CVE ID : CVE-2025-6361
Published : June 20, 2025, 8:15 p.m. | 2 hours, 14 minutes ago
Description : A vulnerability classified as critical was found in code-projects Simple Pizza Ordering System 1.0. This vulnerability affects unknown code of the file /adds.php. The manipulation of the argument userid leads to sql injection. The attack can be initiated remotely.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6363
Published : June 20, 2025, 8:15 p.m. | 2 hours, 14 minutes ago
Description : A vulnerability, which was classified as critical, was found in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /adding-exec.php. The manipulation of the argument ingname leads to sql injection. It is possible to launch the attack remotely.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6367
Published : June 20, 2025, 9:15 p.m. | 1 hour, 29 minutes ago
Description : A vulnerability was found in D-Link DIR-619L 2.06B01. It has been declared as critical. This vulnerability affects unknown code of the file /goform/formSetDomainFilter. The manipulation of the argument curTime/sched_name_%d/url_%d leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6364
Published : June 20, 2025, 9:15 p.m. | 1 hour, 15 minutes ago
Description : A vulnerability has been found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /adduser-exec.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6365
Published : June 20, 2025, 9:15 p.m. | 1 hour, 15 minutes ago
Description : A vulnerability was found in HobbesOSR Kitten up to c4f8b7c3158983d1020af432be1b417b28686736 and classified as critical. Affected by this issue is the function set_pte_at in the library /include/arch-arm64/pgtable.h. The manipulation leads to resource consumption. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6369
Published : June 20, 2025, 10:15 p.m. | 29 minutes ago
Description : A vulnerability classified as critical has been found in D-Link DIR-619L 2.06B01. Affected is the function formdumpeasysetup of the file /goform/formdumpeasysetup. The manipulation of the argument curTime/config.save_network_enabled leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6370
Published : June 20, 2025, 10:15 p.m. | 29 minutes ago
Description : A vulnerability classified as critical was found in D-Link DIR-619L 2.06B01. Affected by this vulnerability is the function formWlanGuestSetup of the file /goform/formWlanGuestSetup. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-6368
Published : June 20, 2025, 10:15 p.m. | 15 minutes ago
Description : A vulnerability was found in D-Link DIR-619L 2.06B01. It has been rated as critical. This issue affects the function formSetEmail of the file /goform/formSetEmail. The manipulation of the argument curTime/config.smtp_email_subject leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3319
Published : June 20, 2025, 3:15 p.m. | 2 hours, 59 minutes ago
Description : IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due to improper session authentication which can result in access to unauthorized resources.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52784
Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in hideoguchi Bluff Post allows Stored XSS. This issue affects Bluff Post: from n/a through 1.1.1.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52781
Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Beee TinyNav allows Stored XSS. This issue affects TinyNav: from n/a through 1.4.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52782
Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in King Rayhan Scroll UP allows Reflected XSS. This issue affects Scroll UP: from n/a through 2.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52783
Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in themelocation Change Cart button Colors WooCommerce allows Stored XSS. This issue affects Change Cart button Colors WooCommerce: from n/a through 1.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52789
Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in George Lewe Lewe ChordPress allows Stored XSS. This issue affects Lewe ChordPress: from n/a through 3.9.7.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52792
Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in vgstef WP User Stylesheet Switcher allows Stored XSS. This issue affects WP User Stylesheet Switcher: from n/a through v2.2.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52794
Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Creative-Solutions Creative Contact Form allows Stored XSS. This issue affects Creative Contact Form: from n/a through 1.0.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52795
Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in aharonyan WP Front User Submit / Front Editor allows Cross Site Request Forgery. This issue affects WP Front User Submit / Front Editor: from n/a through 4.9.4.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52802
Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago
Description : Missing Authorization vulnerability in enguerranws Import YouTube videos as WP Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Import YouTube videos as WP Posts: from n/a through 2.1.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52793
Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Esselink.nu Esselink.nu Settings allows Reflected XSS. This issue affects Esselink.nu Settings: from n/a through 2.94.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-52790
Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in r-win WP-DownloadCounter allows Stored XSS. This issue affects WP-DownloadCounter: from n/a through 1.01.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…