Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-05 | CVE-2025-1965 | SQL Injection vulnerability in Projectworlds Online Hotel Booking 1.0 A vulnerability classified as critical has been found in projectworlds Online Hotel Booking 1.0. | 9.8 |
| 2025-03-05 | CVE-2025-1316 | OS Command Injection vulnerability in Edimax Ic-7100 Firmware Edimax IC-7100 does not properly neutralize requests. | 9.8 |
| 2025-03-05 | CVE-2025-1962 | SQL Injection vulnerability in Projectworlds Online Hotel Booking 1.0 A vulnerability was found in projectworlds Online Hotel Booking 1.0. | 9.8 |
| 2025-03-05 | CVE-2025-1963 | SQL Injection vulnerability in Projectworlds Online Hotel Booking 1.0 A vulnerability was found in projectworlds Online Hotel Booking 1.0. | 9.8 |
| 2025-03-04 | CVE-2025-1959 | Unspecified vulnerability in Codezips GYM Management System 1.0 A vulnerability, which was classified as critical, was found in Codezips Gym Management System 1.0. | 9.8 |
| 2025-03-04 | CVE-2025-1956 | Injection vulnerability in Code-Projects Shopping Portal 1.0 A vulnerability classified as critical has been found in code-projects Shopping Portal 1.0. | 9.8 |
| 2025-03-04 | CVE-2025-1952 | Unspecified vulnerability in PHPgurukul Restaurant Table Booking System 1.0 A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. | 9.8 |
| 2025-03-04 | CVE-2025-1307 | Missing Authorization vulnerability in Spicethemes Newscrunch The Newscrunch theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check in the newscrunch_install_and_activate_plugin() function in all versions up to, and including, 1.8.4.1. | 9.8 |
| 2025-03-04 | CVE-2025-1906 | Unspecified vulnerability in PHPgurukul Restaurant Table Booking System 1.0 A vulnerability has been found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. | 9.8 |
| 2025-03-04 | CVE-2025-0912 | Deserialization of Untrusted Data vulnerability in Givewp The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.4 via deserialization of untrusted input from the Donation Form through the 'card_address' parameter. | 9.8 |