Security Vulnerabilities - CVEs Published In July 2025
Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.
CVSS Score
6.2
EPSS Score
0.001
Published
2025-07-08
Memory corruption while operating the mailbox in Automotive.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-07-08
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the id_concesion parameter in /<Client>FacturaE/VerFacturaPDF.
CVSS Score
5.1
EPSS Score
0.002
Published
2025-07-08
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the campo parameter in /<Client>FacturaE/VerFacturaPDF.
CVSS Score
5.1
EPSS Score
0.002
Published
2025-07-08
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending a malicious URL trhough the id_factura parameter in /<Client>FacturaE/listado_facturas_ficha.jsp.
CVSS Score
5.1
EPSS Score
0.001
Published
2025-07-08
A vulnerability was found in PHPGurukul Hospital Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view-medhistory.php. The manipulation of the argument viewid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
5.5
EPSS Score
0.003
Published
2025-07-08
A vulnerability was found in PHPGurukul Car Washing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/editcar-washpoint.php. The manipulation of the argument wpid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
2.0
EPSS Score
0.003
Published
2025-07-08
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion parameter in /<Client>FacturaE/DescargarFactura.
CVSS Score
9.3
EPSS Score
0.002
Published
2025-07-08
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo parameter in/<Client>FacturaE/BusquedasFacturasSesion.
CVSS Score
9.3
EPSS Score
0.002
Published
2025-07-08
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo id_factura inĀ /<Client>FacturaE/listado_facturas_ficha.jsp.
CVSS Score
9.3
EPSS Score
0.002
Published
2025-07-08