LinkedIn Phishing Scam Uses Fake Notifications to Hijack Accounts

A LinkedIn phishing scam uses fake notifications and lookalike domains to steal credentials, hijack accounts, and access sensitive professional data...

HCL Aftermarket DPC SQL Injection Vulnerability

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements, which can be exploited by an attacker to execut...

Chamilo copy_course_session_selected.php file SQL injection vulnerability

Chamilo is a learning management system open source by Chamilo. Chamilo copycoursesessionselected.php file contains a SQL injection vulnerability that can be exploited by an attacker to execute illegal SQL commands to steal sensitive database data...

Chamilo index.php file SQL injection vulnerability

Chamilo is a learning management system open source by Chamilo. Chamilo index.php file contains a SQL injection vulnerability , an attacker can use the vulnerability to execute illegal SQL commands to steal sensitive database data...

100-days-challenge-day-30-XSS-attacks

100-days-challenge-day-30-XSS-attacks XSS attacks demonstrate...

CVE-2025-41081 Reflected Cross-Site Scripting (XSS) in IsMyGym

Reflected Cross-Site Scripting XSS vulnerability in IsMyGym by Zuinq Studio. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL with '/.php/'. This vulnerability can be exploited to steal sensitive user data, such as session...

14 Malicious NuGet Packages Found Stealing Crypto Wallets and Ad Data

ReversingLabs discovers 14 malicious NuGet packages, including Netherеum.All, using homoglyphs and fake downloads to steal crypto wallets and Google Ads data...

Elastic Cloud Enterprise 安全漏洞

Elastic Cloud Enterprise is a cloud platform from the Dutch company Elastic. It makes it easy to deploy, operate and scale Elastic Stack in the cloud. A security vulnerability exists in Elastic Cloud Enterprise that stems from improper neutralization of special elements in the template engine,...

Ivanti Endpoint Manager SQL注入漏洞

Ivanti Endpoint Manager is a unified endpoint management solution for the enterprise that is designed to centrally manage all types of devices including Windows, macOS, Linux, ChromeOS and IoT devices within an organization, covering OS deployment, software distribution, remote control and more. ...

8 Malicious NPM Packages Stole Chrome User Data on Windows

JFrog researchers found eight malicious NPM packages using 70 layers of obfuscation to steal data from Chrome browser…...

Crime Reporting System userlogin.php File SQL Injection Vulnerability

Crime Reporting System is a crime reporting system. Crime Reporting System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter email in the file /userlogin.php. An attacker can exploit this vulnerability to...

Job Diary view-all.php File SQL Injection Vulnerability

Job Diary is a job diary software. Job Diary suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ID in the file /view-all.php. An attacker can exploit this vulnerability to execute illegal SQL commands to steal...

Zoo Management System /admin/index.php File SQL Injection Vulnerability

Zoo Management System is a zoo management system. Zoo Management System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in file /admin/index.php. An attacker can exploit this vulnerability to...

Dairy Farm Shop Management System invoice.php File SQL Injection Vulnerability

Dairy Farm Shop Management System is a PHP and MySQL based dairy farm management system . The Dairy Farm Shop Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter del in the file /invoice.php...

Simple Pizza Ordering System paymentportal.php File SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter person in the file /paymentportal.php. The vulnerability can be...

News Portal /aboutus.php File SQL Injection Vulnerability

News Portal is a news portal. News Portal suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter pagetitle in the file /admin/aboutus.php. An attacker can exploit this vulnerability to execute illegal SQL comman...

Cyber Cafe Management System add-users.php File SQL Injection Vulnerability

Cyber Cafe Management System is an internet cafe management system. Cyber Cafe Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uadd in the file /add-users.php. An attacker can exploit th...

CodeAstro Internet Banking System 跨站请求伪造漏洞

CodeAstro Internet Banking System is a PHP online banking system from CodeAstro. A security vulnerability exists in CodeAstro Internet Banking System version 2.0.0. An attacker can exploit this vulnerability by executing arbitrary JavaScript on the administration page pagesaccount to change accou...

SAP Commerce 跨站脚本漏洞

SAP Commerce Backoffice is a powerful tool for managing and maintaining e-commerce websites, allowing administrators and operations teams to easily manage website content and configuration. SAP Commerce Backoffice suffers from a cross-site scripting vulnerability that can be exploited by remote...

Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data

By Deeba Ahmed Android Security Alert- Hackers are disguising malware as popular apps like Instagram and Snapchat to steal your login details. Learn how to identify fake apps and protect yourself from this sneaky cyberattack. This is a post from HackRead.com Read the original post: Android Malwar...