NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-40619	Bookgy does not provide for proper authorisation control in multiple areas of the application. This deficiency could allow a malicious actor, without ...	2025-04-29	9.3	NETWORK	CRITICAL	NVD
CVE-2025-40618	SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP ...	2025-04-29	9.3	NETWORK	CRITICAL	NVD
CVE-2025-40617	SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP ...	2025-04-29	9.3	NETWORK	CRITICAL	NVD
CVE-2025-40616	Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. This vulnerability allows an attacker to execute JavaScript code in the victim's browser...	2025-04-29	5.1	NETWORK	MEDIUM	NVD
CVE-2025-40615	Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. This vulnerability allows an attacker to execute JavaScript code in the victim's browser...	2025-04-29	5.1	NETWORK	MEDIUM	NVD
CVE-2025-32354	In Zimbra Collaboration (ZCS) 9.0 through 10.1, a Cross-Site Request Forgery (CSRF) vulnerability exists in the GraphQL endpoint (/service/extension/g...	2025-04-29	N/A	None	None	NVD
CVE-2025-25962	An issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0 allows a remote attacker to escalate privileges via the _modifyPosition function	2025-04-29	N/A	None	None	NVD
CVE-2025-25403	Slims (Senayan Library Management Systems) 9 Bulian V9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/coll_type.php.	2025-04-29	N/A	None	None	NVD
CVE-2025-23179	CWE-798: Use of Hard-coded Credentials	2025-04-29	5.5	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2025-23178	CWE-923: Improper Restriction of Communication Channel to Intended Endpoints	2025-04-29	7.6	NETWORK	HIGH	NVD
CVE-2025-23177	CWE-427: Uncontrolled Search Path Element	2025-04-29	7.6	NETWORK	HIGH	NVD
CVE-2025-1551	IBM Operational Decision Manager 8.11.0.1, 8.11.1.0, 8.12.0.1, and 9.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows an unauthe...	2025-04-29	6.1	NETWORK	MEDIUM	NVD
CVE-2025-4067	A vulnerability classified as critical has been found in ScriptAndTools Online-Travling-System 1.0. Affected is an unknown function of the file /admin...	2025-04-29	5.3	NETWORK	MEDIUM	NVD
CVE-2025-4066	A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been rated as critical. This issue affects some unknown processing of t...	2025-04-29	7.3	NETWORK	HIGH	NVD
CVE-2025-4065	A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been declared as critical. This vulnerability affects unknown code of t...	2025-04-29	7.3	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.