Security Vulnerabilities - CVEs Published In April 2025
A vulnerability classified as critical was found in codeprojects Online Restaurant Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user_update.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.9
EPSS Score
0.002
Published
2025-04-07
A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/member_update.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.9
EPSS Score
0.001
Published
2025-04-07
A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/member_save.php. The manipulation of the argument last leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
CVSS Score
6.9
EPSS Score
0.001
Published
2025-04-07
A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/category_update.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.9
EPSS Score
0.001
Published
2025-04-07
A vulnerability was found in codeprojects Online Restaurant Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/category_save.php. The manipulation of the argument Category leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.9
EPSS Score
0.002
Published
2025-04-07
Deserialization mismatch vulnerability in the DSoftBus module
Impact: Successful exploitation of this vulnerability may affect service integrity.
CVSS Score
8.4
EPSS Score
0.004
Published
2025-04-07
Path traversal vulnerability in the DFS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
6.8
EPSS Score
0.003
Published
2025-04-07
Memory write permission bypass vulnerability in the kernel futex module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-04-07
In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3185.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-04-07
In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04428276; Issue ID: MSV-3184.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-04-07