General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-61549 | Cross-Site Scripting (XSS) is present on the LoginID parameter on the /PSP/app/web/reg/reg_display.asp endpoint in edu … | Medium (6.1) | 2026-01-08 | General-Purpose |
| CVE-2025-61547 | Cross-Site Request Forgery (CSRF) is present on all functions in edu Business Solutions Print Shop Pro WebDesk version … | Medium (6.8) | 2026-01-08 | General-Purpose |
| CVE-2025-61246 | indieka900 online-shopping-system-php 1.0 is vulnerable to SQL Injection in master/review_action.php via the proId para… | Critical (9.8) | 2026-01-08 | General-Purpose |
| CVE-2025-59470 | This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres user by sending a ma… | Critical (9.0) | 2026-01-08 | General-Purpose |
| CVE-2025-59468 | This vulnerability allows a Backup Administrator to perform remote code execution (RCE) as the postgres user by sending… | Critical (9.0) | 2026-01-08 | General-Purpose |