Export limit exceeded: 364500 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364500 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364500 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-8434 2 Anisha, Code Projects 2 Online Movie Streaming, Online Movie Streaming 2025-08-05 7.3 High
A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as critical. Affected is an unknown function of the file /admin.php. The manipulation of the argument ID leads to missing authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8435 2 Anisha, Code-projects 2 Online Movie Streaming, Online Movie Streaming 2025-08-05 7.3 High
A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin-control.php. The manipulation of the argument ID leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8437 2 Anisha, Code-projects 2 Kitchen Treasure, Kitchen Treasure 2025-08-05 7.3 High
A vulnerability classified as critical has been found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8438 2 Anisha, Code-projects 2 Wazifa System, Wazifa System 2025-08-05 7.3 High
A vulnerability classified as critical was found in code-projects Wazifa System 1.0. This vulnerability affects unknown code of the file /controllers/postpublish.php. The manipulation of the argument post leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8439 2 Anisha, Code-projects 2 Wazifa System, Wazifa System 2025-08-05 7.3 High
A vulnerability, which was classified as critical, has been found in code-projects Wazifa System 1.0. This issue affects some unknown processing of the file /controllers/updatesettings.php. The manipulation of the argument Password leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8441 2 Anisha, Code-projects 2 Online Medicine Guide, Online Medicine Guide 2025-08-05 7.3 High
A vulnerability, which was classified as critical, was found in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /pharsignup.php. The manipulation of the argument phuname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8442 2 Anisha, Code-projects 2 Online Medicine Guide, Online Medicine Guide 2025-08-05 7.3 High
A vulnerability has been found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cussignup.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8443 2 Anisha, Code-projects 2 Online Medicine Guide, Online Medicine Guide 2025-08-05 7.3 High
A vulnerability was found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8494 2 Carmelo, Code-projects 2 Intern Membership Management System, Intern Membership Management System 2025-08-05 7.3 High
A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /admin/delete_student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-43438 1 Moodle 1 Moodle 2025-08-05 7.5 High
A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report.
CVE-2024-43436 1 Moodle 1 Moodle 2025-08-05 7.2 High
A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators.
CVE-2024-43426 1 Moodle 1 Moodle 2025-08-05 7.5 High
A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.
CVE-2025-8466 2 Anisha, Code-projects 2 Online Farm System, Online Farm System 2025-08-05 7.3 High
A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown function of the file /forgot_passfarmer.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8467 2 Anisha, Code-projects 2 Wazifa System, Wazifa System 2025-08-05 7.3 High
A vulnerability was found in code-projects Wazifa System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /controllers/regcontrol.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8468 2 Anisha, Code-projects 2 Wazifa System, Wazifa System 2025-08-05 7.3 High
A vulnerability was found in code-projects Wazifa System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /controllers/reset.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-53893 1 Filebrowser 1 Filebrowser 2025-08-05 6.5 Medium
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.38.0, a Denial of Service (DoS) vulnerability exists in the file processing logic when reading a file on endpoint `Filebrowser-Server-IP:PORT/files/{file-name}` . While the server correctly handles and stores uploaded files, it attempts to load the entire content into memory during read operations without size checks or resource limits. This allows an authenticated user to upload a large file and trigger uncontrolled memory consumption on read, potentially crashing the server and making it unresponsive. As of time of publication, no known patches are available.
CVE-2024-7730 2 Qemu, Redhat 3 Qemu, Advanced Virtualization, Enterprise Linux 2025-08-05 7.4 High
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtio_snd_pcm_in_cb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element is equal to virtio_snd_pcm_status, which makes the available space for audio data zero.
CVE-2025-53826 1 Filebrowser 1 Filebrowser 2025-08-05 9.8 Critical
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of publication, no known patches exist.
CVE-2025-8469 2 Fabian, Sourcecodester 2 Online Hotel Reservation System, Online Hotel Reservation System 2025-08-05 7.3 High
A vulnerability classified as critical has been found in SourceCodester Online Hotel Reservation System 1.0. This affects an unknown part of the file /admin/deletegallery.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-8470 2 Fabian, Sourcecodester 2 Online Hotel Reservation System, Online Hotel Reservation System 2025-08-05 7.3 High
A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /admin/deleteroom.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.