Submit #654374: Campcodes Online Beauty Parlor Management System 1.0 SQL Injection [Accepted]
Submit #654374 / VDB-325163
Aggregator
Submit #654373: Campcodes Online Beauty Parlor Management System 1.0 SQL Injection [Accepted]
9 months ago
Submit #654373 / VDB-325162
LIYU
OpenAI Patches “ShadowLeak,” a Zero-Click Flaw in Deep Research Agent
9 months ago
OpenAI has patched a critical vulnerability known as ShadowLeak, which allowed its cloud-based agent Deep Research to silently
The post OpenAI Patches “ShadowLeak,” a Zero-Click Flaw in Deep Research Agent appeared first on Penetration Testing Tools.
ddos
CVE-2025-10802 | code-projects Online Bidding System 1.0 remove.php ID sql injection
9 months ago
A vulnerability identified as critical has been detected in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of the argument ID causes sql injection.
The identification of this vulnerability is CVE-2025-10802. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
New Threat: Criminals Use Fake Cell Towers to Deliver Phishing Texts
9 months ago
Cybercriminals have discovered a way to bypass mobile operators’ filters and launch large-scale waves of fraudulent text messages.
The post New Threat: Criminals Use Fake Cell Towers to Deliver Phishing Texts appeared first on Penetration Testing Tools.
ddos
Submit #654260: SourceCodester Pet Grooming Management 1.0 SQL Injection [Duplicate]
9 months ago
Submit #654260 / VDB-324812
mel0dy
Submit #654237: Tenda AC23 <= V16.03.07.52 Buffer Overflow [Accepted]
9 months ago
Submit #654237 / VDB-325161
QMSSDXN
CVE-2025-6544 | h2oai h2o-3 up to 3.46.7 JDBC Connection deserialization (EUVD-2025-30380)
9 months ago
A vulnerability categorized as critical has been discovered in h2oai h2o-3 up to 3.46.7. This impacts an unknown function of the component JDBC Connection Handler. The manipulation results in deserialization.
This vulnerability was named CVE-2025-6544. The attack may be performed from remote. There is no available exploit.
It is advisable to upgrade the affected component.
vuldb.com
.NET内网实战: 通过LNK 文件实现目标权限持久化
9 months ago
.NET 安全攻防知识交流社区
9 months ago
细说 .NET 内网8个阶段实战攻防电子报刊
9 months ago
Microsoft Averts Mass Cloud Takeover Due to Azure Flaw
9 months ago
Microsoft narrowly avoided a vulnerability that could have led to the mass compromise of its cloud customers: Dutch
The post Microsoft Averts Mass Cloud Takeover Due to Azure Flaw appeared first on Penetration Testing Tools.
ddos
CVE-2025-10801 | SourceCodester Pet Grooming Management Software 1.0 /admin/edit_tax.php ID sql injection
9 months ago
A vulnerability was found in SourceCodester Pet Grooming Management Software 1.0. It has been rated as critical. This affects an unknown function of the file /admin/edit_tax.php. The manipulation of the argument ID leads to sql injection.
This vulnerability is uniquely identified as CVE-2025-10801. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com
Submit #654164: code-projects Online Bidding System 1.0 SQL injection [Accepted]
9 months ago
Submit #654164 / VDB-325160
Chenguang Wang-GuangZhou University
CVE-2025-10800 | itsourcecode Online Discussion Forum 1.0 /index.php email/password sql injection
9 months ago
A vulnerability was found in itsourcecode Online Discussion Forum 1.0. It has been declared as critical. The impacted element is an unknown function of the file /index.php. Executing manipulation of the argument email/password can lead to sql injection.
This vulnerability is handled as CVE-2025-10800. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
CVE-2025-10799 | code-projects Hostel Management System 1.0 index.php?view=view ID sql injection
9 months ago
A vulnerability was found in code-projects Hostel Management System 1.0. It has been classified as critical. The affected element is an unknown function of the file /justines/admin/mod_reservation/index.php?view=view. Performing manipulation of the argument ID results in sql injection.
This vulnerability is known as CVE-2025-10799. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com
CVE-2025-10798 | code-projects Hostel Management System 1.0 index.php?view=view ID sql injection
9 months ago
A vulnerability was found in code-projects Hostel Management System 1.0 and classified as critical. Impacted is an unknown function of the file /justines/admin/mod_roomtype/index.php?view=view. Such manipulation of the argument ID leads to sql injection.
This vulnerability is traded as CVE-2025-10798. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-10797 | code-projects Hostel Management System 1.0 /justines/index.php log_email sql injection
9 months ago
A vulnerability has been found in code-projects Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /justines/index.php. This manipulation of the argument log_email causes sql injection.
This vulnerability appears as CVE-2025-10797. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com
CVE-2025-10796 | code-projects Hostel Management System 1.0 login.php email sql injection
9 months ago
A vulnerability, which was classified as critical, was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /justines/admin/login.php. The manipulation of the argument email results in sql injection.
This vulnerability is reported as CVE-2025-10796. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com
Rust 1.90 Released: New Features for Faster, Safer Development
9 months ago
The release of Rust 1.90 has been officially announced, marking another step forward in the language’s evolution under
The post Rust 1.90 Released: New Features for Faster, Safer Development appeared first on Penetration Testing Tools.
ddos