Aggregator
CVE-2025-0294 | SourceCodester Home Clean Services Management System 1.0 process.php type/length/business sql injection
1 year 6 months ago
A vulnerability has been found in SourceCodester Home Clean Services Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /public_html/admin/process.php. The manipulation of the argument type/length/business leads to sql injection.
This vulnerability is known as CVE-2025-0294. The attack can be launched remotely. Furthermore, there is an exploit available.
Other parameters might be affected as well.
vuldb.com
Submit #475159: code-projects Online Book Shop 1.0 SQL Injection [Accepted]
1 year 6 months ago
Submit #475159 / VDB-290447
lio346
Submit #475138: code-projects Online Book Shop 1.0 SQL Injection [Accepted]
1 year 6 months ago
Submit #475138 / VDB-290446
lio346
Submit #475135: code-projects Online Book Shop 1.0 SQL Injection [Accepted]
1 year 6 months ago
Submit #475135 / VDB-290445
lio346
Submit #475134: code-projects Online Book Shop 1.0 Cross Site Scripting [Accepted]
1 year 6 months ago
Submit #475134 / VDB-290444
lio346
Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers
1 year 6 months ago
Vulnerability / Network SecurityTaiwan-based Moxa has warned of two security vulnerabilities impac
Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers
1 year 6 months ago
Taiwan-based Moxa has warned of two security vulnerabilities impacting its cellular routers, secure routers, and network security appliances that could allow privilege escalation and command execution.
The list of vulnerabilities is as follows -
CVE-2024-9138 (CVSS 4.0 score: 8.6) - A hard-coded credentials vulnerability that could allow an authenticated user to escalate privileges and gain
The Hacker News
HTML中的0宽度空格
1 year 6 months ago
HTML中的0宽度空格是一个不可见的字符,它用于在HTML中创建小的间隔或强制文本或元素在同一行内显示。要在HTML中插入0宽度空格,你可以使用字符实体R
HTML中的0宽度空格
1 year 6 months ago
HTML中的0宽度空格是一个不可见的字符,它用于在HTML中创建小的间隔或强制文本或元素在同一行内显示。 要在 […]
杨龙
Submit #475076: Home Clean Services Management System 1.0 SQL Injection [Accepted]
1 year 6 months ago
Submit #475076 / VDB-290443
hayden
RFID Grabbing Through Fabric
1 year 6 months ago
CVE-2023-52466 | Linux Kernel up to 6.6.13/6.7.1 PCI pci_dev_for_each_resource out-of-bounds (5b3e25efe16e/bd26159dcaaa/3171e46d677a / Nessus ID 210815)
1 year 6 months ago
A vulnerability was suspected in Linux Kernel up to 6.6.13/6.7.1. This issue appears to be a false-positive. Please verify the sources mentioned and consider not using this entry at all.
vuldb.com
Dark Web Dangers Aren’t as Hidden as You Think
1 year 6 months ago
Imagine a hidden marketplace where sensitive information, proprietary data and corporate vulnera
Dark Web Dangers Aren’t as Hidden as You Think
1 year 6 months ago
While it occupies only a sliver of the internet, the dark web has become a growing threat to businesses everywhere.
The post Dark Web Dangers Aren’t as Hidden as You Think appeared first on Security Boulevard.
Graham Rance
CVE-2024-6306 | WordPress up to 6.5.4 Template Part Block path traversal (ID 58470)
1 year 6 months ago
A vulnerability was suspected in WordPress. This issue was flagged as a false-positive. Please consult the sources mentioned and consider not using this entry at all.
vuldb.com
CVE-2024-6305 | WordPress up to 6.5.4 on WordPress Template Part Block cross site scripting (ID 58471)
1 year 6 months ago
A vulnerability was suspected in WordPress up to 6.5.4. Further investigation has shown that this issues is a false-positive. Please review the sources mentioned and consider not using this entry at all.
vuldb.com
火狐浏览器v134.0正式版发布 带来HEVC硬件解码支持和改进窗口拦截问题
1 year 6 months ago
#软件资讯 Mozilla Firefox v134.0 正式版发布,带来 HEVC 硬件解码支持和改进弹出式窗口的拦截问题。其中 HEVC 硬件解码自然最重要,HEVC 硬件解码有助
CVE-2024-12516 | vickydalmia Coupon Plugin up to 1.2.1 on WordPress Coupon Code cross site scripting
1 year 6 months ago
A vulnerability, which was classified as problematic, was found in vickydalmia Coupon Plugin up to 1.2.1 on WordPress. Affected is an unknown function. The manipulation of the argument Coupon Code leads to cross site scripting.
This vulnerability is traded as CVE-2024-12516. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-12077 | WpDevArt Booking Calendar Plugin up to 3.2.19 on WordPress calendar_id cross site scripting
1 year 6 months ago
A vulnerability, which was classified as problematic, has been found in WpDevArt Booking Calendar Plugin and Booking Calendar Pro Plugin up to 3.2.19 on WordPress. This issue affects some unknown processing. The manipulation of the argument calendar_id leads to cross site scripting.
The identification of this vulnerability is CVE-2024-12077. The attack may be initiated remotely. There is no exploit available.
vuldb.com