Aggregator

CVE-2025-9471 | itsourcecode Apartment Management System 1.0 add_maintenance_cost.php ID sql injection

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability was found in itsourcecode Apartment Management System 1.0. It has been rated as critical. This vulnerability affects unknown code of the file /maintenance/add_maintenance_cost.php. The manipulation of the argument ID leads to sql injection. This vulnerability is referenced as CVE-2025-9471. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com

CVE-2025-9470 | itsourcecode Apartment Management System 1.0 add_m_committee.php ID sql injection

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability was found in itsourcecode Apartment Management System 1.0. It has been declared as critical. This affects an unknown part of the file /management/add_m_committee.php. Executing manipulation of the argument ID can lead to sql injection. The identification of this vulnerability is CVE-2025-9470. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-9469 | itsourcecode Apartment Management System 1.0 /fund/add_fund.php ID sql injection

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability was found in itsourcecode Apartment Management System 1.0. It has been classified as critical. Affected by this issue is some unknown functionality of the file /fund/add_fund.php. Performing manipulation of the argument ID results in sql injection. This vulnerability was named CVE-2025-9469. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com

CVE-2025-9468 | itsourcecode Apartment Management System 1.0 /bill/add_bill.php ID sql injection

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability was found in itsourcecode Apartment Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /bill/add_bill.php. Such manipulation of the argument ID leads to sql injection. This vulnerability is uniquely identified as CVE-2025-9468. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com

Qilin

Dark Feed IO
5 months 3 weeks ago

You must login to view this content

cohenido

Kimsuky APT Data Leak – GPKI Certificates, Rootkits and Cobalt Strike Personal Uncovered

Cyber Security News
5 months 3 weeks ago

In late June 2025, a significant operational dump from North Korea’s Kimsuky APT group surfaced on a dark-web forum, exposing virtual machine images, VPS infrastructure, customized malware and thousands of stolen credentials. This leak offers an unprecedented window into the group’s espionage toolkit, revealing how Kimsuky conducts phishing campaigns, maintains persistence and evades detection within […]

The post Kimsuky APT Data Leak – GPKI Certificates, Rootkits and Cobalt Strike Personal Uncovered appeared first on Cyber Security News.

Tushar Subhra Dutta

BSidesSF 2025: One SOC, The Whole SOC, and Nothing But The SOC, So Help Me

Security Boulevard
5 months 3 weeks ago

Creator, Author and Presenter: Carson Zimmerman

Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon - certainly a venue like no other; and via the organization's YouTube channel.

Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF 'Work With Us' page, in which, the appropriate information is to be had!

Permalink

The post BSidesSF 2025: One SOC, The Whole SOC, and Nothing But The SOC, So Help Me appeared first on Security Boulevard.

Marc Handelman

How AI is Changing the Game for SaaS Sales Teams

Security Boulevard
5 months 3 weeks ago

AI is transforming how SaaS companies find and convert customers. While traditional companies struggle with 32% conversion rates, AI-native firms hit 56%. Learn how automated GTM agents work 24/7 to spot prospects, track competitors, and optimize revenue—with real results.

The post How AI is Changing the Game for SaaS Sales Teams appeared first on Security Boulevard.

Deepak Gupta - Tech Entrepreneur, Cybersecurity Author

Chinese APT Leverages Proxy and VPN Services to Obfuscate Infrastructure

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
5 months 3 weeks ago

A significant data dump surfaced on DDoSecrets.com, purportedly extracted from a workstation belonging to a threat actor targeting organizations in South Korea and Taiwan. The leak, detailed in an accompanying article, attributes the activity to the North Korean advanced persistent threat (APT) group known as Kimsuky, a sophisticated actor previously highlighted in cybersecurity advisories for […]

The post Chinese APT Leverages Proxy and VPN Services to Obfuscate Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2024-46413 | Rebuild 3.7.7 com.rebuild.web.admin.rbstore.RBStoreController loadDataIndex Type server-side request forgery

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability has been found in Rebuild 3.7.7 and classified as critical. Affected is the function loadDataIndex of the component com.rebuild.web.admin.rbstore.RBStoreController. This manipulation of the argument Type causes server-side request forgery. This vulnerability is handled as CVE-2024-46413. The attack can be initiated remotely. There is not any exploit available.
vuldb.com

CVE-2025-29524 | DASAN GPON ONU H660WM H660WMR210825 system_diagnostic_main.asp access control

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability, which was classified as critical, was found in DASAN GPON ONU H660WM H660WMR210825. This impacts an unknown function of the file /cgi-bin/system_diagnostic_main.asp. The manipulation results in improper access controls. This vulnerability is known as CVE-2025-29524. It is possible to launch the attack remotely. No exploit is available.
vuldb.com

Managed ad