308 matches found
CVE-2025-13174
CVE-2025-13174 affects rachelos WeRSS we-mp-rss up to 1.4.7. The vulnerability lies in the Webhook Module’s function do_job (file path: /rachelos/we-mp-rss/blob/main/jobs/mps.py). Manipulating the argument web_hook_url can lead to server-side request forgery (SSRF). The attack may be executed rem...
PT-2025-46997
Name of the Vulnerable Software and Affected Versions Bdtask/CodeCanyon SalesERP versions up to 20250728 Description A cross-site request forgery condition exists in Bdtask/CodeCanyon SalesERP. The issue affects an unspecified component and allows for remote manipulation. The exploit is publicly...
PT-2025-47012
Name of the Vulnerable Software and Affected Versions Intelbras ICIP version 2.0.20 Description A security issue exists in Intelbras ICIP 2.0.20. Manipulation of the NomeUsuario/SenhaAcess arguments within the file /xml/sistema/acessodeusuario.xml results in credentials being stored insecurely...
EUVD-2025-106749
A vulnerability has been identified in LOGO! 12/24RCE 6ED1052-1MD08-0BA2 All versions, LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 All versions, LOGO! 230RCE 6ED1052-1FB08-0BA2 All versions, LOGO! 230RCEo 6ED1052-2FB08-0BA2 All versions, LOGO! 24CE 6ED1052-1CC08-0BA2 All versions, LOGO! 24CEo...
PT-2025-46542
Name of the Vulnerable Software and Affected Versions LOGO! 12/24RCE 6ED1052-1MD08-0BA2 affected versions not specified LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 affected versions not specified LOGO! 230RCE 6ED1052-1FB08-0BA2 affected versions not specified LOGO! 230RCEo 6ED1052-2FB08-0BA2 affected...
CVE-2025-12924
A vulnerability was identified in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. This issue affects the function GlobalResult of the file src/main/java/com/rymcu/forest/web/api/bank/BankController.java. The manipulation leads to missing authorization. The attack may be initiated...
CVE-2025-12924 rymcu forest BankController.java GlobalResult authorization
A vulnerability was identified in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. This issue affects the function GlobalResult of the file src/main/java/com/rymcu/forest/web/api/bank/BankController.java. The manipulation leads to missing authorization. The attack may be initiated...
CVE-2025-60784
A vulnerability in the XiaozhangBang Voluntary Like System V8.8 allows remote attackers to manipulate the zhekou parameter in the /topfirst.php Pay module, enabling unauthorized discounts. By sending a crafted HTTP POST request with zhekou set to an abnormally low value, an attacker can purchase...
CVE-2025-60784
Summary : CVE-2025-60784 affects XiaozhangBang Voluntary Like System V8.8. The vulnerable component is the Pay module function in the /topfirst.php endpoint, where the server fails to validate parameters. Impact : remote attackers can set zhekou to an abnormally low value to buy votes at reduced ...
CVE-2025-12293
A vulnerability was identified in SourceCodester Point of Sales 1.0. This issue affects some unknown processing of the file /category.php. Such manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might b...
PT-2025-43760
Name of the Vulnerable Software and Affected Versions ajayrandhawa User-Management-PHP-MYSQL web affected versions not specified Description A security flaw exists in ajayrandhawa User-Management-PHP-MYSQL web. The issue involves cross-site request forgery, allowing remote attackers to perform...
PT-2025-43916
Name of the Vulnerable Software and Affected Versions SourceCodester Online Student Result System version 1.0 Description A security issue exists in SourceCodester Online Student Result System 1.0. The system is susceptible to SQL injection due to improper handling of the ID parameter within the...
PT-2025-44065
Name of the Vulnerable Software and Affected Versions code-projects E-Commerce Website version 1.0 Description A cross site scripting issue exists in code-projects E-Commerce Website version 1.0. The issue is related to the manipulation of the supp name/supp address argument within the file...
EUVD-2025-34825
A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/deviceservice of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been...
CVE-2025-11661
A vulnerability was found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown part. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been made public an...
EUVD-2025-33901
A vulnerability was detected in Tomofun Furbo 360 up to FB0035FW036. Impacted is an unknown function of the component Audio Handler. Performing manipulation results in race condition. The attack is possible to be carried out remotely. The vendor was contacted early about this disclosure but did n...
EUVD-2017-18918
Malware in sbrugna...
EUVD-2020-2966
Malware in sbrugna...
EUVD-2019-2974
Malware in sbrugna...
EUVD-2019-2572
Malware in sbrugna...