NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-0716	Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS allows attackers to bypass common ...	2025-04-29	4.8	NETWORK	MEDIUM	NVD
CVE-2025-4071	A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code...	2025-04-29	7.3	NETWORK	HIGH	NVD
CVE-2025-4070	A vulnerability, which was classified as critical, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /...	2025-04-29	7.3	NETWORK	HIGH	NVD
CVE-2025-4069	A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the functi...	2025-04-29	5.3	LOCAL	MEDIUM	NVD
CVE-2025-4068	A vulnerability classified as critical was found in code-projects Simple Movie Ticket Booking System 1.0. Affected by this vulnerability is the functi...	2025-04-29	5.3	LOCAL	MEDIUM	NVD
CVE-2025-46346	YesWiki is a wiki system written in PHP. Prior to version 4.5.4, a stored cross-site scripting (XSS) vulnerability was discovered in the application’s...	2025-04-29	6.3	NETWORK	MEDIUM	NVD
CVE-2025-40619	Bookgy does not provide for proper authorisation control in multiple areas of the application. This deficiency could allow a malicious actor, without ...	2025-04-29	9.3	NETWORK	CRITICAL	NVD
CVE-2025-40618	SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP ...	2025-04-29	9.3	NETWORK	CRITICAL	NVD
CVE-2025-40617	SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP ...	2025-04-29	9.3	NETWORK	CRITICAL	NVD
CVE-2025-40616	Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. This vulnerability allows an attacker to execute JavaScript code in the victim's browser...	2025-04-29	5.1	NETWORK	MEDIUM	NVD
CVE-2025-40615	Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. This vulnerability allows an attacker to execute JavaScript code in the victim's browser...	2025-04-29	5.1	NETWORK	MEDIUM	NVD
CVE-2025-32354	In Zimbra Collaboration (ZCS) 9.0 through 10.1, a Cross-Site Request Forgery (CSRF) vulnerability exists in the GraphQL endpoint (/service/extension/g...	2025-04-29	N/A	None	None	NVD
CVE-2025-25962	An issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0 allows a remote attacker to escalate privileges via the _modifyPosition function	2025-04-29	N/A	None	None	NVD
CVE-2025-25403	Slims (Senayan Library Management Systems) 9 Bulian V9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/coll_type.php.	2025-04-29	N/A	None	None	NVD
CVE-2025-23179	CWE-798: Use of Hard-coded Credentials	2025-04-29	5.5	ADJACENT_NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.