Aggregator
Submit #625785: code-projects Online Farm System V1.0 SQL injection [Accepted]
6 months 1 week ago
Submit #625785 / VDB-318516
wllovemy
直击真实 ClickFix 攻击现场:一场社会工程学黑客攻击的全过程
6 months 1 week ago
安全客
How IP Networks Improve Online Gaming
6 months 1 week ago
Reduce lag and avoid bans with specialized IP networks. Learn how gaming proxies boost
speed, access, and stability for online players.
The post How IP Networks Improve Online Gaming appeared first on Security Boulevard.
MojoAuth - Advanced Authentication & Identity Solutions
Thorium: A scalable file analysis and data generation platform that allows users to easily orchestrate arbitrary docker/vm/shell tools at scale
6 months 1 week ago
Thorium: A scalable file analysis and data generation platform that allows users to easily orchestrate arbitrary docker/vm/shell tools at scale
Dark Web Informer - Cyber Threat Intelligence
Anubis 勒索软件攻击 Android 与 Windows 用户:加密文件并窃取登录凭证
6 months 1 week ago
安全客
Threat Actors Leverage Compromised Email Accounts for Targeted Phishing Attacks
6 months 1 week ago
Cybercriminals are increasingly sophisticated in their phishing attacks, with threat actors now leveraging compromised email accounts from trusted sources to bypass security controls and enhance campaign legitimacy. Recent incident response data reveals phishing remains a dominant attack vector, accounting for one-third of all security engagements in Q2 2025, despite declining from the previous quarter’s 50 […]
The post Threat Actors Leverage Compromised Email Accounts for Targeted Phishing Attacks appeared first on Cyber Security News.
Tushar Subhra Dutta
美国政客的年龄比其他国家都年长
6 months 1 week ago
美国政客的年龄比世界其他国家的政客都要老。根据发表在《Journal of Public Economics》期刊上的一项研究,斯坦福大学和加州伯克利的研究人员认为,这一现象背后的一大原因与为政客竞选资金捐款的人的年龄相关。通过关联美国竞选捐款和登记选民,研究人员发现捐款选民的中位数年龄是 66 岁。年长捐款者的意识形态比年轻捐款者保守得多,他们也更可能捐款给年龄相近的候选人,且捐款金额更大。
CVE-2025-51504 | Microweber CMS 2.0 /projects/profile last name cross site scripting
6 months 1 week ago
A vulnerability has been found in Microweber CMS 2.0 and classified as problematic. This vulnerability affects unknown code of the file /projects/profile. The manipulation of the argument last name leads to cross site scripting.
This vulnerability was named CVE-2025-51504. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-51501 | Microweber CMS 2.0 API Endpoint live_edit.module_settings ID cross site scripting
6 months 1 week ago
A vulnerability, which was classified as problematic, was found in Microweber CMS 2.0. This affects an unknown part of the file live_edit.module_settings of the component API Endpoint. The manipulation of the argument ID leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2025-51501. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-51502 | Microweber CMS 2.0 /admin/page/create layout cross site scripting
6 months 1 week ago
A vulnerability, which was classified as problematic, has been found in Microweber CMS 2.0. Affected by this issue is some unknown functionality of the file /admin/page/create. The manipulation of the argument layout leads to cross site scripting.
This vulnerability is handled as CVE-2025-51502. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2019-19144 | Quantum DXi6702 2.3.0.3 Users?action=authenticate xml external entity reference
6 months 1 week ago
A vulnerability classified as problematic was found in Quantum DXi6702 2.3.0.3. Affected by this vulnerability is an unknown functionality of the file rest/Users?action=authenticate. The manipulation leads to xml external entity reference.
This vulnerability is known as CVE-2019-19144. The attack needs to be initiated within the local network. There is no exploit available.
vuldb.com
CVE-2025-52327 | Restaurant Order System 1.0 payment.php sql injection
6 months 1 week ago
A vulnerability classified as critical has been found in Restaurant Order System 1.0. Affected is an unknown function of the file payment.php. The manipulation leads to sql injection.
This vulnerability is traded as CVE-2025-52327. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-44139 | Emlog Pro 2.5.7 plugin.php?action=upload_zip unrestricted upload
6 months 1 week ago
A vulnerability was found in Emlog Pro 2.5.7. It has been rated as critical. This issue affects some unknown processing of the file /emlog/admin/plugin.php?action=upload_zip. The manipulation leads to unrestricted upload.
The identification of this vulnerability is CVE-2025-44139. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-50472 | modelscope ms-swift library up to 2.6.1 load_model_meta deserialization
6 months 1 week ago
A vulnerability was found in modelscope ms-swift library up to 2.6.1. It has been declared as critical. This vulnerability affects the function load_model_meta. The manipulation leads to deserialization.
This vulnerability was named CVE-2025-50472. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-52390 | Saurus CMS Community Edition 2010-04-23 FulltextSearch.class.php prepareSearchQuery search_word sql injection
6 months 1 week ago
A vulnerability was found in Saurus CMS Community Edition 2010-04-23. It has been classified as critical. This affects the function prepareSearchQuery of the file FulltextSearch.class.php. The manipulation of the argument search_word leads to sql injection.
This vulnerability is uniquely identified as CVE-2025-52390. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
Qilin Ransomware Sees Surge After Collapse of Dominant RansomHub RaaS
6 months 1 week ago
The ransomware landscape underwent significant disruption, marked by the abrupt cessation of operations from several prominent Ransomware-as-a-Service (RaaS) groups, including RansomHub, Babuk-Bjorka, FunkSec, BianLian, 8Base, Cactus, Hunters International, and LockBit. This wave of disappearances has fragmented the ecosystem, diminishing the dominance of major players and fostering a proliferation of smaller, independent actors. Global law enforcement […]
The post Qilin Ransomware Sees Surge After Collapse of Dominant RansomHub RaaS appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Альянс против уязвимостей: Web3 и PT создают системную защиту цифровых активов
6 months 1 week ago
Минфин прогнозирует рост ЦФА, эксперты предупреждают об угрозах.
INC
6 months 1 week ago
You must login to view this content
cohenido
CVE-2024-20297 | Cisco ASA/Firepower Threat Defense AnyConnect authentication spoofing (cisco-sa-asaftd-acl-bypass-VvnLNKqf)
6 months 1 week ago
A vulnerability was found in Cisco ASA and Firepower Threat Defense. It has been classified as critical. This affects an unknown part of the component AnyConnect. The manipulation leads to authentication bypass by spoofing.
This vulnerability is uniquely identified as CVE-2024-20297. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com