Security Vulnerabilities
Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-12-08
Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-12-08
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-12-08
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-12-08
Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-12-08
A flaw has been found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file /print_personnel_report.php. This manipulation of the argument per_id causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-12-08
A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation of the argument staff_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-12-08
Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files.
CVSS Score
4.9
EPSS Score
0.001
Published
2025-12-08
A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used.
CVSS Score
3.5
EPSS Score
0.0
Published
2025-12-08
A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-12-08