11.1 unserializes user input via form field, which could allow Unauthenticated users to perform PHP Object Injection when a suitable gadget is present on th…
Low
CVE-2025-10642
A vulnerability has been found in wangchenyi1996 chat_forum up to 80bdb92f5b460d36cab36e530a2c618acef5afd2. This impacts an unknown function of the file /q.php. Such manipulation of the argument path…
Low
CVE-2025-10632
A security flaw has been discovered in itsourcecode Online Petshop Management System 1.0. The affected element is an unknown function of the file availableframe.php of the component Admin Dashboard.…
Low
CVE-2025-10631
A vulnerability was identified in itsourcecode Online Petshop Management System 1.0. Impacted is an unknown function of the file addcnp.php of the component Available Products Page. The manipulation…
Medium
CVE-2025-10627
A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /admin/delete_user.php. Such manipulation of the argument ID leads to sql in…
Medium
CVE-2025-10626
A flaw has been found in SourceCodester Online Exam Form Submission 1.0. Affected by this issue is some unknown functionality of the file /admin/update_s3.php. This manipulation of the argument credi…
2025-09-17
Medium
CVE-2025-10625
A vulnerability was detected in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /user/dashboard.php?page=update_profile. The man…
High
CVE-2025-10624
A security flaw has been discovered in PHPGurukul User Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument emailid results in sql i…
High
CVE-2025-10623
A vulnerability was identified in SourceCodester Hotel Reservation System 1.0. The impacted element is an unknown function of the file deleteuser.php. Such manipulation of the argument ID leads to sq…
High
CVE-2025-10621
A vulnerability was determined in SourceCodester Hotel Reservation System 1.0. The affected element is an unknown function of the file editroomimage.php. This manipulation of the argument ID causes s…
Medium
CVE-2025-10620
A flaw has been found in itsourcecode Online Clinic Management System 1.0. This vulnerability affects unknown code of the file /editp2.php. Executing manipulation of the argument id/firstname/lastnam…
Medium
CVE-2025-10618
A security vulnerability has been detected in itsourcecode Online Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file transact.php. Such manipulation of the…
Medium
CVE-2025-10617
A weakness has been identified in SourceCodester Online Polling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/positions.php. This manipulation of the argum…
Medium
CVE-2025-10616
A security flaw has been discovered in itsourcecode E-Commerce Website 1.0. Affected is an unknown function of the file /admin/users.php. The manipulation results in unrestricted upload. The attack c…
Medium
CVE-2025-10615
A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can…
Medium
CVE-2025-10614
A vulnerability was determined in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0 on COVID. This affects an unknown function of the file /print_reports_prev.php. Executing manip…
Medium
CVE-2025-10613
A vulnerability has been found in itsourcecode Student Information System 1.0. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument level_id lead…
Medium
CVE-2025-10605
A security flaw has been discovered in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /agenda_preferencias.php. The manipulation of the argument tipoacao results…
High
CVE-2025-10604
A vulnerability was identified in PHPGurukul Online Discussion Forum 1.0. This affects an unknown part of the file /admin/edit_member.php. The manipulation of the argument ID leads to sql injection.…
High
CVE-2025-10603
A vulnerability was determined in PHPGurukul Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_forum/search_result.php. Executing manipulation…
Medium
CVE-2025-10602
A vulnerability was found in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/delete_s1.php. Performing manipulation of th…
High
CVE-2025-10601
A vulnerability has been found in SourceCodester Online Exam Form Submission 1.0. Affected is an unknown function of the file /admin/index.php. Such manipulation of the argument email leads to sql in…
High
CVE-2025-10600
A flaw has been found in SourceCodester Online Exam Form Submission 1.0. This impacts an unknown function of the file /register.php. This manipulation of the argument img causes unrestricted upload.…
High
CVE-2025-10599
A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation…