Latest vulnerabilities

6.5

First published 2h ago (updated 2h ago)

CVE-2025-3245

SourceCodester Web-based Pharmacy Product Management SystemSourceCodester Web-based Pharmacy Product Management System Create User Page add-admin.php unrestricted upload

6.5

First published 2h ago (updated 2h ago)

CVE-2025-3244

Patient Record Management Systemcode-projects Patient Record Management System dental_form.php sql injection

6.5

First published 2h ago (updated 2h ago)

CVE-2025-3243

PHPGurukul e-Diary Management SystemPHPGurukul e-Diary Management System search-result.php sql injection

6.5

First published 3h ago (updated 2h ago)

CVE-2025-3242

zhangyanbo2007 youkefuzhangyanbo2007 youkefu XML Document CallCenterRouterController.java xml external entity reference

6.5

First published 3h ago (updated 2h ago)

CVE-2025-3241

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

EPC ez Form CalculatorWordPress ez Form Calculator - WordPress plugin plugin <= 2.14.1.2 - Reflected Cross Site Scripting (XSS) vulnerability

7.1

First published 3h ago (updated 2h ago)

CVE-2025-22282

Online Fire Reporting SystemPHPGurukul Online Fire Reporting System search.php sql injection

7.5

First published 3h ago (updated 2h ago)

CVE-2025-3240

Online Fire Reporting SystemPHPGurukul Online Fire Reporting System edit-guard-detail.php sql injection

7.5

First published 3h ago (updated 2h ago)

CVE-2025-3239

Online Fire Reporting SystemPHPGurukul Online Fire Reporting System search-request.php sql injection

7.5

First published 4h ago (updated 3h ago)

CVE-2025-3238

Tenda FH1202Tenda FH1202 wrlwpsset access control

6.9

First published 4h ago (updated 3h ago)

CVE-2025-3237

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Bitdefender GravityZoneServer Side Request Forgery in GravityZone Update Server Using Null Bytes (VA-12646)

6.9

First published 4h ago (updated 3h ago)

CVE-2025-2245

Bitdefender GravityZoneSSRF in GravityZone Console via DNS Truncation (VA-12634)

6.9

First published 4h ago (updated 3h ago)

CVE-2025-2243

CVE-2025-1865Local Privilege Escalation in Virtual CloneDrive Kernel Driver

8.5

First published 4h ago (updated 3h ago)

CVE-2025-1865

Bitdefender GravityZoneInsecure PHP deserialization issue in GravityZone Console (VA-12634)

critical

9.5

First published 4h ago (updated 3h ago)

CVE-2025-2244

Tenda FH1202Tenda FH1202 Web Management Interface VirSerDMZ access control

6.9

First published 4h ago (updated 3h ago)

CVE-2025-3236

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Old Age Home Management SystemPHPGurukul Old Age Home Management System profile.php sql injection

6.5

First published 4h ago (updated 3h ago)

CVE-2025-3235

PHPGURUKUL Zoo Management SystemPHPGurukul Zoo Management System aboutus.php sql injection

7.5

First published 5h ago (updated 4h ago)

CVE-2025-3231

PHPGurukul Restaurant Table Booking SystemPHPGurukul Restaurant Table Booking System edit-subadmin.php sql injection

5.8

First published 5h ago (updated 4h ago)

CVE-2025-3229

PHPGurukul e-Diary Management SystemPHPGurukul e-Diary Management System dashboard.php sql injection

7.5

First published 6h ago (updated 5h ago)

CVE-2025-3220

Perfex CRMCodeCanyon Perfex CRM Project Discussions Module 2 cross site scripting

5.1

First published 6h ago (updated 5h ago)

CVE-2025-3219

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Vehica Core plugin for WordPressVehica Core <= 1.0.97 - Authenticated (Subscriber+) Privilege Escalation

8.8

First published 6h ago (updated 5h ago)

CVE-2025-3105

PHPGurukul e-Diary Management SystemPHPGurukul e-Diary Management System registration.php sql injection

7.5

First published 7h ago (updated 6h ago)

CVE-2025-3217

Woffice CoreWoffice Core <= 5.4.21 - Authenticated (Subscriber+) Arbitrary File Upload

critical

9.8

First published 7h ago (updated 6h ago)

CVE-2025-2780

Woffice Core plugin for WordPressWoffice Core <= 5.4.21 - Cross-Site Request Forgery to User Registration Approval

5.4

First published 7h ago (updated 6h ago)

CVE-2025-2797

M-FilesStored XSS Vulnerability in M-Files Web

5.1

First published 7h ago (updated 6h ago)

CVE-2025-3087

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

M-FilesUser in anonymous role could create and delete views

6.3

First published 7h ago (updated 6h ago)

CVE-2025-3086

PHPGurukul e-Diary Management SystemPHPGurukul e-Diary Management System password-recovery.php sql injection

7.5

First published 7h ago (updated 6h ago)

CVE-2025-3216

PHPGurukul Restaurant Table Booking SystemPHPGurukul Restaurant Table Booking System add-subadmin.php sql injection

6.5

First published 7h ago (updated 6h ago)

CVE-2025-3215

M-Files Server AdminStored XSS in M-Files Admin user interface

5.1

First published 7h ago (updated 7h ago)

CVE-2025-2159

Final DraftJFinal CMS readTemplate engine.getTemplate path traversal

5.3

First published 8h ago (updated 7h ago)

CVE-2025-3214

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.