Aggregator

A vulnerability classified as problematic was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function addNewArticle of the file blogserver/src/main/java/org/sang/service/ArticleService.java. The manipulation of the argument mdContent/htmlContent leads to cross site scripting. This vulnerability is known as CVE-2025-2364. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as critical has been found in lenve VBlog up to 1.0.0. Affected is the function uploadImg of the file blogserver/src/main/java/org/sang/controller/ArticleController.java. The manipulation of the argument filename leads to path traversal. This vulnerability is traded as CVE-2025-2363. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/contact-us.php. The manipulation of the argument mobnum leads to sql injection. The identification of this vulnerability is CVE-2025-2362. The attack may be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

Submit #514763 / VDB-299863

Submit #514721 / VDB-299862

К 2027 году Китай создаст глобальную квантовую сеть для стран БРИКС.

Submit #514464 / VDB-299861