CVE-2025-53865

Vulnerability details (CVE-2025-53865): Roundup before 2.5.0 is vulnerable to cross-site scripting via the interaction between URLs and issue-tracker templates (devel and responsive). Affected component: Roundup up to version 2.4.x; root cause: XSS caused by URL/template interaction. Practical im...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an incorrect setting of funcgraph-args in the fgraph tracker, which could lead to double registration...

MAL-2025-5694 Malicious code in gdpr-tracker-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8a07210a79f85c1ecd79351c780ee3e0c92be87207480cf11d712ef9aaf0d74 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in gdpr-tracker-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8a07210a79f85c1ecd79351c780ee3e0c92be87207480cf11d712ef9aaf0d74 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE CVE-2022-50163

In the Linux kernel, the following vulnerability has been resolved: ax25: fix incorrect devtracker usage While investigating a separate rose issue 1, and enabling CONFIGNETDEVREFCNTTRACKER=y, Bernard reported an orthogonal ax25 issue 2 An ax25dev can be used by one or many struct ax25cb. We thus...

DEBIAN-CVE-2022-50163

In the Linux kernel, the following vulnerability has been resolved: ax25: fix incorrect devtracker usage While investigating a separate rose issue 1, and enabling CONFIGNETDEVREFCNTTRACKER=y, Bernard reported an orthogonal ax25 issue 2 An ax25dev can be used by one or many struct ax25cb. We thus...

UBUNTU-CVE-2022-50163

In the Linux kernel, the following vulnerability has been resolved: ax25: fix incorrect devtracker usage While investigating a separate rose issue 1, and enabling CONFIGNETDEVREFCNTTRACKER=y, Bernard reported an orthogonal ax25 issue 2 An ax25dev can be used by one or many struct ax25cb. We thus...

CVE-2022-50163

In the Linux kernel, the following vulnerability has been resolved: ax25: fix incorrect devtracker usage While investigating a separate rose issue 1, and enabling CONFIGNETDEVREFCNTTRACKER=y, Bernard reported an orthogonal ax25 issue 2 An ax25dev can be used by one or many struct ax25cb. We thus...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from incorrect use of devtracker in the ax25 driver...

TencentOS Server 4: tracker-miners (TSSA-2025:0129)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0129 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Daily Expense Tracker System /expense-reports-detailed.php File SQL Injection Vulnerability

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in the parameter fromdate/todate in the file...

Debian dla-4215 : ublock-origin-doc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4215 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4215-1 [email protected] https://www.debian.org/lts/security/...

MainWP: Reflected XSS in "Cost Tracker" Notes Field

The reflected Cross-Site Scripting XSS vulnerability was discovered in the "Notes" input field of the Cost Tracker section in MainWP Version 5.4.0.11. Arbitrary user input in this field was reflected back and executed immediately upon saving, due to the lack of proper input sanitization and outpu...

Daily Expense Tracker System /expense-yearwise-reports-detailed.php File SQL Injection Vulnerability

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter todate in the file...

CVE-2025-5546

A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-5546

A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-5546 PHPGurukul Daily Expense Tracker System expense-reports-detailed.php sql injection

A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-5546 PHPGurukul Daily Expense Tracker System expense-reports-detailed.php sql injection

A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-5546

PHPGurukul Daily Expense Tracker System 1.1 is affected by a SQL injection in /expense-reports-detailed.php via the fromdate/todate parameters. The issue allows remote attackers to execute arbitrary SQL commands and potentially access sensitive data. Public exploit information is present in sever...

PT-2025-23680 · Unknown · Phpgurukul Daily Expense Tracker System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Daily Expense Tracker System version 1.1 Description: A critical vulnerability was found in the PHPGurukul Daily Expense Tracker System. This issue affects unknown code in the file /expense-reports-detailed.php. The manipulation of...