Aggregator

CVE-2025-8466 | code-projects Online Farm System 1.0 /forgot_passfarmer.php email sql injection (EUVD-2025-23433)

VulDB Recent Entries
1 month 1 week ago
A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown function of the file /forgot_passfarmer.php. The manipulation of the argument email leads to sql injection. This vulnerability is traded as CVE-2025-8466. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

Secret Blizzard Group’s ApolloShadow Malware Install Root Certificates on Devices to Trust Malicious Sites

Cyber Security News
1 month 1 week ago

A sophisticated cyberespionage campaign targeting foreign embassies in Moscow has been uncovered, revealing the deployment of a custom malware strain designed to manipulate digital trust mechanisms. The Russian state-sponsored threat group Secret Blizzard has been orchestrating an adversary-in-the-middle operation since at least 2024, utilizing their position within internet service provider infrastructure to deploy the ApolloShadow […]

The post Secret Blizzard Group’s ApolloShadow Malware Install Root Certificates on Devices to Trust Malicious Sites appeared first on Cyber Security News.

Tushar Subhra Dutta

CVE-2025-8146 | Qi Addons for Elementor Plugin up to 1.9.2 on WordPress TypeOut Text Widget cross site scripting (EUVD-2025-23420)

VulDB Recent Entries
1 month 1 week ago
A vulnerability was found in Qi Addons for Elementor Plugin up to 1.9.2 on WordPress and classified as problematic. This issue affects some unknown processing of the component TypeOut Text Widget. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-8146. The attack may be initiated remotely. There is no exploit available.
vuldb.com

Managed ad