Azure Linux 3.0 Security Update: python3 (CVE-2024-4032)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4032 advisory. - The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were...

Drupal 10.3.x < 10.3.14 / 10.4.x < 10.4.5 / 11.x < 11.0.13 / 11.1.x < 11.1.5 Drupal Vulnerability (SA-CORE-2025-004)

According to its self-reported version, the instance of Drupal running on the remote web server is 10.3.x prior to 10.3.14, 10.4.x prior to 10.4.5, 11.x prior to 11.0.13, or 11.1.x prior to 11.1.5. It is, therefore, affected by a vulnerability. - Improper Neutralization of Input During Web Page...

CVE-2025-2372

A vulnerability classified as critical has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This affects an unknown part of the file /password-recovery.php of the component Password Recovery Page. The manipulation of the argument username leads to sql injection. It is...

CVE-2025-2371

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /registered-user-testing.php of the component Registered Mobile Number Search. The manipulation of the...

Jenkins plugins Multiple Vulnerabilities (2025-03-19)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA...

CVE-2025-2375

A vulnerability, which was classified as problematic, was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected is an unknown function of the file /profile.php of the component Admin Profile Page. The manipulation of the argument email leads to cross site scripting. It...

CVE-2025-2374 PHPGurukul Human Metapneumovirus Testing Management System profile.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument aid/adminname/mobilenumber/email leads to sql injection. The...

CVE-2025-2372 PHPGurukul Human Metapneumovirus Testing Management System Password Recovery Page password-recovery.php sql injection

A vulnerability classified as critical has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This affects an unknown part of the file /password-recovery.php of the component Password Recovery Page. The manipulation of the argument username leads to sql injection. It is...

CVE-2025-2371 PHPGurukul Human Metapneumovirus Testing Management System Registered Mobile Number Search registered-user-testing.php cross site scripting

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /registered-user-testing.php of the component Registered Mobile Number Search. The manipulation of the...

Malicious code in malwaretesting2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 992d4e35601291d8af779953d2f285061a62412b41ee8a799245b99892ce7efc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PHPGurukul Human Metapneumovirus Testing Management System 注入漏洞

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. The Human Metapneumovirus Testing Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter...

PHPGurukul Human Metapneumovirus Testing Management System 代码注入漏洞

PHPGurukul Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system from PHPGurukul, Inc. A code injection vulnerability exists in version 1.0 of the PHPGurukul Human Metapneumovirus Testing Management System, which stems from an incorrect manipulation o...

PHPGurukul Human Metapneumovirus Testing Management System 注入漏洞

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. A SQL injection vulnerability exists in the Human Metapneumovirus Testing Management System due to a lack of validation of an externally-entered SQL statement in the parameter username in the...

PHPGurukul Human Metapneumovirus Testing Management System 注入漏洞

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. The Human Metapneumovirus Testing Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter...

The vulnerability of microprogrammed software in Intel NUC laptops arises from insufficient testing of input data, allowing attackers to exploit this weakness to gain increased privileges.

The vulnerability of Intel NUC laptop microprogramming software exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

Exploit for OS Command Injection in Php

PHP-CGI Injector 🚀 CVE-2024-4577 & CVE-2024-8926 Exploit To...

[SECURITY] Fedora 42 Update: python3.6-3.6.15-43.fc42

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

Loaded Commerce 6.6 Client-Side Template Injection

Loaded Commerce version 6.6 suffers from a client-side template injection vulnerability. Exploit Title: Loaded Commerce 6.6 Client-Side Template InjectionCSTI AngularJS Date: 03/13/2025 Exploit Author: tmrswrr Vendor Homepage: https://loadedcommerce.com/ Version: 6.6 Tested on:...

Microsoft Security Update Validation Report March 2025

Microsoft’s March 2025 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing software...

Penetration Testing Steps and Tools

This whitepaper goes over reconnaissance of a target, various types of attacks leveraged during penetration testing, and provides examples of the commands used in the process...