Submit #650030: D-Link DI-8400 DI_8400-16.07.26A1 Command Injection [Duplicate]
Submit #650030 / VDB-276502
Aggregator
Siren’s K9 uses AI to turn complex investigations into actionable insights
9 months 1 week ago
Siren announced the launch of K9, an AI companion designed to transform the way investigators uncover threats and connections. K9 is fast, dependable and mission-focused, built to guard, protect, and serve those on the front lines of keeping communities and nations safe. “K9 is more than an AI companion, it’s a loyal partner,” said Jeferson Zanim, CPO at Siren. “We designed it to feel like a trusted colleague. Always ready, always reliable and focused on … More →
The post Siren’s K9 uses AI to turn complex investigations into actionable insights appeared first on Help Net Security.
Industry News
CVE-2025-10617 | SourceCodester Online Polling System 1.0 /admin/positions.php ID sql injection
9 months 1 week ago
A vulnerability marked as critical has been reported in SourceCodester Online Polling System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/positions.php. This manipulation of the argument ID causes sql injection.
This vulnerability appears as CVE-2025-10617. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com
Submit #649980: PHPGurukul Online Shopping Portal V2.1 SQL Injection [Duplicate]
9 months 1 week ago
Submit #649980 / VDB-309959
LitBot
Submit #649959: SourceCodester Student Grading System 1.0 SQL Injection [Duplicate]
9 months 1 week ago
Submit #649959 / VDB-196564
quchunyi1
Submit #649963: SourceCodester Student Grading System 1.0 SQL Injection [Duplicate]
9 months 1 week ago
Submit #649963 / VDB-323842
quchunyi1
Submit #649962: SourceCodester Student Grading System 1.0 SQL Injection [Duplicate]
9 months 1 week ago
Submit #649962 / VDB-323841
quchunyi1
CVE-2025-10616 | itsourcecode E-Commerce Website 1.0 /admin/users.php unrestricted upload
9 months 1 week ago
A vulnerability labeled as critical has been found in itsourcecode E-Commerce Website 1.0. Affected is an unknown function of the file /admin/users.php. The manipulation results in unrestricted upload.
This vulnerability is reported as CVE-2025-10616. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com
CVE-2025-10615 | itsourcecode E-Commerce Website 1.0 /admin/products.php unrestricted upload
9 months 1 week ago
A vulnerability identified as critical has been detected in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload.
This vulnerability is documented as CVE-2025-10615. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com
Submit #649958: SourceCodester Online Polling System Code 1.0 SQL Injection [Duplicate]
9 months 1 week ago
Submit #649958 / VDB-324644
quchunyi1
Submit #649948: SOU Online Polling System Code 1.0 SQL Injection [Accepted]
9 months 1 week ago
Submit #649948 / VDB-324644
quchunyi1
CVE-2025-10614 | itsourcecode E-Logbook with Health Monitoring System for COVID-19 /print_reports_prev.php cross site scripting
9 months 1 week ago
A vulnerability categorized as problematic has been discovered in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0 on COVID. This affects an unknown function of the file /print_reports_prev.php. Executing manipulation of the argument profile_id can lead to cross site scripting.
This vulnerability is registered as CVE-2025-10614. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com
CVE-2025-10156 | mmaitre314 picklescan up to 0.0.30 exceptional condition (EUVD-2025-29708)
9 months 1 week ago
A vulnerability was found in mmaitre314 picklescan up to 0.0.30. It has been rated as critical. The impacted element is an unknown function. Performing manipulation results in handling of exceptional conditions.
This vulnerability is cataloged as CVE-2025-10156. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-10613 | itsourcecode Student Information System 1.0 /leveledit1.php level_id sql injection
9 months 1 week ago
A vulnerability was found in itsourcecode Student Information System 1.0. It has been declared as critical. The affected element is an unknown function of the file /leveledit1.php. Such manipulation of the argument level_id leads to sql injection.
This vulnerability is listed as CVE-2025-10613. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com
Submit #649912: itsourcecode E-Commerce Website V1.0 V1.0 upload [Accepted]
9 months 1 week ago
Submit #649912 / VDB-324643
lizis3c
Submit #649911: itsourcecode E-Commerce Website V1.0 Unrestricted Upload [Accepted]
9 months 1 week ago
Submit #649911 / VDB-324642
lizis3c
Microsoft Disrupts RaccoonO365 Phishing Kit, Seizes 338 Malicious Sites
9 months 1 week ago
Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide
Chaos Mesh Critical Vulnerabilities Expose Kubernetes Clusters to Takeover
9 months 1 week ago
Security Research recently uncovered four new flaws, CVE-2025-59358, CVE-2025-59359, CVE-2025-59360, and CVE-2025-59361, in the default configuration of the Chaos Controller Manager GraphQL server, a popular open-source chaos engineering platform for Kubernetes. Three of these flaws carry a maximum CVSS 3.1 score of 9.8, enabling any pod in the cluster to run arbitrary commands or inject […]
The post Chaos Mesh Critical Vulnerabilities Expose Kubernetes Clusters to Takeover appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Divya
CoinBase Cartel New Threat Actor
9 months 1 week ago
You must login to view this content
cohenido
Submit #649910: itsourcecode E-Logbook with Health Monitoring System V1.0 Reflected XSS [Accepted]
9 months 1 week ago
Submit #649910 / VDB-324641
lizis3c