PT-2025-27879 · Unknown · Contact Us Page – Contact People

Name of the Vulnerable Software and Affected Versions: Contact Us page - Contact people LITE versions 3.7.4 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection,...

PT-2025-27376 · Sourcecodester · Sourcecodester Simple Company Website

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Company Website version 1.0 Description: A critical issue affects the processing of the file "/admin/services/manage.php". The manipulation of the ID argument leads to SQL injection. The attack can be initiated remotely...

PT-2025-27200 · Unknown · Gioni Plugin Inspector

Name of the Vulnerable Software and Affected Versions: gioni Plugin Inspector versions n/a through 1.5 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal'. This allows for Path Traversal in the gioni Plugin Inspector...

PT-2025-26692

Name of the Vulnerable Software and Affected Versions: WRC-2533GST2 affected versions not specified WRC-1167GST2 affected versions not specified Description: The issue is related to the unrestricted upload of files with dangerous types. If a specially crafted file is uploaded by a remote...

PT-2025-26546 · Unknown · Code-Projects Online Bidding System

Name of the Vulnerable Software and Affected Versions: Code-Projects Online Bidding System version 1.0 Description: A critical issue was found in the code, affecting the /bidnow.php file, where the manipulation of the ID argument leads to SQL injection. This issue can be exploited remotely...

PT-2025-25680 · Mapsvg · Mapsvg

Name of the Vulnerable Software and Affected Versions: MapSVG versions prior to 8.5.32 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and potential control o...

PT-2025-25055 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: A stored Cross-Site Scripting XSS issue affects the software, allowing a low-privileged attacker to inject malicious scripts into vulnerable form fields. When a victim browses ...

PT-2025-24937 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.22 and earlier Description: The issue is a reflected Cross-Site Scripting XSS vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Wh...

PT-2025-24116 · Unknown · No Spam At All

Name of the Vulnerable Software and Affected Versions: No Spam At All versions 1.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions 1.3 and earlier,...

PT-2025-23165 · Tcpreplay +1 · Tcpreplay +1

Name of the Vulnerable Software and Affected Versions: tcpreplay version 4.4.4 Description: The issue is related to an infinite loop in the tcprewrite function, located at get.c. This infinite loop can be triggered, potentially causing the software to become unresponsive. Recommendations: For...

PT-2025-19949

Name of the Vulnerable Software and Affected Versions Gym Management System version 1.0 Description A critical issue has been found in the Gym Management System, affecting some unknown functionality of the file /view member.php. The manipulation of the ID argument leads to SQL injection. The atta...

PT-2025-17003 · Unknown · Aidraw I Draw

Name of the Vulnerable Software and Affected Versions: aidraw I Draw versions n/a through 1.0 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the use of malicious files. Recommendations: For versions n/a through 1.0, consider restricting file...

PT-2025-15002 · Unknown · 1-Click Backup & Restore Database

Name of the Vulnerable Software and Affected Versions: 1-Click Backup & Restore Database versions 1.0.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing the exploitation of incorrectly configured access control security levels. Recommendations: For...

PT-2025-13677 · Code Projects · Code-Projects Payroll Management System

Name of the Vulnerable Software and Affected Versions: code-projects Payroll Management System version 1.0 Description: A critical issue has been found in the system, affecting the file update account.php. The manipulation of the deduction argument leads to SQL injection. This issue can be...

How to Enter the US With Your Digital Privacy Intact

Crossing into the United States has become increasingly dangerous for digital privacy. Here are a few steps you can take to minimize the risk of Customs and Border Protection accessing your data...

PT-2024-31301 · Irfan Skiljan · Irfanview

Name of the Vulnerable Software and Affected Versions: Irfanview version 4.67.1.0 Description: An issue in the component EXR!ReadEXR+0x3df50 of Irfanview allows attackers to cause an access violation via a crafted EXR file, leading to a Denial of Service DoS. Recommendations: For Irfanview versio...

PT-2024-25503 · Onenav · Onenav

Name of the Vulnerable Software and Affected Versions: OneNav version 0.9.35-20240318 Description: The issue is related to a Server-Side Request Forgery SSRF in the component "/index.php?c=api&method=get link info". This allows for potential unauthorized access to internal resources...

PT-2023-26707

Name of the Vulnerable Software and Affected Versions Lost and Found Information System version 1.0 Description The issue allows account takeover via username and password to a "/classes/Users.php?f=save" API endpoint. Recommendations For Lost and Found Information System version 1.0, consider...

PT-2023-5199 · Ibm · Ibm Qradar Siem

Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM version 7.5.0 Description: The issue is related to a lack of protection for the web page structure, allowing a remote attacker to bypass restrictions on executing JavaScript. This can enable users to embed arbitrary JavaScript...

Rockwell Automation FactoryTalk Transaction Manager

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Transaction Manager Vulnerability: Uncontrolled Resource Consumption. 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the...