6891 matches found
pretix-tracking-scripts (>=1.0.0 <=1.0.1) potentially affected by CVE-2025-13742 via pretix (=2024.11.0)
pretix PYPI version =2024.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on pretix and may be impacted: - pretix-tracking-scripts =1.0.0, =1.0.1 Source cves: CVE-2025-13742 Source advisory: OSV:PYSEC-2025-154...
Online Shopping Portal Insecure Direct Object Reference Vulnerability
Online Shopping Portal is an online store. Online Shopping Portal suffers from an insecure direct object reference vulnerability, which stems from the order tracking functionality not properly implementing an access control mechanism that directly references data sent from the client as an object...
CVE-2025-65647
Insecure Direct Object Reference IDOR in the Track order function in PHPGURUKUL Online Shopping Portal 2.1 allows information disclosure via the oid parameter...
ICE Offers Up to $280 Million to Immigrant-Tracking ‘Bounty Hunter’ Firms
Immigration and Customs Enforcement lifted a $180 million cap on a proposed immigrant-tracking program while guaranteeing multimillion-dollar payouts for private surveillance firms...
CVE-2025-13585
A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...
CVE-2025-65647
CVE-2025-65647 applies to PHPGURUKUL Online Shopping Portal 2.1, where an Insecure Direct Object Reference (IDOR) in the Track order function allows information disclosure via the oid parameter. The vulnerability stems from insufficient access control when referencing data sent from the client as...
ROS-20251125-13
A vulnerability in the maskedPaths feature of the isolated container runc tool is related to the runc state that allows link tracking. Exploitation of the vulnerability could allow an attacker to Affect the confidentiality, integrity and availability of protected information...
Securing the Model Context Protocol (MCP): Risks, Controls, and Governance
The Model Context Protocol MCP replaces static, developer-controlled API integrations with more dynamic, user-driven agent systems, which also introduces new security risks. As MCP adoption grows across community servers and major platforms, organizations encounter threats that existing AI...
PHPGurukul Online Shopping Portal 安全漏洞
Online Shopping Portal is an online store. Online Shopping Portal suffers from an insecure direct object reference vulnerability, which stems from the order tracking functionality not properly implementing an access control mechanism that directly references data sent from the client as an object...
CVE-2025-13570
A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=state. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been made publ...
CVE-2025-13569
A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/?page=city. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2025-13567
A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This affects an unknown function of the file /admin/?page=establishment. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-13568
A flaw has been found in itsourcecode COVID Tracking System 1.0. This impacts an unknown function of the file /admin/?page=people. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...
EUVD-2025-198945
Malicious code in @posthog/github-release-tracking-plugin npm...
EUVD-2025-198842
Malicious code in capacitor-plugin-apptrackingios npm...
CVE-2025-13585
A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...
CVE-2025-13585
A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...
CVE-2025-13585 itsourcecode COVID Tracking System login.php sql injection
A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...
CVE-2025-13585
The CVE-2025-13585 affects itsourcecode COVID Tracking System 1.0. A flaw in /login.php allows manipulation of the code argument to trigger SQL injection. The issue is remotely exploitable and exploits are publicly available. Connected sources confirm the vulnerability details and that a fix vers...
EUVD-2025-198622
A vulnerability was detected in code-projects COVID Tracking System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument code results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...