CVE-2025-41346

Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows another user to be impersonated simply by knowing their 'numerical ID', meaning that an attacker could compromise another user's account, thereby affecting the confidentiality, integrity, and availabili...

Microtransit EV Android App has an override access vulnerability

Microbus EV APP is a car time-share rental service software. Microtransit EV Android APP has an override access vulnerability. After logging into the system, an attacker can view any account information, including user's name, cell phone number, ID number, account amount and other sensitive...

IP. Board 3.4.5 SQL injection vulnerability in the use and analysis-vulnerability warning-the black bar safety net

I. background information First I want to introduce this web App of background information, as well as on the vulnerability of some of the basic overview: IPB Forum known as Invision Power Board（abbreviated IPB or IP. Board, is the world's most famous Forum app by PHP+MySQL architecture, 1. The X...

TCCMS SQL injection vulnerability(blind)-vulnerability warning-the black bar safety net

\app\controller\area. class. php is not the id of the process, there is injected into the public function getCitys $aeraObj = M"area"; $provinceId = $GET"id"; //do not perform any processing //Fix suggested$provinceId = intval$GET"id"; mandatory conversion return...

Top 5 Social Networking Business Threats

Social networking sites are ideal havens for online criminal activities as they provide a combination of two key factors: a huge number of users and a high-level of trust among these users, cautioned a security specialist. ZDNet Asia spoke to industry experts who highlight the top five security...