GHSA-FQQ7-H225-8W6H Skuul School Management System has an Insecure Direct Object Reference (IDOR) Vulnerability in View Fee Invoice

A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View Fee Invoice. Performing manipulation of the argument invoiceid results in improper control of...

CVE-2025-12918

The CVE-2025-12918 entry concerns yungifez Skuul School Management System (up to 2.6.5). Affected component: View Fee Invoice, specifically the /dashboard/fees/fee-invoices/ path. Root cause: manipulating the invoice_id parameter leads to improper control of resource identifiers (an IDOR-like fla...

Hackers Can Manipulate Media Files You Receive Via WhatsApp and Telegram

If you think that the media files you receive on your end-to-end encrypted secure messaging apps can not be tampered with, you need to think again. Security researchers at Symantec yesterday demonstrated multiple interesting attack scenarios against WhatsApp and Telegram Android apps, which could...

PHPCart - Input Validation

source: https://www.securityfocus.com/bid/13406/info PHPCart is prone to a remote input validation vulnerability. The issue exists because the software fails to sufficiently sanitize URI parameter data that is employed when computing product charges. A remote attacker may exploit this issue to...