Skip to content

Commit eab2200

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-g98x-pqq6-3h83 GHSA-jpwh-x42h-8gm2 GHSA-p83v-cqh9-x6qv GHSA-r349-8h55-f95p
1 parent fdcfdeb commit eab2200

File tree

4 files changed

+224
-0
lines changed

4 files changed

+224
-0
lines changed

advisories/unreviewed/2025/07/GHSA-g98x-pqq6-3h83/GHSA-g98x-pqq6-3h83.json

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-g98x-pqq6-3h83",
4+
"modified": "2025-07-26T12:30:39Z",
5+
"published": "2025-07-26T12:30:39Z",
6+
"aliases": [
7+
"CVE-2025-8185"
8+
],
9+
"details": "A vulnerability was found in 1000 Projects ABC Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /getbyid.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8185"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://github.com/XiaoJiesecqwq/CVE/issues/1"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://1000projects.org"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?ctiid.317598"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?id.317598"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://vuldb.com/?submit.622261"
45+
}
46+
],
47+
"database_specific": {
48+
"cwe_ids": [
49+
"CWE-74"
50+
],
51+
"severity": "MODERATE",
52+
"github_reviewed": false,
53+
"github_reviewed_at": null,
54+
"nvd_published_at": "2025-07-26T10:15:23Z"
55+
}
56+
}

advisories/unreviewed/2025/07/GHSA-jpwh-x42h-8gm2/GHSA-jpwh-x42h-8gm2.json

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-jpwh-x42h-8gm2",
4+
"modified": "2025-07-26T12:30:39Z",
5+
"published": "2025-07-26T12:30:39Z",
6+
"aliases": [
7+
"CVE-2025-8188"
8+
],
9+
"details": "A vulnerability classified as critical has been found in Campcodes Courier Management System 1.0. This affects an unknown part of the file /edit_staff.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8188"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://github.com/XiaoJiesecqwq/CVE/issues/9"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://vuldb.com/?ctiid.317601"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?id.317601"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?submit.622292"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://www.campcodes.com"
45+
}
46+
],
47+
"database_specific": {
48+
"cwe_ids": [
49+
"CWE-74"
50+
],
51+
"severity": "MODERATE",
52+
"github_reviewed": false,
53+
"github_reviewed_at": null,
54+
"nvd_published_at": "2025-07-26T12:15:30Z"
55+
}
56+
}

advisories/unreviewed/2025/07/GHSA-p83v-cqh9-x6qv/GHSA-p83v-cqh9-x6qv.json

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-p83v-cqh9-x6qv",
4+
"modified": "2025-07-26T12:30:39Z",
5+
"published": "2025-07-26T12:30:39Z",
6+
"aliases": [
7+
"CVE-2025-8186"
8+
],
9+
"details": "A vulnerability was found in Campcodes Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /edit_branch.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8186"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://github.com/XiaoJiesecqwq/CVE/issues/7"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://vuldb.com/?ctiid.317599"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?id.317599"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?submit.622280"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://www.campcodes.com"
45+
}
46+
],
47+
"database_specific": {
48+
"cwe_ids": [
49+
"CWE-74"
50+
],
51+
"severity": "MODERATE",
52+
"github_reviewed": false,
53+
"github_reviewed_at": null,
54+
"nvd_published_at": "2025-07-26T11:15:26Z"
55+
}
56+
}

advisories/unreviewed/2025/07/GHSA-r349-8h55-f95p/GHSA-r349-8h55-f95p.json

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-r349-8h55-f95p",
4+
"modified": "2025-07-26T12:30:39Z",
5+
"published": "2025-07-26T12:30:39Z",
6+
"aliases": [
7+
"CVE-2025-8187"
8+
],
9+
"details": "A vulnerability was found in Campcodes Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /edit_parcel.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8187"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://github.com/XiaoJiesecqwq/CVE/issues/8"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://vuldb.com/?ctiid.317600"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?id.317600"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?submit.622288"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://www.campcodes.com"
45+
}
46+
],
47+
"database_specific": {
48+
"cwe_ids": [
49+
"CWE-74"
50+
],
51+
"severity": "MODERATE",
52+
"github_reviewed": false,
53+
"github_reviewed_at": null,
54+
"nvd_published_at": "2025-07-26T12:15:29Z"
55+
}
56+
}

0 commit comments

Comments
 (0)