High
CVE-2025-7122
A vulnerability was found in Campcodes Complaint Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the…
Tag: PHP
All CVEs associated with "PHP". Page 47/312 • 37334 CVEs.
Subscribe CVEs: RSS for “PHP” · RSS (High+Critical only)
About “PHP”
A curated feed of “PHP”-related CVEs appears below. We currently track 37334 CVEs for this tag (all time). In the last 365 days, 6066 were published. Average CVSS is 6.7 (all time; 6.9 over 365d), and 50% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion').
In our taxonomy this topic maps to a LOW impact class. Language runtimes and libraries cascade through dependency graphs. Upgrade runtime and toolchain, pin versions, rebuild images, and enable SAST or DAST and linters. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2025-07-07
Medium
CVE-2025-7121
A vulnerability was found in Campcodes Complaint Management System 1.0. It has been classified as critical. This affects an unknown part of the file /users/complaint-details.php. The manipulation of…
High
CVE-2025-7120
A vulnerability was found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /users/check_availability.php. The…
High
CVE-2025-7119
A vulnerability has been found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /users/index.php. The ma…
Low
CVE-2025-7112
A vulnerability was found in Portabilis i-Educar 2.9.0 and classified as problematic. This issue affects some unknown processing of the file /intranet/educar_funcao_det.php?cod_funcao=COD&ref_cod_ins…
Low
CVE-2025-7111
A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educar_curso_det.php?cod_curso=ID of the compo…
Low
CVE-2025-7110
A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9.0. This affects an unknown part of the file /intranet/educar_escola_lst.php of the component School Module.…
Low
CVE-2025-7109
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file /intranet/educar_aluno_beneficio_ls…
Medium
CVE-2025-7103
A vulnerability was found in BoyunCMS up to 1.4.20. It has been rated as critical. This issue affects some unknown processing of the file /application/pay/controller/Index.php of the component curl.…
Medium
CVE-2025-7102
A vulnerability was found in BoyunCMS up to 1.4.20. It has been declared as critical. This vulnerability affects unknown code of the file application/update/controller/Server.php. The manipulation of…
Medium
CVE-2025-7101
A vulnerability was found in BoyunCMS up to 1.4.20. It has been classified as critical. This affects an unknown part of the file /install/install_ok.php of the component Configuration File Handler. T…
Medium
CVE-2025-7100
A vulnerability was found in BoyunCMS up to 1.4.20 and classified as critical. Affected by this issue is some unknown functionality of the file /application/user/controller/Index.php. The manipulatio…
Medium
CVE-2025-7099
A vulnerability has been found in BoyunCMS up to 1.21 on PHP7 and classified as critical. Affected by this vulnerability is an unknown functionality of the file install/install2.php of the component…
2025-07-05
High
CVE-2025-47227
In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is suf…
2025-07-04
Critical
CVE-2025-48952
NetAlertX is a network, presence scanner, and alert framework. Prior to version 25.6.7, a vulnerability in the authentication logic allows users to bypass password verification using SHA-256 magic ha…
High
CVE-2025-53485
SetTranslationHandler.php does not validate that the user is an election admin, allowing any (even unauthenticated) user to change election-related translation text. While partially broken in newer M…
Critical
CVE-2025-53484
User-controlled inputs are improperly escaped in: * VotePage.php (poll option input) * ResultPage::getPagesTab() and getErrorsTab() (user-controllable page names) This allo…
High
CVE-2025-53483
ArchivePage.php, UnarchivePage.php, and VoterEligibilityPage#executeClear() do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malici…
High
CVE-2025-52807
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusWP Kossy - Minimalist eCommerce WordPress Theme kossy allows PHP Local Fil…
High
CVE-2025-52805
Path Traversal: '.../...//' vulnerability in VaultDweller Leyka leyka allows PHP Local File Inclusion.This issue affects Leyka: from n/a through <= 3.32.1.
High
CVE-2025-4414
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in cmsmasters CMSMasters Content Composer cmsmasters-content-composer allows PHP…
High
CVE-2025-49070
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Elessi elessi-theme allows PHP Local File Inclusion.This issue affec…
High
CVE-2025-47627
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LCweb PrivateContent - Mail Actions allows PHP Local File Inclusion. This issu…
Medium
CVE-2025-7060
A vulnerability was found in Monitorr up to 1.7.6m. It has been classified as problematic. This affects an unknown part of the file assets/config/_installation/mkdbajax.php of the component Installer…
2025-07-03
High
CVE-2025-34088
An authenticated remote code execution vulnerability exists in Pandora FMS version 7.0NG and earlier. The net_tools.php functionality allows authenticated users to execute arbitrary OS commands via t…
High
CVE-2025-34086
Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code execution. A user with valid credentials can inject arbitrary P…
Critical
CVE-2025-34061
A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to execute arbitrary PHP code on affected installations. The backdoor listens for base64-encoded PHP payloads…
Medium
CVE-2025-49618
In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php can reveal an AWS accessKeyId, secretAccessKey, region, and endpoint.
High
CVE-2025-2932
The JKDEVKIT plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'font_upload_handler' function in all versions up to, and including, 1.9.4.…
Medium
CVE-2025-40723
Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input, through the footer_te…
Medium
CVE-2025-40722
Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input, through the replace p…
2025-07-02
High
CVE-2025-4946
The Vikinger theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the vikinger_delete_activity_media_ajax() function in all versions up to, and inc…
Critical
CVE-2024-13786
The education theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.10 via deserialization of untrusted input in the 'themerex_callback_view_more_posts'…
High
CVE-2025-6464
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.44.2 via deserialization of…
High
CVE-2025-6463
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'entry_delete_upl…
High
CVE-2025-6459
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.89. This is due to missing or…
Critical
CVE-2025-5746
The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dnd_upload_cf7_upload_chunks() funct…
High
CVE-2025-5014
The Home Villas | Real Estate WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'wp_rem_cs_widget_file_delete' function in a…
Critical
CVE-2025-4689
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion which leads to Remote Code Execution in all versions up to, and including,…
High
CVE-2025-4380
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.89 via the 'bsa_template' parameter…
Medium
CVE-2025-5692
The Lead Form Data Collection to CRM plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the ~/includes/LB_admin_ajax.php file in all v…
2025-07-01
High
CVE-2025-34081
The Contec Co.,Ltd. CONPROSYS HMI System (CHS) exposes a PHP phpinfo() debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI Syst…
Medium
CVE-2025-34080
The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on inter…
High
CVE-2025-6963
A vulnerability has been found in Campcodes Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /myprofile.php. The manipulation of the argu…
High
CVE-2025-6962
A vulnerability, which was classified as critical, was found in Campcodes Employee Management System 1.0. This affects an unknown part of the file /myprofileup.php. The manipulation of the argument I…
High
CVE-2025-6961
A vulnerability, which was classified as critical, has been found in Campcodes Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /mark.php. The manipula…
High
CVE-2025-6960
A vulnerability classified as critical was found in Campcodes Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /empproject.php. The manipulation…
High
CVE-2025-6959
A vulnerability classified as critical has been found in Campcodes Employee Management System 1.0. Affected is an unknown function of the file /eloginwel.php. The manipulation of the argument ID lead…
High
CVE-2025-6958
A vulnerability was found in Campcodes Employee Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /edit.php. The manipulation of the argumen…
High
CVE-2025-6957
A vulnerability was found in Campcodes Employee Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /process/eprocess.php. The manipulation of…
Critical
CVE-2025-34060
A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum software due to unsafe handling of untrusted input in the /get/image/ endpoint. The application passes a use…
High
CVE-2025-34059
An SQL injection vulnerability exists in the Dahua Smart Cloud Gateway Registration Management Platform via the username parameter in the /index.php/User/doLogin endpoint. The application fails to pr…
High
CVE-2025-34058
Hikvision Streaming Media Management Server v2.3.5 uses default credentials that allow remote attackers to authenticate and access restricted functionality. After authenticating with these credential…
High
CVE-2025-6956
A vulnerability was found in Campcodes Employee Management System 1.0. It has been classified as critical. This affects an unknown part of the file /changepassemp.php. The manipulation of the argumen…
High
CVE-2025-6955
A vulnerability was found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /process/aprocess.php. The manipulat…
High
CVE-2025-6954
A vulnerability has been found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /applyleave.php. The mani…
High
CVE-2025-6938
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editcus.php. The manipulation of th…
High
CVE-2025-6937
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /large.php. The manipulation of the…
High
CVE-2025-6936
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /addpro.php. The manipulation of the argument…
High
CVE-2025-6935
A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/payment_add.php. The manipula…
2025-06-30
Medium
CVE-2025-6930
A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/manage-foreigners-ticket.php. The manipulation of the…
Medium
CVE-2025-6929
A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some unknown processing of the file /admin/view-normal-ticket.php. The manipulatio…
High
CVE-2025-6917
A vulnerability has been found in code-projects Online Hotel Booking 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/registration.php. The manipulation of t…
Medium
CVE-2025-6915
A vulnerability, which was classified as critical, has been found in PHPGurukul Student Record System 3.2. Affected by this issue is some unknown functionality of the file /register.php. The manipula…
Medium
CVE-2025-6914
A vulnerability classified as critical was found in PHPGurukul Student Record System 3.2. Affected by this vulnerability is an unknown functionality of the file /edit-student.php. The manipulation of…
Medium
CVE-2025-6913
A vulnerability classified as critical has been found in PHPGurukul Student Record System 3.2. Affected is an unknown function of the file /admin-profile.php. The manipulation of the argument aemaili…
Medium
CVE-2025-6912
A vulnerability was found in PHPGurukul Student Record System 3.2. It has been rated as critical. This issue affects some unknown processing of the file /manage-students.php. The manipulation of the…
Medium
CVE-2025-6911
A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown code of the file /manage-subjects.php. The manipulation of the…
Medium
CVE-2025-6910
A vulnerability was found in PHPGurukul Student Record System 3.2. It has been classified as critical. This affects an unknown part of the file /session.php. The manipulation of the argument session…
Medium
CVE-2025-6909
A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-scdetails…
Medium
CVE-2025-6908
A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/edit-services.php. The manipulation o…
High
CVE-2025-6907
A vulnerability classified as critical was found in code-projects Car Rental System 1.0. This vulnerability affects unknown code of the file /book_car.php. The manipulation of the argument fname lead…
High
CVE-2025-6906
A vulnerability classified as critical has been found in code-projects Car Rental System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument uname leads to sql…
High
CVE-2025-6905
A vulnerability, which was classified as critical, has been found in code-projects Car Rental System 1.0. This issue affects some unknown processing of the file /signup.php. The manipulation of the a…
High
CVE-2025-6904
A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation…
High
CVE-2025-6903
A vulnerability was found in code-projects Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The mani…
High
CVE-2025-6902
A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /php_action/editUser.php. The manipulation…
High
CVE-2025-6901
A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/removeUser.php. The manipulat…
Medium
CVE-2025-6900
A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-book.php. The manipulation of the argument imag…
Medium
CVE-2025-40734
Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the password and c…
Medium
CVE-2025-40733
Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the username param…
High
CVE-2025-40732
user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php
Critical
CVE-2025-40731
SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /updat…
High
CVE-2025-6891
A vulnerability classified as critical has been found in code-projects Inventory Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the…
Medium
CVE-2025-6890
A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ticketConfirmation.php. The manipulation…
High
CVE-2025-6889
A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /logIn.php. The manipulation of the argume…
High
CVE-2025-6888
A vulnerability was found in PHPGurukul Teachers Record Management System 2.1. It has been classified as critical. This affects an unknown part of the file /admin/changeimage.php. The manipulation of…
High
CVE-2025-6885
A vulnerability, which was classified as critical, was found in PHPGurukul Teachers Record Management System 2.1. Affected is an unknown function of the file /admin/edit-teacher-detail.php. The manip…
Medium
CVE-2025-6884
A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /search_index.php. The manipulation o…
Medium
CVE-2025-6883
A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /update_index.php. The manipulation of the argument updat…
Medium
CVE-2025-6880
A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-tax.php. The manipulation of the argu…
Medium
CVE-2025-6879
A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add-tax.php. The manipulatio…
Medium
CVE-2025-6878
A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/search-appointment.php. The…
Medium
CVE-2025-6877
A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/edit-category.php. The manipulation o…
2025-06-29
Medium
CVE-2025-6876
A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/add-category.php. The…
Medium
CVE-2025-6875
A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscr…
Medium
CVE-2025-6874
A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/add_subscribe.php. The manipulation…
Medium
CVE-2025-6873
A vulnerability, which was classified as critical, has been found in SourceCodester Simple Company Website 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save. The m…
Medium
CVE-2025-6872
A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=update_settings. The m…
High
CVE-2025-6871
A vulnerability classified as critical has been found in SourceCodester Simple Company Website 1.0. This affects an unknown part of the file /classes/Login.php. The manipulation of the argument Usern…
Medium
CVE-2025-6870
A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Content.php?f=service.…
Medium
CVE-2025-6869
A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/testimonials/ma…
Medium
CVE-2025-6868
A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/clients/manage.php. The manipulation of…
Medium
CVE-2025-6867
A vulnerability was found in SourceCodester Simple Company Website 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/services/manage.php. The manipulation…
Medium
CVE-2025-6866
A vulnerability has been found in code-projects Simple Forum 1.0 and classified as critical. This vulnerability affects unknown code of the file /forum_downloadfile.php. The manipulation of the argum…
Medium
CVE-2025-6865
A vulnerability, which was classified as problematic, was found in DaiCuo up to 1.3.13. This affects an unknown part of the file /admin.php/addon/index. The manipulation leads to cross-site request f…
Medium
CVE-2025-6864
A vulnerability, which was classified as problematic, has been found in SeaCMS up to 13.2. Affected by this issue is some unknown functionality of the file /admin_type.php. The manipulation leads to…
High
CVE-2025-6863
A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/edit-c…
Medium
CVE-2025-6862
A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit_plan.php. The manipulation of the arg…
Medium
CVE-2025-6861
A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add_plan.php. The manipulati…
Medium
CVE-2025-6860
A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/staff_commision.php. The man…
Medium
CVE-2025-6859
A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/pro_sale.php. The manipulation of the…
Medium
CVE-2025-6850
A vulnerability has been found in code-projects Simple Forum 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /forum1.php. The manipulation of th…
Low
CVE-2025-6849
A vulnerability, which was classified as problematic, was found in code-projects Simple Forum 1.0. Affected is an unknown function of the file /forum_edit1.php. The manipulation of the argument text…
Medium
CVE-2025-6848
A vulnerability, which was classified as critical, has been found in code-projects Simple Forum 1.0. This issue affects some unknown processing of the file /forum1.php. The manipulation of the argume…
Medium
CVE-2025-6847
A vulnerability classified as critical was found in code-projects Simple Forum 1.0. This vulnerability affects unknown code of the file /forum_edit.php. The manipulation of the argument iii leads to…
High
CVE-2025-6846
A vulnerability classified as critical has been found in code-projects Simple Forum 1.0. This affects an unknown part of the file /forum_viewfile.php. The manipulation of the argument Name leads to s…
High
CVE-2025-6845
A vulnerability was found in code-projects Simple Forum 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /register1.php. The manipulation of the ar…
High
CVE-2025-6844
A vulnerability was found in code-projects Simple Forum 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /signin.php. The manipulation of…
High
CVE-2025-6843
A vulnerability was found in code-projects Simple Photo Gallery 1.0. It has been classified as critical. Affected is an unknown function of the file /upload-photo.php. The manipulation of the argumen…