Skip to main content
CVE-2025-25914 CRITICAL POC Act Now

SQL injection vulnerability in Online Exam Mastering System v.1.0 allows a remote attacker to execute arbitrary code via the fid parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi Online Exam Mastering System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2025-2395 CRITICAL Act Now

The U-Office Force from e-Excellence has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to use a particular API and alter cookies to log in as an administrator. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass U Office Force
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-2200 CRITICAL Act Now

SQL injection vulnerability in the IcProgreso Innovación y Cualificación plugin. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2025-2199 CRITICAL Act Now

SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi
NVD
CVSS 4.0
9.3
EPSS
0.2%
CVE-2025-25650 CRITICAL Act Now

An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605 allows attackers to produce cloned NFC cards to bypass authentication. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 3.1
9.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy