NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-13297	A security vulnerability has been detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. The impacted element is an unknown fun...	2025-11-17	7.3	NETWORK	HIGH	NVD
CVE-2024-44657	PHPGurukul Complaint Management System 2.0 is vulnerable to SQL Injection via the fromdate and todate parameters in between-date-userreport.php.	2025-11-17	6.5	NETWORK	MEDIUM	NVD
CVE-2024-44653	Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email parameter in user_login.php.	2025-11-17	6.5	NETWORK	MEDIUM	NVD
CVE-2024-44651	Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the recover_email parameter in user_password_recover.php.	2025-11-17	6.5	NETWORK	MEDIUM	NVD
CVE-2025-63918	PDFPatcher executable does not validate user-supplied file paths, allowing directory traversal attacks allowing attackers to upload arbitrary files to...	2025-11-17	6.2	LOCAL	MEDIUM	NVD
CVE-2025-63917	PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity (XXE) references. The application uses...	2025-11-17	7.1	NETWORK	HIGH	NVD
CVE-2025-62519	phpMyFAQ is an open source FAQ web application. Prior to version 4.0.14, an authenticated SQL injection vulnerability in the main configuration update...	2025-11-17	7.2	NETWORK	HIGH	NVD
CVE-2025-58410	Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read...	2025-11-17	7.5	NETWORK	HIGH	NVD
CVE-2025-13319	An injection vulnerability has been discovered in the API feature in Digi On-Prem Manager, enabling an attacker with valid API tokens to inject SQL vi...	2025-11-17	8.8	NETWORK	HIGH	NVD
CVE-2025-13291	A vulnerability was found in Campcodes Supplier Management System 1.0. This affects an unknown part of the file /manufacturer/confirm_order.php. Perfo...	2025-11-17	7.3	NETWORK	HIGH	NVD
CVE-2025-13290	A vulnerability has been found in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /sav...	2025-11-17	6.3	NETWORK	MEDIUM	NVD
CVE-2025-13193	A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivile...	2025-11-17	5.5	LOCAL	MEDIUM	NVD
CVE-2024-46336	kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via /client_user/feedback.php.	2025-11-17	6.1	NETWORK	MEDIUM	NVD
CVE-2024-46334	kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the formuser and formpassword parameters in /adminLogin.php.	2025-11-17	6.1	NETWORK	MEDIUM	NVD
CVE-2024-44652	Kashipara Ecommerce Website 1.0 is vulnerable to SQL Injection via the user_email, username, user_firstname, user_lastname, and user_address parameter...	2025-11-17	6.5	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.