Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-02-11 CVE-2025-1173 SQL Injection vulnerability in 1000Projects Bookstore Management System 1.0
A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0.
network
low complexity
1000projects CWE-89
7.2
7.2
2025-02-11 CVE-2025-1174 Cross-site Scripting vulnerability in 1000Projects Bookstore Management System 1.0
A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as problematic.
network
low complexity
1000projects CWE-79
4.8
4.8
2025-02-11 CVE-2025-1171 Cross-site Scripting vulnerability in Fabianros Real Estate Property Management System 1.0
A vulnerability classified as problematic was found in code-projects Real Estate Property Management System 1.0.
network
low complexity
fabianros CWE-79
6.1
6.1
2025-02-11 CVE-2025-1172 SQL Injection vulnerability in 1000Projects Bookstore Management System 1.0
A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0.
network
low complexity
1000projects CWE-89
8.8
8.8
2025-02-11 CVE-2025-1169 Code Injection vulnerability in Rems Image Compressor Tool 1.0
A vulnerability was found in SourceCodester Image Compressor Tool 1.0.
network
low complexity
rems CWE-94
6.1
6.1
2025-02-11 CVE-2025-1170 Cross-site Scripting vulnerability in Fabian Real Estate Property Management System 1.0
A vulnerability classified as problematic has been found in code-projects Real Estate Property Management System 1.0.
network
low complexity
fabian CWE-79
5.4
5.4
2025-02-11 CVE-2025-1168 Injection vulnerability in Rems Contact Manager With Export to VCF 1.0
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0.
network
low complexity
rems CWE-74
critical
 9.8
9.8
2025-02-11 CVE-2025-23189 Due to missing authorization check in an RFC enabled function module in transaction SDCCN, an authenticated attacker could generate technical meta-data.
network
low complexity
CWE-862
4.3
4.3
2025-02-11 CVE-2025-23190 Due to missing authorization check, an authenticated attacker could call a remote-enabled function module which allows them to access data that they would otherwise not have access to.
network
low complexity
CWE-862
4.3
4.3
2025-02-11 CVE-2025-23191 Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request.
network
high complexity
CWE-644
3.1
3.1