Skip to main content
CVE-2025-3146 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in PHPGurukul Bus Pass Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Bus Pass Management System
NVD GitHub VulDB Exploit-DB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2025-3185 MEDIUM POC This Month

A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Doctor Appointment Booking System Php And Mysql
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3184 MEDIUM POC This Month

A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical.php?patientId=1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Doctor Appointment Booking System Php And Mysql
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3183 MEDIUM POC This Month

A vulnerability has been found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Doctor Appointment Booking System Php And Mysql
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3182 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in projectworlds Online Doctor Appointment Booking System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Doctor Appointment Booking System Php And Mysql
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3181 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in projectworlds Online Doctor Appointment Booking System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Doctor Appointment Booking System Php And Mysql
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3180 MEDIUM POC This Month

A vulnerability classified as critical was found in projectworlds Online Doctor Appointment Booking System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Doctor Appointment System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3178 MEDIUM POC This Month

A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Doctor Appointment System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3174 MEDIUM POC This Month

A vulnerability has been found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Lawyer Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3173 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in Project Worlds Online Lawyer Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Lawyer Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3168 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Time Table Generator System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Time Table Generator System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3151 MEDIUM POC This Month

A vulnerability was found in SourceCodester Gym Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Gym Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3138 MEDIUM POC This Month

A vulnerability has been found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Security Guards Hiring System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3137 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in PHPGurukul Online Security Guards Hiring System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Security Guards Hiring System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-3170 MEDIUM POC This Month

A vulnerability classified as critical has been found in Project Worlds Online Lawyer Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Lawyer Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-2784 MEDIUM POC PATCH This Month

A flaw was found in libsoup. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Libsoup Codeready Linux Builder Codeready Linux Builder For Arm64 +18
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2025-2055 MEDIUM POC This Month

The MapPress Maps for WordPress plugin before 2.94.9 does not sanitise and escape some parameters when outputing them in the page, which could allow users with a role as low as contributor to perform. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Mappress PHP
NVD WPScan
CVSS 3.1
6.8
EPSS
0.3%
CVE-2025-31486 MEDIUM POC PATCH This Month

Vite is a frontend tooling framework for javascript. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Red Hat
NVD GitHub
CVSS 3.1
5.3
EPSS
2.5%
CVE-2025-3141 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Medicine Ordering System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3142 MEDIUM POC This Month

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Apartment Visitor Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3140 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Medicine Ordering System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3134 MEDIUM POC This Month

A vulnerability classified as critical has been found in code-projects Payroll Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Payroll Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3150 MEDIUM POC This Month

A vulnerability was found in itning Student Homework Management System up to 1.2.7. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Student Homework Management System
NVD VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-3164 MEDIUM POC This Month

A vulnerability was found in Tencent Music Entertainment SuperSonic up to 0.9.8. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Supersonic
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.3%
CVE-2025-3136 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Pytorch AI / ML Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-3162 MEDIUM POC This Month

A vulnerability was found in InternLM LMDeploy up to 0.7.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Lmdeploy
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-3163 MEDIUM POC This Month

A vulnerability was found in InternLM LMDeploy up to 0.7.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lmdeploy
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-3159 MEDIUM POC PATCH This Month

A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Assimp Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-3160 MEDIUM POC PATCH This Month

A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Assimp Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-3166 MEDIUM POC This Month

A vulnerability classified as critical was found in code-projects Product Management System 1.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Product Management System
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-3171 MEDIUM This Month

A vulnerability classified as critical was found in Project Worlds Online Lawyer Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Lawyer Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2025-3176 MEDIUM This Month

A vulnerability was found in Project Worlds Online Lawyer Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Lawyer Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2025-3175 MEDIUM This Month

A vulnerability was found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Lawyer Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2025-3172 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in Project Worlds Online Lawyer Management System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Lawyer Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2025-31334 MEDIUM This Month

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Winrar
NVD
CVSS 3.0
6.8
EPSS
0.4%
CVE-2025-32053 MEDIUM PATCH This Month

A flaw was found in libsoup. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2025-32052 MEDIUM PATCH This Month

A flaw was found in libsoup. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2025-31800 MEDIUM This Month

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in publitio Publitio allows Path Traversal.1.8. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2025-30596 MEDIUM This Month

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound include-file allows Path Traversal. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2025-31858 MEDIUM This Month

Missing Authorization vulnerability in matthewrubin Local Magic allows Exploiting Incorrectly Configured Access Control Security Levels.6.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-31795 MEDIUM This Month

Missing Authorization vulnerability in Plugin Devs Shopify to WooCommerce Migration allows Exploiting Incorrectly Configured Access Control Security Levels.3.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-31768 MEDIUM This Month

Missing Authorization vulnerability in OTWthemes Widget Manager Light allows Accessing Functionality Not Properly Constrained by ACLs.18. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-31736 MEDIUM This Month

Missing Authorization vulnerability in richtexteditor Rich Text Editor allows Exploiting Incorrectly Configured Access Control Security Levels.0.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-31729 MEDIUM This Month

Missing Authorization vulnerability in jeffikus WooTumblog allows Exploiting Incorrectly Configured Access Control Security Levels.1.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-30916 MEDIUM This Month

Missing Authorization vulnerability in enituretechnology Residential Address Detection allows Exploiting Incorrectly Configured Access Control Security Levels.5.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-30915 MEDIUM This Month

Missing Authorization vulnerability in enituretechnology Small Package Quotes - Worldwide Express Edition allows Exploiting Incorrectly Configured Access Control Security Levels.2.19. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-31896 MEDIUM This Month

Missing Authorization vulnerability in istmoplugins GetBookingsWP allows Exploiting Incorrectly Configured Access Control Security Levels.1.27. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-31758 MEDIUM This Month

Missing Authorization vulnerability in BinaryCarpenter Free Woocommerce Product Table View allows Exploiting Incorrectly Configured Access Control Security Levels.78. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-31581 MEDIUM This Month

Missing Authorization vulnerability in Sandeep Kumar WP Video Playlist allows Exploiting Incorrectly Configured Access Control Security Levels.1.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-31789 MEDIUM This Month

Missing Authorization vulnerability in Matat Technologies TextMe SMS allows Exploiting Incorrectly Configured Access Control Security Levels.9.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.2%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy