337 matches found
SourceCodester Interview Management System 代码注入漏洞
SourceCodester Interview Management System is a SourceCodester open source interview management system. A code injection vulnerability exists in version 1.0 of the SourceCodester Interview Management System, which stems from an incorrect manipulation of the parameter Question in the file...
North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels
The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. "The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host...
CVE-2025-12939
A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of the file /addCandidate.php. The manipulation of the argument candName results in sql injection. The attack can be launched remotely. The exploit has...
EUVD-2025-44057
A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of the file /addCandidate.php. The manipulation of the argument candName results in sql injection. The attack can be launched remotely. The exploit has...
CVE-2025-12939
A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of the file /addCandidate.php. The manipulation of the argument candName results in sql injection. The attack can be launched remotely. The exploit has...
CVE-2025-12939
A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of the file /addCandidate.php. The manipulation of the argument candName results in sql injection. The attack can be launched remotely. The exploit has...
CVE-2025-12939 SourceCodester Interview Management System addCandidate.php sql injection
A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of the file /addCandidate.php. The manipulation of the argument candName results in sql injection. The attack can be launched remotely. The exploit has...
CVE-2025-12939 SourceCodester Interview Management System addCandidate.php sql injection
A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of the file /addCandidate.php. The manipulation of the argument candName results in sql injection. The attack can be launched remotely. The exploit has...
CVE-2025-12939
CVE-2025-12939 affects SourceCodester Interview Management System (up to 1.0). The vulnerability is an SQL injection in the file /addCandidate.php caused by manipulation of the candName parameter. It is exploitable remotely and an exploit has been publicly released. The known impact, per referenc...
SourceCodester Interview Management System SQL注入漏洞
SourceCodester Interview Management System is a SourceCodester open source interview management system . SourceCodester Interview Management System 1.0 and earlier versions have a SQL injection vulnerability that stems from incorrect manipulation of the parameter candName in the file...
PT-2025-46147
Name of the Vulnerable Software and Affected Versions SourceCodester Interview Management System version 1.0 Description A security flaw exists in SourceCodester Interview Management System version 1.0. The issue involves a SQL injection impacting the file '/addCandidate.php'. Manipulation of the...
North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware
The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs, indicating that the hacking group is actively refining its toolset. That's according to new findings from Cisco Talos, which said recent...
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
A threat actor with ties to the Democratic People's Republic of Korea aka North Korea has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method. The activity has been...
EUVD-2025-15512
Malicious code in bioql PyPI...
EUVD-2022-41154
Malicious code in bioql PyPI...
EUVD-2022-40847
Malicious code in bioql PyPI...
EUVD-2022-40852
Malicious code in bioql PyPI...
EUVD-2022-34924
Malicious code in bioql PyPI...
EUVD-2022-34930
Malicious code in bioql PyPI...
EUVD-2023-44454
Malicious code in bioql PyPI...