Aggregator
诚邀渠道合作伙伴共启新征程
3 months 3 weeks ago
【火绒安全周报】X社交媒体数据泄露影响28.7亿账户/法国反垄断机构对苹果处以1.5亿欧元罚款
3 months 3 weeks ago
Через архив — к системе: в WinRAR нашли лазейку для атак
3 months 3 weeks ago
WinRAR позволял запускать код без защиты Windows.
Submit #549199: Tenda RX3 RX3 Firmware V16.03.13.11_multi Buffer Overflow [Accepted]
3 months 3 weeks ago
Submit #549199 / VDB-303329
syuvi
Submit #549186: PHPGurukul Old Age Home Management System 1.0 SQL Injection [Accepted]
3 months 3 weeks ago
Submit #549186 / VDB-303328
joke_umbrella
Submit #549152: SeaCMS 13.3 Path Traversal [Duplicate]
3 months 3 weeks ago
Submit #549152 / VDB-275607
badboy
Submit #549147: SeaCMS 13.3 arbitrary file read [Duplicate]
3 months 3 weeks ago
Submit #549147 / VDB-275607
badboy
Submit #549014: seaCMS 13.3 Arbitrary File Deletion [Duplicate]
3 months 3 weeks ago
Submit #549014 / VDB-275607
badboy
JVN: Hitachi Energy製RTU500シリーズおよびTRMTrackerにおける複数の脆弱性
3 months 3 weeks ago
Hitachi Energyが提供するRTU500シリーズおよびTRMTrackerには、複数の脆弱性が存在します。
JVN: 複数のABB製品における複数の脆弱性
3 months 3 weeks ago
ABBが提供する複数の製品には、複数の脆弱性が存在します。
JVN: B&R製APROLにおける複数の脆弱性
3 months 3 weeks ago
B&Rが提供するAPROLには、複数の脆弱性が存在します。
Submit #549011: https://gitee.com/xujiangfei/admintwo admintwo 1.0 Cross-Site Request Forgery [Accepted]
3 months 3 weeks ago
Submit #549011 / VDB-303327
Caigo
Submit #549009: https://gitee.com/xujiangfei/admintwo admintwo 1.0 Horizontal privilege escalation vulnerability [Accepted]
3 months 3 weeks ago
Submit #549009 / VDB-303326
Caigo
Submit #548986: https://gitee.com/xujiangfei/admintwo admintwo 1.0 Improper Access Controls [Accepted]
3 months 3 weeks ago
Submit #548986 / VDB-303325
Caigo
Submit #548979: https://gitee.com/xujiangfei/admintwo admintwo 1.0 Server-Side Request Forgery (SSRF) [Accepted]
3 months 3 weeks ago
Submit #548979 / VDB-303324
Caigo
Submit #548978: https://gitee.com/xujiangfei/admintwo admintwo 1.0 Stored Cross-Site Scripting [Accepted]
3 months 3 weeks ago
Submit #548978 / VDB-303323
Caigo
Submit #548976: https://gitee.com/xujiangfei/admintwo admintwo 1.0 Stored Cross-Site Scripting [Accepted]
3 months 3 weeks ago
Submit #548976 / VDB-303322
Caigo
Submit #548971: https://gitee.com/xujiangfei/admintwo admintwo 1.0 Stored Cross-Site Scripting [Accepted]
3 months 3 weeks ago
Submit #548971 / VDB-303321
Caigo
CVE-2025-3249 | TOTOLINK A6000R 1.0.1-B20201211.2000 mtkwifi.lua apcli_cancel_wps command injection
3 months 3 weeks ago
A vulnerability classified as critical was found in TOTOLINK A6000R 1.0.1-B20201211.2000. Affected by this vulnerability is the function apcli_cancel_wps of the file /usr/lib/lua/luci/controller/mtkwifi.lua. The manipulation leads to command injection.
This vulnerability is known as CVE-2025-3249. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com