CVE-2025-66802

Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE Remote Code Execution. The application receives a reverse shell php into imagem of the user enabling RCE...

CVE-2025-66802

Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE Remote Code Execution. The application receives a reverse shell php into imagem of the user enabling RCE...

SourceCodester Covid-19 Contact Tracing System 安全漏洞

SourceCodester Covid-19 Contact Tracing System is a new Crown Pneumonia contact tracing system open-sourced by SourceCodester. A security vulnerability exists in version 1.0 of the SourceCodester Covid-19 Contact Tracing System, which stems from the application receiving a reverse shell and could...

PT-2026-2297

Name of the Vulnerable Software and Affected Versions Sourcecodester Covid-19 Contact Tracing System version 1.0 Description The application is susceptible to Remote Code Execution RCE. It receives a reverse shell php into the user's image, enabling RCE. Recommendations At the moment, there is no...

CVE-2025-66802

CVE-2025-66802 affects SourceCodester Covid-19 Contact Tracing System 1.0. The Red Hat, CIRCL, NVD and related records describe a Remote Code Execution vulnerability in which an attacker can obtain a reverse shell (PHP) by exploiting the application’s handling of user-provided content, notably im...

CVE-2020-12717

The COVIDSafe Australia app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. T...

EUVD-2020-5005

Malware in sbrugna...

CVE-2020-12270

React Native Bluetooth Scan in Bluezone 1.0.0 uses six-character alphanumeric IDs, which might make it easier for remote attackers to interfere with COVID-19 contact tracing by using many IDs. NOTE: the vendor disputes the relevance of this report because the recipient of an F1 alert will know it...

Covid-19 Contact Tracing System 1.0 Cross Site Scripting

============================================================================================================================================= | Title : Covid-19 Contact Tracing System 1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3...

Covid-19 Contact Tracing System 1.0 SQL Injection

============================================================================================================================================= | Title : Covid-19 Contact Tracing System 1.0 auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...

CVE-2023-2677

CVE-2023-2677 affects SourceCodester Covid-19 Contact Tracing System 1.0, with a SQL injection in admin/establishment/manage.php caused by manipulation of the id parameter. It is remotely exploitable and has public disclosure. In connected sources, remediation guidance for this version suggests r...

CVE-2023-2677 SourceCodester Covid-19 Contact Tracing System manage.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Covid-19 Contact Tracing System 1.0. This affects an unknown part of the file admin/establishment/manage.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...

PT-2023-20787 · Sourcecodester · Sourcecodester Covid-19 Contact Tracing System

Name of the Vulnerable Software and Affected Versions: SourceCodester Covid-19 Contact Tracing System version 1.0 Description: A critical issue was found in the SourceCodester Covid-19 Contact Tracing System, affecting the file admin/establishment/manage.php. The manipulation of the id argument...

Apple and Google Join Forces to Stop Unauthorized Location-Tracking Devices

Apple and Google have teamed up to work on a draft industry-wide specification that's designed to tackle safety risks and alert users when they are being tracked without their knowledge or permission using devices like AirTags. "The first-of-its-kind specification will allow Bluetooth...

Threat Source newsletter (July 14, 2022) — Are virtual IDs worth the security risk of saving a few seconds in the TSA line?

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. I’ve started flying again on a somewhat regular basis now that work conferences and out-of-state vacations are becoming a thing again. I took about 18 months or so off flying during the peak of the pandemic, but now...

Designing Contact-Tracing Apps

Susan Landau wrote an essay on the privacy, efficacy, and equity of contract-tracing smartphone apps. Also see her excellent book on the topic...

Spoofing Bug Highlights Cybersecurity for Digital Vaccine Passports

Three weeks after an independent researcher found a critical bug in the Services Australia COVID-19 digital vaccine certificate that would allow an attacker to falsify someone’s vaccine status, it still hasn’t been fixed. Researcher Richard Nelson looked into the security behind a new digital...

CVE-2021-33831

api/account/register in the TH Wildau COVID-19 Contact Tracing application through 2021-09-01 has Incorrect Access Control. An attacker can interfere with tracing of infection chains by creating 500 random users within 2500 seconds...

CVE-2021-33831

The CVE-2021-33831 entry concerns the TH Wildau COVID-19 Contact Tracing web app. The issue is Incorrect Access Control in the registration API (registration endpoint) that allows automated, unprotected creation of many guest users (e.g., 500 users within 2500 seconds). An attacker can exploit th...

TH Wildau COVID-19 Contact Tracing 授权问题漏洞

TH Wildau COVID-19 Contact Tracing is a web application used for contact tracing in the event of a SARS Cov2 infection. An authorization issue vulnerability exists in TH Wildau COVID-19 Contact Tracing that stems from the product's registration API not validating input. An attacker could use this...