CVE-2025-31165

CVE-2025-31165 is an XSS vulnerability in the Logbug module of NightWolf Penetration Testing Platform 1.2.2 , specifically through the markdown editor feature . The description states that attackers can execute JavaScript via this editor. The CVSS metrics included indicate a base score of 6.9 (Me...

Penetration Testing Services: Strengthening Cybersecurity Against Evolving Threats

Cybersecurity threats are evolving at an unprecedented pace, leaving organizations vulnerable to large-scale attacks. Security breaches and data…...

Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience

"A boxer derives the greatest advantage from his sparring partner…" — Epictetus, 50–135 AD Hands up. Chin tucked. Knees bent. The bell rings, and both boxers meet in the center and circle. Red throws out three jabs, feints a fourth, and—BANG—lands a right hand on Blue down the center. This wasn't...

Splunk Enterprise 9.1.0 < 9.1.8, 9.2.0 < 9.2.5, 9.3.0 < 9.3.3 (SVD-2025-0303)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-0303 advisory. - In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and...

Exploit for CVE-2025-29927

Testing script for CVE-2025-29927 Provided by CyberMaxx. CV...

How to Create a Scan in Perl to Identify Vulnerable POP3 Servers

This paper, written in Brazilian Portuguese, explains how to create a Perl script to identify vulnerable POP3 servers. In the context of application security, the author provides mitigation recommendations...

Exploit for Code Injection in Apache Commons_Text

text4shell-exploit A custom Python-based proof-of-concept PoC...

CVE-2025-29640

Phpgurukul Human Metapneumovirus HMPV – Testing Management System v1.0 is vulnerable to SQL Injection in /patient-report.php via the parameter searchdata...

Fedora 41 : dotnet8.0 (2025-adbd75f500)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-adbd75f500 advisory. This is the monthly update for .NET for March 2025. Release Notes: - SDK https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.14/8.0.114.md -...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2025-24813-PoC === CVE-2025-24813 affects Apache Tomcat - i...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2025-24813 Apache Tomcat RCE PoC PoC for CVE-2025-24813, a...

CVE-2025-29640

Phpgurukul Human Metapneumovirus HMPV – Testing Management System v1.0 is vulnerable to SQL Injection in /patient-report.php via the parameter searchdata...

CVE-2025-29640

Phpgurukul Human Metapneumovirus HMPV – Testing Management System v1.0 is vulnerable to SQL Injection in /patient-report.php via the parameter searchdata...

CVE-2025-29640

Phpgurukul Human Metapneumovirus (HMPV) – Testing Management System v1.0 is affected by a SQL injection in /patient-report.php via the searchdata parameter. Multiple connected sources confirm the vulnerability and root cause is improper handling of user-supplied input in that endpoint, enabling a...

CVE-2025-29640

Phpgurukul Human Metapneumovirus HMPV – Testing Management System v1.0 is vulnerable to SQL Injection in /patient-report.php via the parameter searchdata...

PHPGurukul Human Metapneumovirus Testing Management System 安全漏洞

PHPGurukul Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system from PHPGurukul, Inc. A security vulnerability exists in PHPGurukul Human Metapneumovirus Testing Management System v1.0, which originates from a SQL injection vulnerability in the...

Azure Linux 3.0 Security Update: python3 (CVE-2024-4032)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4032 advisory. - The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were...

Drupal 10.3.x < 10.3.14 / 10.4.x < 10.4.5 / 11.x < 11.0.13 / 11.1.x < 11.1.5 Drupal Vulnerability (SA-CORE-2025-004)

According to its self-reported version, the instance of Drupal running on the remote web server is 10.3.x prior to 10.3.14, 10.4.x prior to 10.4.5, 11.x prior to 11.0.13, or 11.1.x prior to 11.1.5. It is, therefore, affected by a vulnerability. - Improper Neutralization of Input During Web Page...

CVE-2025-2372

A vulnerability classified as critical has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This affects an unknown part of the file /password-recovery.php of the component Password Recovery Page. The manipulation of the argument username leads to sql injection. It is...

CVE-2025-2371

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /registered-user-testing.php of the component Registered Mobile Number Search. The manipulation of the...