Development

CVE ID : CVE-2025-5756

Published : June 6, 2025, 10:15 a.m. | 1 hour, 34 minutes ago

Description : A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Admin/EditCity.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5757

Published : June 6, 2025, 11:15 a.m. | 34 minutes ago

Description : A vulnerability was found in code-projects Traffic Offense Reporting System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /save-reported.php. The manipulation of the argument offence_id/vehicle_no/driver_license/name/address/gender/officer_reporting/offence leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5759

Published : June 6, 2025, 11:15 a.m. | 34 minutes ago

Description : A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. This vulnerability affects unknown code of the file /admin/edit-person-detail.php?editid=2. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5758

Published : June 6, 2025, 11:15 a.m. | 34 minutes ago

Description : A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. This affects an unknown part of the file /doctor.php. The manipulation of the argument doctorname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48905

Published : June 6, 2025, 7:15 a.m. | 3 hours, 29 minutes ago

Description : Wasm exception capture vulnerability in the arkweb v8 module
Impact: Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5734

Published : June 6, 2025, 8:15 a.m. | 2 hours, 29 minutes ago

Description : A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5735

Published : June 6, 2025, 8:15 a.m. | 1 hour, 55 minutes ago

Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5732

Published : June 6, 2025, 8:15 a.m. | 1 hour, 55 minutes ago

Description : A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-3321

Published : June 6, 2025, 8:15 a.m. | 1 hour, 55 minutes ago

Description : A predefined administrative account is not documented and cannot
be deactivated. This account cannot be misused from the network, only by local
users on the server.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5736

Published : June 6, 2025, 8:15 a.m. | 2 hours, 29 minutes ago

Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formNtp of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5737

Published : June 6, 2025, 9:15 a.m. | 1 hour, 29 minutes ago

Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5738

Published : June 6, 2025, 9:15 a.m. | 1 hour, 29 minutes ago

Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-3365

Published : June 6, 2025, 9:15 a.m. | 55 minutes ago

Description : A missing protection against path traversal allows to access
any file on the server.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-3322

Published : June 6, 2025, 9:15 a.m. | 55 minutes ago

Description : An improper neutralization of inputs used in expression
language allows remote code execution with the highest privileges on the
server.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5739

Published : June 6, 2025, 9:15 a.m. | 55 minutes ago

Description : A vulnerability classified as critical has been found in TOTOLINK X15 1.0.0-B20230714.1105. This affects an unknown part of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48906

Published : June 6, 2025, 7:15 a.m. | 33 minutes ago

Description : Authentication bypass vulnerability in the DSoftBus module
Impact: Successful exploitation of this vulnerability may affect availability.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48907

Published : June 6, 2025, 7:15 a.m. | 33 minutes ago

Description : Deserialization vulnerability in the IPC module
Impact: Successful exploitation of this vulnerability may affect availability.

Severity: 6.2 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48908

Published : June 6, 2025, 7:15 a.m. | 33 minutes ago

Description : Ability Auto Startup service vulnerability in the foundation process
Impact: Successful exploitation of this vulnerability may affect availability.

Severity: 6.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48909

Published : June 6, 2025, 7:15 a.m. | 33 minutes ago

Description : Bypass vulnerability in the device management channel
Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-48910

Published : June 6, 2025, 7:15 a.m. | 33 minutes ago

Description : Buffer overflow vulnerability in the DFile module
Impact: Successful exploitation of this vulnerability may affect availability.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…