Aggregator

A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/operations/booking.php. The manipulation of the argument ID leads to sql injection. This vulnerability is uniquely identified as CVE-2025-8970. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/approve_user.php. The manipulation of the argument ID leads to sql injection. This vulnerability is handled as CVE-2025-8969. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/disapprove_user.php. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2025-8968. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. This vulnerability is traded as CVE-2025-8967. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/tax.php. The manipulation of the argument tname leads to sql injection. The identification of this vulnerability is CVE-2025-8966. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #628169 / VDB-319968

Submit #628168 / VDB-319967

Submit #628167 / VDB-319966

Submit #628166 / VDB-319965

Submit #628165 / VDB-319964

Submit #628164 / VDB-319963

Submit #628163 / VDB-319962

Submit #628162 / VDB-319961

A vulnerability classified as critical was found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the file litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java of the component Endpoint. The manipulation of the argument File leads to unrestricted upload. This vulnerability was named CVE-2025-8965. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in code-projects Hostel Management System 1.0. This affects an unknown part of the file hostel_manage.exe of the component Login. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2025-8964. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

A vulnerability was found in jeecgboot JimuReport up to 2.1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /drag/onlDragDataSource/testConnection of the component Data Large Screen Template. The manipulation leads to deserialization. This vulnerability is handled as CVE-2025-8963. The attack may be launched remotely. There is no exploit available. The vendor response to the GitHub issue report is: "Modified, next version updated".

Submit #628117 / VDB-319927

Submit #628098 / VDB-319960

Где xAI? Не в топе. Кто виноват? Конечно, Apple. Что делать? Составлять иск!

This joint guidance outlines the process for OT owners and operators to create an asset inventory and OT taxonomy.