Aggregator
Submit #616217: PHPGurukul Online Security Guards Hiring System V1.0 Improper Neutralization of Alternate XSS Syntax [Accepted]
1 week ago
Submit #616217 / VDB-316852
iC0rner
CVE-2025-7789 | Xuxueli xxl-job up to 3.1.1 Token Generation IndexController.java makeToken weak password hash (Issue 3751)
1 week ago
A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected by this issue is the function makeToken of the file src/main/java/com/xxl/job/admin/controller/IndexController.java of the component Token Generation. The manipulation leads to password hash with insufficient computational effort.
This vulnerability is handled as CVE-2025-7789. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-7788 | Xuxueli xxl-job up to 3.1.1 SampleXxlJob.java commandJobHandler os command injection (Issue 3750)
1 week ago
A vulnerability has been found in Xuxueli xxl-job up to 3.1.1 and classified as critical. Affected by this vulnerability is the function commandJobHandler of the file src\main\java\com\xxl\job\executor\service\jobhandler\SampleXxlJob.java. The manipulation leads to os command injection.
This vulnerability is known as CVE-2025-7788. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-7787 | Xuxueli xxl-job up to 3.1.1 SampleXxlJob.java httpJobHandler server-side request forgery (Issue 3749)
1 week ago
A vulnerability, which was classified as critical, was found in Xuxueli xxl-job up to 3.1.1. Affected is the function httpJobHandler of the file src\main\java\com\xxl\job\executor\service\jobhandler\SampleXxlJob.java. The manipulation leads to server-side request forgery.
This vulnerability is traded as CVE-2025-7787. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #616196: D-Link DI-8100 16.07.26A1 Buffer Overflow [Accepted]
1 week ago
Submit #616196 / VDB-316851
XiDP
2025网络空间安全大会“无人机网络安全”专题会议成功召开
1 week ago
Британский коп целых пять лет скрывал самую дорогую кражу в истории спецслужб
1 week ago
То, что нашли в тетради 42-летнего следователя, шокировало даже его коллег.
Submit #615760: Xuxueli https://github.com/xuxueli/xxl-job <=3.1.1 Use of a Broken or Risky Cryptographic Algorithm vulnerability ( [Accepted]
1 week ago
Submit #615760 / VDB-316850
ZAST.AI
Submit #615758: Xuxueli https://github.com/xuxueli/xxl-job <=3.1.1 OS Command Injection [Accepted]
1 week ago
Submit #615758 / VDB-316849
ZAST.AI
Submit #615741: Xuxueli https://github.com/xuxueli/xxl-job <=3.1.1 SSRF [Accepted]
1 week ago
Submit #615741 / VDB-316848
ZAST.AI
Alice e Bob siamo noi: la crittografia come esperienza umana e quotidiana
1 week ago
Alice、Bob、Eve等角色通过将密码学转化为人类可理解的故事,使复杂理论更贴近生活。这些象征性的角色展示了我们在数字时代面临的信任与安全挑战。
CVE-2025-7786 | Gnuboard g6 up to 6.0.10 Post Reply qa cross site scripting (Issue 645)
1 week ago
A vulnerability, which was classified as problematic, has been found in Gnuboard g6 up to 6.0.10. This issue affects some unknown processing of the file /bbs/scrap_popin_update/qa/ of the component Post Reply Handler. The manipulation leads to cross site scripting.
The identification of this vulnerability is CVE-2025-7786. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
I have a Samsung S7 on which I would like to install custom room but it has FRP lock which I can't get past, how to get past it in another way?
1 week ago
一个开放的黑客社区,旨在帮助新手成长为资深地下技能专家。用户可提问、解答、学习,并通过Discord链接加入在线交流。
BlackByte Ransomware Resurfaces With New Victims After Year-Long Hiatus
1 week ago
You must login to view this content
cohenido
Submit #615735: Gnuboard https://github.com/gnuboard/g6 version 6.x Stored XSS [Accepted]
1 week ago
Submit #615735 / VDB-316847
ZAST.AI
Вход без знака «=» открывает путь в память. Именно так CitrixBleed 2 работала в тени — задолго до PoC
1 week ago
Как украсть сессию, не вставая с кресла.
CVE-2022-44216 | Gnuboard 5.5.4/5.5.5 Change Password permission
1 week ago
A vulnerability was found in Gnuboard 5.5.4/5.5.5. It has been classified as critical. This affects an unknown part of the component Change Password Handler. The manipulation leads to permission issues.
This vulnerability is uniquely identified as CVE-2022-44216. Access to the local network is required for this attack. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-41475 | Gnuboard 6.0.7 cross-domain policy
1 week ago
A vulnerability was found in Gnuboard 6.0.7 and classified as critical. This issue affects some unknown processing. The manipulation leads to permissive cross-domain policy with untrusted domains.
The identification of this vulnerability is CVE-2024-41475. The attack may be initiated remotely. There is no exploit available.
vuldb.com
预防工作推动发达国家癌症死亡率下降
1 week ago
经济学人报道,癌症预防工作取得了成效,自 1990 年代以来发达国家癌症死亡率普遍下降。美国的癌症死亡率自 1990 年代以来下降了约三分之一。发达国家吸烟率下降,仅美国自 1975 年以来就减少了逾 300 万例癌症死亡。英国于 2008 年启动了针对年轻女孩的 HPV 疫苗接种计划,在 15 年内让 20 多岁女性的宫颈癌发病率降低了 90%。治疗方法的进步也改变了部分癌症的治疗结果。曾经致命的儿童白血病,如今五年生存率已超过九成。然而癌症研究的未来面临重重障碍,其中之一是美国特朗普政府计划削减癌症研究经费,中国预计在 2025 年超过美国成为癌症研究的主要资助国。