Aggregator

CVE-2006-1487 | ActiveCampaign SupportTrio 2.50.2 Search Module terms cross site scripting (EDB-27492 / XFDB-25495)

Vuldb Updates
10 months 1 week ago
A vulnerability classified as problematic has been found in ActiveCampaign SupportTrio 2.50.2. Affected is an unknown function of the component Search Module. The manipulation of the argument terms leads to basic cross site scripting. This vulnerability is traded as CVE-2006-1487. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6415 | PHPGurukul Art Gallery Management System 1.1 /admin/changeimage3.php editid sql injection

Vuldb Updates
10 months 1 week ago
A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.1. This issue affects some unknown processing of the file /admin/changeimage3.php. The manipulation of the argument editid leads to sql injection. The identification of this vulnerability is CVE-2025-6415. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2019-12276 | GrandNode 4.40 LetsEncryptController.cs LetsEncryptController HTTP Requests path traversal (ID 153373 / EDB-47027)

Vuldb Updates
10 months 1 week ago
A vulnerability, which was classified as critical, has been found in GrandNode 4.40. This issue affects the function LetsEncryptController of the file Controllers/LetsEncryptController.cs. The manipulation as part of HTTP Requests leads to path traversal. The identification of this vulnerability is CVE-2019-12276. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2008-6217 | Extrakt Extrakt Framework 0.7 index.php plugins[file][id] cross site scripting (EDB-32547 / XFDB-46186)

Vuldb Updates
10 months 1 week ago
A vulnerability, which was classified as problematic, has been found in Extrakt Extrakt Framework 0.7. This issue affects some unknown processing of the file index.php. The manipulation of the argument plugins[file][id] leads to cross site scripting. The identification of this vulnerability is CVE-2008-6217. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-54763 | ipTIME A2004 12.17.0 /login/hostinfo.cgi information disclosure (EUVD-2024-52666)

Vuldb Updates
10 months 1 week ago
A vulnerability, which was classified as problematic, has been found in ipTIME A2004 12.17.0. Affected by this issue is some unknown functionality of the file /login/hostinfo.cgi. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-54763. The attack needs to be initiated within the local network. There is no exploit available.
vuldb.com

CVE-2025-6412 | PHPGurukul Art Gallery Management System 1.1 /admin/changeimage.php editid sql injection (EUVD-2025-18818)

Vuldb Updates
10 months 1 week ago
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. This vulnerability is handled as CVE-2025-6412. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6413 | PHPGurukul Art Gallery Management System 1.1 /admin/changeimage1.php editid sql injection (EUVD-2025-18817)

Vuldb Updates
10 months 1 week ago
A vulnerability classified as critical has been found in PHPGurukul Art Gallery Management System 1.1. This affects an unknown part of the file /admin/changeimage1.php. The manipulation of the argument editid leads to sql injection. This vulnerability is uniquely identified as CVE-2025-6413. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-54687 | vTiger CRM up to 6.1 Documents Module CRMEntity.php uploadAndSaveFile cross site scripting (EUVD-2024-52654)

Vuldb Updates
10 months 1 week ago
A vulnerability was found in vTiger CRM up to 6.1. It has been rated as problematic. This issue affects the function uploadAndSaveFile of the file CRMEntity.php of the component Documents Module. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-54687. The attack may be initiated remotely. There is no exploit available.
vuldb.com

Microsoft Announces New Graph Powered Detection of Hybrid Attack Targeting Organizations

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
10 months 1 week ago

Microsoft has unveiled a groundbreaking advancement in cybersecurity with the integration of the Enterprise Exposure Graph into its threat detection and response capabilities. This cutting-edge solution, part of Microsoft Defender XDR and Microsoft Security Exposure Management (MSEM), is designed to combat the increasing sophistication of hybrid attacks that span on-premises and cloud environments. Innovative Exposure […]

The post Microsoft Announces New Graph Powered Detection of Hybrid Attack Targeting Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2024-54675 | MISP up to 2.5.2 Editor Interface workflows-editor.js cross site scripting (EUVD-2024-52649)

Vuldb Updates
10 months 1 week ago
A vulnerability has been found in MISP up to 2.5.2 and classified as problematic. This vulnerability affects unknown code of the file app/webroot/js/workflows-editor/workflows-editor.js of the component Editor Interface. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-54675. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Managed ad