Skip to main content
CVE-2025-31100 CRITICAL Act Now

Unrestricted Upload of File with Dangerous Type vulnerability in Mojoomla School Management allows Upload a Web Shell to a Web Server.93.1 (02-07-2025). Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload
NVD
CVSS 3.1
9.9
EPSS
0.1%
CVE-2024-32832 CRITICAL Act Now

Missing Authorization vulnerability in Hamid Alinia Login with phone number.6.93. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-9744 MEDIUM POC This Month

A weakness has been identified in Campcodes Online Loan Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.8%
CVE-2025-9750 MEDIUM POC This Month

A security flaw has been discovered in Campcodes Online Learning Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-9743 MEDIUM POC This Month

A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-9741 MEDIUM POC This Month

A vulnerability was determined in code-projects Human Resource Integrated System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-9740 MEDIUM POC This Month

A vulnerability was found in code-projects Human Resource Integrated System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-9739 MEDIUM POC This Month

A vulnerability has been found in Campcodes Online Water Billing System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-9733 MEDIUM POC This Month

A security flaw has been discovered in code-projects Human Resource Integrated System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-9730 MEDIUM POC This Month

A vulnerability was found in itsourcecode Apartment Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-9729 MEDIUM POC This Month

A vulnerability was detected in PHPGurukul Online Course Registration 3.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-9726 MEDIUM POC This Month

A security flaw has been discovered in Campcodes Farm Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-9749 MEDIUM POC This Month

A vulnerability was identified in HKritesh009 Grocery List Management Web App up to f491b681eb70d465f445c9a721415c965190f83b. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-9742 MEDIUM POC This Month

A vulnerability was identified in code-projects Human Resource Integrated System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-9728 MEDIUM POC PATCH This Month

A security vulnerability has been detected in givanz Vvveb 1.0.7.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Vvveb
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-47696 HIGH This Week

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Solwin Blog Designer PRO.4.7. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

LFI PHP Information Disclosure
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2024-32589 HIGH This Week

Missing Authorization vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager.5.3. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2025-9727 LOW POC Monitor

A weakness has been identified in D-Link DIR-816L 206b01. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-9747 LOW POC PATCH Monitor

A vulnerability has been found in Koillection up to 1.6.18. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-9745 LOW POC Monitor

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection D-Link
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.2%
CVE-2025-9716 LOW POC Monitor

A vulnerability was determined in O2OA up to 10.0-410. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-9737 LOW POC Monitor

A vulnerability was detected in O2OA up to 10.0-410. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9736 LOW POC Monitor

A security vulnerability has been detected in O2OA up to 10.0-410. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9734 LOW POC Monitor

A security flaw has been discovered in O2OA up to 10.0-410. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9718 LOW POC Monitor

A security flaw has been discovered in O2OA up to 10.0-410. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9715 LOW POC Monitor

A vulnerability was found in O2OA up to 10.0-410. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9738 LOW POC Monitor

A flaw has been found in Portabilis i-Educar up to 2.10. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9735 LOW POC Monitor

A weakness has been identified in O2OA up to 10.0-410. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9719 LOW POC Monitor

A weakness has been identified in O2OA up to 10.0-410. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9717 LOW POC Monitor

A vulnerability was identified in O2OA up to 10.0-410. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-5083 MEDIUM This Month

The Amministrazione Trasparente plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.0 due to insufficient input sanitization. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS PHP
NVD GitHub
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-9725 LOW POC Monitor

A vulnerability was identified in Cudy LT500E up to 2.3.12. Rated low severity (CVSS 2.0). Public exploit code available and no vendor patch available.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
1.1
EPSS
0.0%
CVE-2025-9724 LOW Monitor

A vulnerability was determined in Portabilis i-Educar up to 2.10. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9723 LOW Monitor

A vulnerability was found in Portabilis i-Educar up to 2.10. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9722 LOW Monitor

A vulnerability has been found in Portabilis i-Educar up to 2.10. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9721 LOW Monitor

A flaw has been found in Portabilis i-Educar up to 2.10. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9720 LOW Monitor

A vulnerability was detected in Portabilis i-Educar up to 2.10. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-9746 LOW Monitor

A vulnerability was detected in Campcodes Hospital Management System 1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-9731 LOW Monitor

A vulnerability was determined in Tenda AC9 15.03.05.19. Rated low severity (CVSS 2.0). No vendor patch available.

Authentication Bypass Tenda
NVD GitHub VulDB
CVSS 4.0
1.1
EPSS
0.0%
CVE-2025-9748 HIGH POC This Week

A vulnerability was determined in Tenda CH22 1.0.0.1. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ch22 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.2%
CVE-2025-9732 MEDIUM PATCH Monitor

A vulnerability was identified in DCMTK up to 3.6.9. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Dcmtk Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy