Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2025-04-28 CVE-2025-46661 Code Injection vulnerability in Ipwsystems Metazo
IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because smartyValidator.php enables the attacker to provide template expressions, aka Server-Side Template-Injection.
network
low complexity
ipwsystems CWE-94
critical
9.8
2025-04-28 CVE-2025-4020 SQL Injection vulnerability in PHPgurukul OLD AGE Home Management System 1.0
A vulnerability was found in PHPGurukul Old Age Home Management System 1.0 and classified as critical.
network
low complexity
phpgurukul CWE-89
critical
9.8
2025-04-28 CVE-2025-3200 An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems.
network
low complexity
CWE-327
critical
9.1
2025-04-28 CVE-2025-4014 Injection vulnerability in PHPgurukul ART Gallery Management System 1.0
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0.
network
low complexity
phpgurukul CWE-74
critical
9.8
2025-04-28 CVE-2025-4013 Injection vulnerability in PHPgurukul ART Gallery Management System 1.0
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0.
network
low complexity
phpgurukul CWE-74
critical
9.8
2025-04-28 CVE-2025-4005 Injection vulnerability in PHPgurukul Covid19 Testing Management System 1.0
A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0.
network
low complexity
phpgurukul CWE-74
critical
9.8
2025-04-28 CVE-2025-4004 SQL Injection vulnerability in PHPgurukul Covid19 Testing Management System 1.0
A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0.
network
low complexity
phpgurukul CWE-89
critical
9.8
2025-04-28 CVE-2025-3998 Injection vulnerability in Codeastro Membership Management System 1.0
A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0.
network
low complexity
codeastro CWE-74
critical
9.8
2025-04-27 CVE-2025-2866 Improper Verification of Cryptographic Signature vulnerability in Libreoffice
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.
network
low complexity
libreoffice CWE-347
critical
9.8
2025-04-27 CVE-2025-3976 Injection vulnerability in PHPgurukul Covid19 Testing Management System 1.0
A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0.
network
low complexity
phpgurukul CWE-74
critical
9.8