14 matches found
EUVD-2025-2258
Malicious code in bioql PyPI...
EUVD-2023-2409
Malicious code in bioql PyPI...
WordPress VidMov Theme <= 1.9.4 is vulnerable to Local File Inclusion
Software VidMov Type Theme Vulnerable versions = 1.9.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-25172 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 14a25e16a9b7 Credits Bonds Required privilege Unauthenticated Published 2...
WordPress Sala Theme <= 1.1.3 is vulnerable to Broken Access Control
Software Sala Type Theme Vulnerable versions = 1.1.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-52803 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 485a6b36a4e6 Credits Thái An Required privilege Unauthenticate...
WordPress CoSchool LMS plugin <= 1.4.3 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by Drew / mcdruid in WordPress Plugin CoSchool LMS versions = 1.4.3...
WordPress Courtney Theme <= 1.3.0 is vulnerable to Local File Inclusion
Software Courtney Type Theme Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-48290 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID b98242302303 Credits Bonds Required privilege Unauthenticated Publish...
WordPress Testimonial Slider and Showcase Pro plugin <= 2.3.15 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin Testimonial Slider And Showcase Pro versions = 2.3.15...
Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack
Cisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance ASA that could lead to a denial-of-service DoS condition. The vulnerability, tracked as CVE-2024-20481 CVSS score: 5.8, affects the Remote Access VPN RAVPN service of...
Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability
Cybersecurity company Trend Micro has released patches and hotfixes to address a critical security flaw in Apex One and Worry-Free Business Security solutions for Windows that has been actively exploited in real-world attacks. Tracked as CVE-2023-41179 CVSS score: 9.1, it relates to a third-party...
Stored XSS in module named "Create Issues"
Description I tested the demo site you provided. I see that there is an XSS vulnerability. I hope you can check and provide a fix as soon as possible. Proof of Concept link video Poc https://drive.google.com/file/d/1CEEFO0ukhjug6dNRfb-vdQNuBUyezoJp/view?usp=sharing Steps 1 .Login as account demo ...
A Typo in Zerocoin's Source Code helped Hackers Steal ZCoins worth $585,000
Are you a programmer? If yes, then you would know the actual pain of... "forgetting a semicolon," the hide and seek champion since 1958. Typos annoy everyone. Remember how a hacker's typo stopped the biggest bank heist in the history, saved $1 billion of Bangladesh bank from getting stolen. But...
FantasyTote: Urgent Fix Balance Limit bypass
Hi check this Video POC i am able to bypass the Limit of deposite balnce the limit is 150 but i can put 2000 https://drive.google.com/file/d/0B-HtZBO84sdSMkFEQ21vZW5Uak0/view Thanks Regards Tayyab Qadir...
Linux Glibc library critical security vulnerabilities and repair method-vulnerability warning-the black bar safety net
By Linux, the GNU glibc standard library gethostbyname function of the burst buffer overflow vulnerability, vulnerability number CVE-2 0 1 5-0 2 3 5 to. A hacker can through gethostbyname functions to achieve remote code execution, access to the server control and Shell access, and this...
AIX 5.1 : IY49446
The remote host is missing AIX Critical Security Patch number IY49446 rpc.statd dies due to memory leak. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...