Aggregator

Submit #623731 / VDB-318278

Submit #623721 / VDB-318277

Submit #623703 / VDB-318276

A vulnerability was found in Invision Community up to 4.7.20/5.0.7. It has been rated as problematic. This issue affects some unknown processing of the file oauth/callback/index.php. The manipulation of the argument state leads to cross site scripting. The identification of this vulnerability is CVE-2025-48933. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

1.Qilin勒索团伙公布了新的受害公司 2.Play团伙公布新的受害公司 3.DEVMAN勒索团伙入侵泰国劳动部

当前网络环境出现异常，需完成验证后方可继续访问。

本网站使用技术性Cookie确保基本功能运行，并通过分析性Cookie收集数据以优化网站结构和内容。此外， profiling cookies 用于追踪用户行为和兴趣，提供个性化广告。用户可访问Cookie Center管理偏好设置。

根据国家信息安全漏洞库（CNNVD）统计，本周（2025年7月21日至2025年7月27日）安全漏洞情况如下

A vulnerability was found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052. It has been classified as critical. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is traded as CVE-2025-54450. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052 and classified as critical. This issue affects some unknown processing. The manipulation leads to hard-coded credentials. The identification of this vulnerability is CVE-2025-54455. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Phpscriptsnow Hangman. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument n leads to sql injection. This vulnerability is handled as CVE-2009-2888. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in Phpscriptsnow Hangman. This affects an unknown part of the file index.php. The manipulation of the argument letters leads to cross site scripting. This vulnerability is uniquely identified as CVE-2009-2889. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Phpscriptsnow World's Tallest Buildings 4.0. It has been rated as critical. This issue affects some unknown processing of the file bios.php. The manipulation of the argument Rank leads to sql injection. The identification of this vulnerability is CVE-2009-2885. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Phpscriptsnow Riddles and classified as problematic. This vulnerability affects unknown code of the file results.php. The manipulation of the argument searchquery leads to cross site scripting. This vulnerability was named CVE-2009-2890. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Phpscriptsnow Riddles and classified as critical. This issue affects some unknown processing of the file list.php. The manipulation of the argument catid leads to sql injection. The identification of this vulnerability is CVE-2009-2891. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Phpscriptsnow World's Tallest Buildings 4.0. It has been declared as problematic. This vulnerability affects unknown code of the file bios.php. The manipulation of the argument Rank leads to cross site scripting. This vulnerability was named CVE-2009-2884. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Ecomstudio PHP Photo Vote1.3f 1.3F. It has been classified as problematic. Affected is an unknown function of the file login.php. The manipulation of the argument page leads to cross site scripting. This vulnerability is traded as CVE-2009-4857. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Стабильность умерла. В IT теперь рулит скорость адаптации.

欢迎预约，见证API风险监测系统全面升级！