WordPress Charity Zone theme <= 1.1.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Charity Zone versions = 1.1.1...

WordPress Charety theme < 2.0.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Charety versions 2.0.2...

PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces

The Computer Emergency Response Team of Ukraine CERT-UA has disclosed details of new cyber attacks targeting its defense forces with malware known as PLUGGYAPE between October and December 2025. The activity has been attributed with medium confidence to a Russian hacking group tracked as Void...

CVE-2025-23860

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in crea8xion Charity-thermometer charitydonation-thermometer allows Stored XSS.This issue affects Charity-thermometer: from n/a through = 1.1.2...

EUVD-2018-13179

Malware in sbrugna...

EUVD-2018-13180

Malware in sbrugna...

EUVD-2025-3481

Malicious code in bioql PyPI...

EUVD-2025-20289

Malicious code in bioql PyPI...

EUVD-2024-45730

Malicious code in bioql PyPI...

EUVD-2024-50567

Malicious code in bioql PyPI...

EUVD-2025-28723

Malicious code in bioql PyPI...

EUVD-2024-40808

Malicious code in bioql PyPI...

EUVD-2024-45447

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2025-5394

The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the aloneimportpackinstallplugin function in all versions up to, and including, 7.8.3. This makes it possible for unauthenticated attackers ...

CVE-2025-54079

WeGIA is affected by a SQL injection in the endpoint /html/atendido/Profile_Atendido.php, vulnerable in versions prior to 3.4.6 and exploitable via the idatendido parameter. An authorized attacker could run arbitrary SQL queries and access sensitive data. The issue is fixed in version 3.4.6 (per ...

CVE-2025-6346

A vulnerability was found in SourceCodester Advance Charity Management System 1.0. It has been classified as critical. This affects an unknown part of the file /members/fundDetails.php. The manipulation of the argument m06 leads to sql injection. It is possible to initiate the attack remotely. Th...

CVE-2025-6346

A vulnerability was found in SourceCodester Advance Charity Management System 1.0. It has been classified as critical. This affects an unknown part of the file /members/fundDetails.php. The manipulation of the argument m06 leads to sql injection. It is possible to initiate the attack remotely. Th...

CVE-2025-6346

A vulnerability was found in SourceCodester Advance Charity Management System 1.0. It has been classified as critical. This affects an unknown part of the file /members/fundDetails.php. The manipulation of the argument m06 leads to sql injection. It is possible to initiate the attack remotely. Th...

CVE-2025-6346 SourceCodester Advance Charity Management System fundDetails.php sql injection

A vulnerability was found in SourceCodester Advance Charity Management System 1.0. It has been classified as critical. This affects an unknown part of the file /members/fundDetails.php. The manipulation of the argument m06 leads to sql injection. It is possible to initiate the attack remotely. Th...

PT-2025-26428 · Sourcecodester · Sourcecodester Advance Charity Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Advance Charity Management System version 1.0 Description: A critical issue was found in the SourceCodester Advance Charity Management System, affecting an unknown part of the file /members/fundDetails.php. The manipulation of...