Submit #746928: projectworlds Online Admission System php project V1.0 Unrestricted Upload [Duplicate]
Submit #746928 / VDB-251699
Aggregator
Submit #746920: projectworlds Online Admission System php project V1.0 SQL Injection [Duplicate]
3 months 1 week ago
Submit #746920 / VDB-317835
Hater
CVE-2026-0777 | Xmind Attachment protection mechanism
3 months 1 week ago
A vulnerability described as problematic has been identified in Xmind. Affected by this vulnerability is an unknown functionality of the component Attachment Handler. Such manipulation leads to protection mechanism failure.
This vulnerability is uniquely identified as CVE-2026-0777. The attack can be launched remotely. No exploit exists.
vuldb.com
CVE-2025-13463 | Bold Page Builder Plugin up to 5.5.3 on WordPress Post Grid cross site scripting
3 months 1 week ago
A vulnerability marked as problematic has been reported in Bold Page Builder Plugin up to 5.5.3 on WordPress. Affected is an unknown function of the component Post Grid. This manipulation causes cross site scripting.
This vulnerability is handled as CVE-2025-13463. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
Submit #746805: Totolink N300RT V3.4.0-B20250430 Command Injection [Duplicate]
3 months 1 week ago
Submit #746805 / VDB-334200
allanp0e
CVE-2025-12159 | Bold Page Builder Plugin up to 5.4.8 on WordPress bt_bb_raw_content cross site scripting
3 months 1 week ago
A vulnerability labeled as problematic has been found in Bold Page Builder Plugin up to 5.4.8 on WordPress. This impacts the function bt_bb_raw_content. The manipulation results in cross site scripting.
This vulnerability is known as CVE-2025-12159. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
CVE-2025-12803 | Bold Page Builder Plugin up to 5.5.1 on WordPress bt_bb_tabs cross site scripting
3 months 1 week ago
A vulnerability identified as problematic has been detected in Bold Page Builder Plugin up to 5.5.1 on WordPress. This affects the function bt_bb_tabs. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2025-12803. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
Sinobi
3 months 1 week ago
You must login to view this content
cohenido
Ransom House
3 months 1 week ago
You must login to view this content
cohenido
ISMG Editors: Notepad++ Supply Chain Attack Raises Alarm
3 months 1 week ago
Also: Healthcare Cyber Risks Collide, Varonis Deal Signals AI Security Shift
In this week's panel, four ISMG editors unpacked the Notepad++ supply-chain compromise, the growing web of cyber risks facing healthcare, and what Varonis's acquisition of AllTrue.ai tells us about where artificial intelligence security is headed.
In this week's panel, four ISMG editors unpacked the Notepad++ supply-chain compromise, the growing web of cyber risks facing healthcare, and what Varonis's acquisition of AllTrue.ai tells us about where artificial intelligence security is headed.
Bug Hunting With LLMs: Expert Tool Seeks More 'True' Flaws
3 months 1 week ago
Open Source 'Vulnhalla' Promises 'Up to 96% Reduction in False Positives'
Using large language models to automatically identify only real code vulnerabilities - not false positives - remains a holy grail. Eschewing a moonshot approach, a tool called Vulnhalla helps senior researchers use guided questioning with LLMs to more rapidly triage actual vulnerabilities.
Using large language models to automatically identify only real code vulnerabilities - not false positives - remains a holy grail. Eschewing a moonshot approach, a tool called Vulnhalla helps senior researchers use guided questioning with LLMs to more rapidly triage actual vulnerabilities.
Who's Liable When Embedded AI Goes Wrong?
3 months 1 week ago
Privacy Expert Chiara Rustici on Laws Governing Autonomous Robots, Embedded AI
As embedded AI moves from labs into real environments, organizations face growing liability risks. From border patrol robots to healthcare automation, leaders must understand how AI governance, product liability, data protection and security laws apply, said Chief Privacy Officer Chiara Rustici.
As embedded AI moves from labs into real environments, organizations face growing liability risks. From border patrol robots to healthcare automation, leaders must understand how AI governance, product liability, data protection and security laws apply, said Chief Privacy Officer Chiara Rustici.
Russia Hacked the Polish Electricity Grid. Now What?
3 months 1 week ago
Stymied Attack Leaves Poland No Good Options in Responding to Provocation
Poland's online defenses stopped a Russian cyberattack against the energy grid, but now the Warsaw government is in a bind about how to respond to a digital assault that was a lot more than a crime, but a sliver less than an act of war. The late cyberattack crossed legal and strategic lines.
Poland's online defenses stopped a Russian cyberattack against the energy grid, but now the Warsaw government is in a bind about how to respond to a digital assault that was a lot more than a crime, but a sliver less than an act of war. The late cyberattack crossed legal and strategic lines.
Germany warns of Signal account hijacking targeting senior figures
3 months 1 week ago
Germany's domestic intelligence agency is warning of suspected state-sponsored threat actors targeting high-ranking individuals in phishing attacks via messaging apps like Signal. [...]
Bill Toulas
Transparent Tribe Hacker Group Attacking India’s Startup Ecosystem
3 months 1 week ago
The threat landscape for India’s technology sector has taken an unexpected turn. A Pakistan-based hacking group called Transparent Tribe has shifted its focus from traditional government targets to the country’s vibrant startup ecosystem, particularly companies working in cybersecurity and intelligence domains. The group, also tracked as APT36, has been active since 2013 and now uses […]
The post Transparent Tribe Hacker Group Attacking India’s Startup Ecosystem appeared first on Cyber Security News.
Tushar Subhra Dutta
Bulletproof Hosting Providers Leverage Legitimate ISPsystem to Supply Servers for Cybercriminals
3 months 1 week ago
In the constantly shifting landscape of online threats, cybercriminals have found a new way to strengthen their attacks by hiding behind legitimate technology. Late in 2025, a series of ransomware incidents revealed that attackers were using virtual machines provisioned through ISPsystem, a popular platform used by hosting companies to manage their servers. By renting these […]
The post Bulletproof Hosting Providers Leverage Legitimate ISPsystem to Supply Servers for Cybercriminals appeared first on Cyber Security News.
Tushar Subhra Dutta
Weekly Threat Landscape Digest – Week 6
3 months 1 week ago
This week’s threat landscape highlights the evolving sophistication of threat actors, who are increasingly targeting newly disclosed and unpatched vulnerabilities. […]
The post Weekly Threat Landscape Digest – Week 6 appeared first on HawkEye.
HawkEye
The Gentleman
3 months 1 week ago
You must login to view this content
cohenido
The Gentleman
3 months 1 week ago
You must login to view this content
cohenido
The Gentleman
3 months 1 week ago
You must login to view this content
cohenido