CVE-2025-11319: SQL Injection Vulnerability in Hospital Management System
A SQL injection vulnerability has been found in nahiduddinahammed Hospital Management System Website affecting /delete.php, allowing remote exploitation.
CVE-2025-11318: Unrestricted File Upload Vulnerability in Tipray
A vulnerability in Tipray Data Leakage Prevention System 1.0 allows unrestricted file uploads via the file uploadWxFile.do. This issue can be exploited remotely.
CVE-2025-11317: Remote SQL Injection in Tipray Data Leakage Prevention System
A vulnerability in Tipray Data Leakage Prevention System 1.0 allows remote SQL injection through the findRolePage function. An exploit is publicly available.
CVE-2025-11316: Tipray Data Leakage Prevention System Vulnerability
A vulnerability in Tipray Data Leakage Prevention System allows for remote SQL injection through manipulation of the tenantId parameter.
CVE-2025-50538: XSS vulnerability in Flowise
Flowise before 3.0.5 has an XSS vulnerability that can be exploited via an IFRAME element when an admin views the chat log.
CVE-2025-29192: XSS in Flowise
Flowise before 3.0.5 allows XSS via a FORM and INPUT element when an admin views the chat log.
CVE-2025-11315: SQL Injection in Tipray Data Leakage Prevention System
CVE-2025-11315 is a vulnerability in Tipray's Data Leakage Prevention System enabling SQL injection via manipulated arguments, allowing remote exploitation.
CVE-2025-11314: SQL Injection in Tipray Data Leakage Prevention System
CVE-2025-11314 affects the findRolePage function in Tipray Data Leakage Prevention System 1.0, allowing SQL injection through remote manipulation.
CVE-2025-11313: Flaw in Tipray Data Leakage Prevention System
A flaw in Tipray Data Leakage Prevention System 1.0 allows SQL injection via argument manipulation in the findRolePage function.
CVE-2025-11312: SQL Injection Vulnerability in Tipray Data Leakage Prevention System
CVE-2025-11312 is an SQL injection vulnerability in Tipray's Data Leakage Prevention System, affecting the findModulePage function. Remotely exploitable.
CVE-2025-11311: SQL Injection Vulnerability in Tipray Data Leakage Prevention System
A security flaw in Tipray Data Leakage Prevention System 1.0 allows remote SQL injection via the findTenantPage function. Vendor has not responded to disclosure.
CVE-2025-11310: Vulnerability in Tipray Data Leakage Prevention System
A weakness in Tipray's Data Leakage Prevention System 1.0 allows for SQL injection via the findFileServerPage function, potentially exploitable remotely.
CVE-2025-11309: SQL Injection Vulnerability in Tipray Data Leakage Prevention System
A SQL injection vulnerability in Tipray Data Leakage Prevention System 1.0 allows remote exploitation through argument manipulation in the doFilter function.
CVE-2025-11308: Cross-Site Scripting in Vanderlande Baggage 360
A vulnerability in Vanderlande Baggage 360 7.0.0 allows for cross-site scripting through manipulation of the /api-addons/v1/messages file. The exploit is publicly available.
CVE-2025-11306: Cross Site Scripting in FoxCMS
A vulnerability in qianfox FoxCMS up to 1.2 allows remote cross site scripting through manipulation of the keyword argument in the Search Page component.
CVE-2025-11305: Buffer Overflow in UTT HiPER 840G
A vulnerability in UTT HiPER 840G up to version 3.1.1-190328 allows for a buffer overflow via the strcpy function, enabling remote exploitation.
CVE-2025-11304: Vulnerability in CodeCanyon Mentor LMS
A flaw in CodeCanyon Mentor LMS up to version 1.1.1 allows for manipulation leading to a permissive cross-domain policy. The exploit is published and may be exploited remotely.
CVE-2025-11303: Command injection vulnerability in Belkin F9K1015 router
A vulnerability in Belkin F9K1015 1.00.10 allows remote command injection via the /goform/mp file. The vendor has not responded to disclosures.
CVE-2025-11302: Security Vulnerability in Belkin F9K1015
A security vulnerability in Belkin F9K1015 can lead to buffer overflow through manipulation of /goform/formWpsStart. Remote attacks are possible.
CVE-2025-11301: Buffer Overflow in Belkin F9K1015 Router
A vulnerability in Belkin F9K1015 Router allows remote exploitation via a buffer overflow in WPS setup. Vendor has not responded to disclosures.
CVE-2025-11300: Security flaw in Belkin F9K1015
A security flaw in Belkin F9K1015 (1.00.10) allows remote attacks via buffer overflow in /goform/formWlanMP. Exploits are public.
CVE-2025-11299: Buffer overflow vulnerability in Belkin F9K1015 Router
A buffer overflow vulnerability in Belkin F9K1015 Router (Firmware 1.00.10) could be exploited remotely via the pppUserName argument. The exploit is publicly available.
CVE-2025-11298: Command Injection in Belkin F9K1015 Router
A vulnerability in Belkin F9K1015 Router allows remote command injection via manipulation of 'm_wan_ipaddr'. Vendor did not respond to disclosure.
CVE-2025-11297: Remote Buffer Overflow in Belkin F9K1015 Router
CVE-2025-11297 is a remote buffer overflow vulnerability in Belkin F9K1015 routers due to improper argument handling in /goform/formSetLanguage.