CVE-2019-25498

CVE-2019-25498 describes an SQL injection in the product “Simple Job Script” that allows unauthenticated attackers to manipulate database queries via the landing_location parameter. The vulnerability can be triggered by POST requests to the searched endpoint, potentially bypassing authentication ...

EUVD-2024-25032

Malicious code in bioql PyPI...

CVE-2025-48201

The nsbackup extension through 13.0.0 for TYPO3 has a Predictable Resource Location...

Flower Delivery by Florist One <= 3.5.15 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setups PoC As admin, go to the plugin's settings, create a ne...

Some banks take a number machine,9 0% of the pass to kill the admin backend of location-vulnerability warning-the black bar safety net

Remember that on a year to a row of the check-in card, unintentional click on the logo. Directly BUG stuck on.. Today to the Bank for something, take a number, waiting. It is the shift, few in the check-in staff. Helplessly wait-ing....... Bored on the occasion, will play under the take a number...

Latest Security Flaw in Skype Enables IP address & Location Tracking

Latest Security Flaw in Skype Enables IP address & Location Tracking The serious breach in the widely-used, internet video chat program means that any evil computer nerd could easily hunt down users' whereabouts, according to a study co-authored by an NYU-Poly professor. The flaw in Skype could...

Akamai Download Manager &lt; 2.2.3.7 ActiveX Remote Download Exploit

No description provided by source. html !-- / Exploit start here, by cocoruderfrankruderathotmail.com For "Akamai Download Manager File Download To Arbitrary Location Vulnerability". This exploit will download "http://ruder.cdut.net/attach/calc.exe" to "C:\Documents and Settings\All Users\Start...

kdbg security update

CentOS Errata and Security Advisory CESA-2005:416-01 An updated kdbg package that fixes a minor security issue is now available for Red Hat Enterprise Linux 2.1. This update has been rated as having low security impact by the Red Hat Security Response Team. Kdbg is a K Desktop Environment KDE GUI...

Internet Explorer Vulnerability: Content-Location works with both triple and double slash

After I reported the Content-Location Vulnerability http://www.securityfocus.com/archive/1/342317, Thor Larholm explained that the html execution was not caused by the Content-Location header, but instead by the triple slash file:///. I have tested it with double slash and I even tested the tripl...