Skip to main content
CVE-2026-0732 LOW POC Monitor

Command injection in D-Link DI-8200G firmware version 17.12.20A1 via the /upgrade_filter.asp path parameter allows authenticated remote attackers to execute arbitrary commands. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires network access and valid credentials but no user interaction.

D-Link Command Injection
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.4%
CVE-2025-15496 LOW POC Monitor

A vulnerability was determined in guchengwuyue yshopmall up to 1.9.1. Affected is the function getPage of the file /api/jobs. [CVSS 6.3 MEDIUM]

SQLi Yshopmall
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-0733 LOW POC Monitor

SQL injection in PHPGurukul Online Course Registration System through 3.1 allows authenticated attackers to manipulate the id/cid parameters in the manage-students.php admin function, enabling unauthorized database access and potential data modification. Public exploit code exists for this vulnerability, and no patch is currently available.

PHP SQLi
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-15494 LOW POC Monitor

A vulnerability has been found in RainyGao DocSys up to 2.02.37. This affects an unknown function of the file com/DocSystem/mapping/UserMapper.xml. [CVSS 6.3 MEDIUM]

SQLi Docsys
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-15493 LOW POC Monitor

Docsys versions up to 2.02.36. contains a vulnerability that allows attackers to sql injection (CVSS 6.3).

SQLi Docsys
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-15492 LOW POC Monitor

A vulnerability was detected in RainyGao DocSys up to 2.02.36. The affected element is an unknown function of the file src/com/DocSystem/mapping/GroupMemberMapper.xml. [CVSS 6.3 MEDIUM]

SQLi Docsys
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-0803 LOW POC Monitor

PHPGurukul Online Course Registration System through version 3.1 contains a SQL injection vulnerability in /enroll.php that allows authenticated attackers to manipulate multiple parameters (studentregno, Pincode, session, department, level, course, sem) to execute arbitrary database queries over the network. Public exploit code exists for this vulnerability, and no patch is currently available, creating risk for deployments handling course enrollment data.

PHP SQLi
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-15495 LOW POC Monitor

A vulnerability was found in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/editsite.php. [CVSS 4.7 MEDIUM]

PHP Authentication Bypass File Upload
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-3950 LOW Monitor

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed a user to leak certain information by referencing specially crafted images that bypass asset proxy protection. [CVSS 3.5 LOW]

Gitlab
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-62487 LOW Monitor

On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different artifacts (e.g. [CVSS 3.5 LOW]

Authentication Bypass
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2026-20972 LOW Monitor

Improper Export of Android Application Components in UwbTest prior to SMR Jan-2026 Release 1 allows local attackers to enable UWB. [CVSS 3.3 LOW]

Android
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-46676 LOW Monitor

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. [CVSS 2.7 LOW]

Information Disclosure Data Domain Operating System
NVD
CVSS 3.1
2.7
EPSS
0.0%
CVE-2025-46643 LOW Monitor

Data Domain Operating System versions up to 8.4.0.0 is affected by heap-based buffer overflow (CVSS 2.3).

Buffer Overflow Heap Overflow Denial Of Service Data Domain Operating System
NVD
CVSS 3.1
2.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy