CVE-2025-68054

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup CountDown With Image or Video Background countdownwithbackground allows Blind SQL Injection.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

CVE-2023-53901

WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML and CSS to capture user keystrokes. Attackers can upload a crafted HTML file with CSS-based keylogging techniques to intercept password characters through background image requests...

EUVD-2025-203553

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup CountDown With Image or Video Background countdownwithbackground allows Blind SQL Injection.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

CVE-2025-68054

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup CountDown With Image or Video Background countdownwithbackground allows Blind SQL Injection.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

CVE-2025-68054 WordPress CountDown With Image or Video Background plugin <= 1.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup CountDown With Image or Video Background countdownwithbackground allows Blind SQL Injection.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

CVE-2025-68054 WordPress CountDown With Image or Video Background plugin <= 1.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup CountDown With Image or Video Background countdownwithbackground allows Blind SQL Injection.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...

CVE-2025-68054

CVE-2025-68054 concerns a SQL injection in the WordPress plugin “CountDown With Image or Video Background” (countdown_with_background). The Wordfence vulnerability detail specifies this is an authenticated, blind SQL injection affecting Version ≤ 1.5, with patch status listed as Unpatched in the ...

WordPress plugin CountDown With Image or Video Background 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin...

PT-2025-51445

Name of the Vulnerable Software and Affected Versions LambertGroup CountDown With Image or Video Background versions through 1.5 Description The software contains an SQL injection flaw due to improper neutralization of special elements within SQL commands. This allows for blind SQL injection...

PT-2025-51703

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the allocation of a cell's anonymous key within the AFS Andrew File System subsystem. Specifically, the issue arises from delayed allocation ...

WordPress CountDown With Image or Video Background plugin <= 1.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin CountDown With Image or Video Background versions = 1.5...

CVE-2025-62093

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Image FullScreen Background lbgfullscreenfullwidthslider allows SQL Injection.This issue affects Image FullScreen Background: from n/a through = 1.6.7...

Google Android Privilege Bypass Vulnerability

Google Android is a free and open source mobile operating system based on the Linux kernel developed by Google. Google Android suffers from a privilege bypass vulnerability that can be exploited by an attacker to cause activities to be launched from the background and local elevation of privilege...

EUVD-2025-202035

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows SQL Injection.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...

CVE-2025-22432

In notifyTimeout of CallRedirectionProcessor.java, there is a possible persistent connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48626

In multiple locations, there is a possible way to launch an application from the background due to a precondition check failure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48572

In multiple locations, there is a possible way to launch activities from the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48580

In connectInternal of MediaBrowser.java, there is a possible way to access while in use permission while the app is in background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-48573

In sendCommand of MediaSessionRecord.java, there is a possible way to launch the foreground service while the app is in the background due to FGS while-in-use abuse. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-48627

In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...