Submit #607165: ShopXO 6.5.0 Cross Site Scripting [Duplicate]
Submit #607165 / VDB-316265
Aggregator
CVE-2025-6094 | qianfox FoxCMS up to 1.2.5 Download.php batchCope ids sql injection (EUVD-2025-18349)
5 days 11 hours ago
A vulnerability, which was classified as critical, has been found in qianfox FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulation of the argument ids leads to sql injection.
The identification of this vulnerability is CVE-2025-6094. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #607128: Hubei Yuanjian Software Technology Co., LTD OneBase v1.3.6 Cross Site Scripting [Accepted]
5 days 11 hours ago
Submit #607128 / VDB-316267
jiashenghe
Submit #603778: 贵州黔狐科技股份有限公司 FoxCMS <=1.2.5 SQL Injection [Accepted]
5 days 11 hours ago
Submit #603778 / VDB-316266
3400285747
CVE-2012-6470 | Opera Web Browser 12.11 on Linux Profile Folder Permission memory corruption (EDB-23107 / Nessus ID 63301)
5 days 11 hours ago
A vulnerability classified as problematic was found in Opera Web Browser 12.11 on Linux. This vulnerability affects unknown code of the component Profile Folder Permission. The manipulation leads to memory corruption.
This vulnerability was named CVE-2012-6470. The attack needs to be approached locally. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2002-1349 | Trend Micro PC-Cillin 2000/2002/2003 POP3 Service pop3trap.exe memory corruption (VU#157961 / EDB-22082)
5 days 11 hours ago
A vulnerability, which was classified as problematic, was found in Trend Micro PC-Cillin 2000/2002/2003. This affects an unknown part of the file pop3trap.exe of the component POP3 Service. The manipulation leads to memory corruption.
This vulnerability is uniquely identified as CVE-2002-1349. Local access is required to approach this attack. Furthermore, there is an exploit available.
vuldb.com
CVE-2008-5199 | PHPOutsourcing IdeaBox 1.1 include.php gorumDir code injection (EDB-1928 / XFDB-43374)
5 days 11 hours ago
A vulnerability was found in PHPOutsourcing IdeaBox 1.1 and classified as critical. This issue affects some unknown processing of the file include.php. The manipulation of the argument gorumDir leads to code injection.
The identification of this vulnerability is CVE-2008-5199. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-7514 | code-projects Modern Bag 1.0 /admin/contact-list.php idStatus sql injection (EUVD-2025-21243)
5 days 12 hours ago
A vulnerability was found in code-projects Modern Bag 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/contact-list.php. The manipulation of the argument idStatus leads to sql injection.
This vulnerability is handled as CVE-2025-7514. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-7515 | code-projects Online Appointment Booking System 1.0 /ulocateus.php doctorname sql injection (EUVD-2025-21246)
5 days 12 hours ago
A vulnerability classified as critical has been found in code-projects Online Appointment Booking System 1.0. This affects an unknown part of the file /ulocateus.php. The manipulation of the argument doctorname leads to sql injection.
This vulnerability is uniquely identified as CVE-2025-7515. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-7516 | code-projects Online Appointment Booking System 1.0 cancelbookingpatient.php appointment sql injection (EUVD-2025-21245)
5 days 12 hours ago
A vulnerability classified as critical was found in code-projects Online Appointment Booking System 1.0. This vulnerability affects unknown code of the file /cancelbookingpatient.php. The manipulation of the argument appointment leads to sql injection.
This vulnerability was named CVE-2025-7516. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-7517 | code-projects Online Appointment Booking System 1.0 /getDay.php cidval sql injection (EUVD-2025-21248)
5 days 12 hours ago
A vulnerability, which was classified as critical, has been found in code-projects Online Appointment Booking System 1.0. This issue affects some unknown processing of the file /getDay.php. The manipulation of the argument cidval leads to sql injection.
The identification of this vulnerability is CVE-2025-7517. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-7520 | PHPGurukul Vehicle Parking Management System 1.13 manage-category.php del sql injection (EUVD-2025-21247)
5 days 12 hours ago
A vulnerability, which was classified as critical, has been found in PHPGurukul Vehicle Parking Management System 1.13. This issue affects some unknown processing of the file /admin/manage-category.php. The manipulation of the argument del leads to sql injection.
The identification of this vulnerability is CVE-2025-7520. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
У вас GrapheneOS или Google Pixel? Поздравляем, вы потенциальный преступник
5 days 12 hours ago
Власти считают анонимность признаком вины.
CVE-2004-2151 | Virtual Projects Chatman 1.0.1 Beta up to 1.5.0 Rc1 memory allocation (EDB-557 / XFDB-17513)
5 days 12 hours ago
A vulnerability was found in Virtual Projects Chatman. It has been classified as problematic. Affected is an unknown function. The manipulation leads to uncontrolled memory allocation.
This vulnerability is traded as CVE-2004-2151. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
The TechBeat: The TechBeat: I Built an AI Copilot That Thinks in Exploits, Not Prompts (7/4/2025) (7/13/2025)
5 days 12 hours ago
HackerNoon TechBeat 汇集了多篇文章,涵盖从AI发展到职场技巧的科技趋势。包括运动员转型AI创业、企业影响力中心、欧盟DORA法规解读、AI反馈机制优化等主题。此外还探讨了未来主义、网络安全及乌克兰科技人才对全球创新的贡献。
CVE-2025-7513 | code-projects Modern Bag 1.0 /admin/slideupdate.php idSlide sql injection (EUVD-2025-21244)
5 days 12 hours ago
A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/slideupdate.php. The manipulation of the argument idSlide leads to sql injection.
This vulnerability is known as CVE-2025-7513. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Omnicuris - 215,298 breached accounts
5 days 12 hours ago
2025年6月,印度医疗平台Omnicuris发生数据泄露事件,约20万条医疗专业人士记录被暴露,包括姓名、邮箱、电话号码及地理位置等信息。
How a Tiny Script Can Hijack Your Site: The Hidden Dangers of XSS
5 days 12 hours ago
文章探讨了跨站脚本(XSS)攻击的原理、危害及防御方法。XSS通过注入恶意脚本在用户浏览器中执行,窃取敏感信息或操控页面。文章重点介绍了存储型XSS攻击及其潜在风险,并强调了对开发者和安全人员的重要性。
Bug Bounty from Scratch | Everything You Need to Know About Bug Bounty
5 days 12 hours ago
Abhijeet Kumawat分享了自己从对漏洞赏金一无所知到成功发现NASA、Sony等平台漏洞的经历,并强调初学者最难的是迈出第一步。为此,他创建了“Bug Bounty from Scratch”系列教程,帮助更多人开启漏洞赏金之旅。
Bug Bounty from Scratch | Everything You Need to Know About Bug Bounty
5 days 12 hours ago
Abhijeet Kumawat分享了自己从怀疑到通过漏洞赏金计划在NASA、Sony等平台发现漏洞的经历,并强调入门是最大的挑战。他创建了"Bug Bounty from Scratch"系列教程,旨在帮助新手系统学习漏洞赏金技术。