Aggregator
开源项目的信任危机:Material Theme后门事件始末
4 months 2 weeks ago
开源项目的信任危机:Material Theme后门事件始末
4 months 2 weeks ago
开源项目的信任危机:Material Theme后门事件始末
4 months 2 weeks ago
第117篇:ysoserial反序列化漏洞利用工具修改版,支持JDK1.5老旧系统
4 months 2 weeks ago
第117篇:ysoserial反序列化漏洞利用工具修改版,支持JDK1.5老旧系统
4 months 2 weeks ago
第117篇:ysoserial反序列化漏洞利用工具修改版,支持JDK1.5老旧系统
4 months 2 weeks ago
第117篇:ysoserial反序列化漏洞利用工具修改版,支持JDK1.5老旧系统
4 months 2 weeks ago
第117篇:ysoserial反序列化漏洞利用工具修改版,支持JDK1.5老旧系统
4 months 2 weeks ago
第117篇:ysoserial反序列化漏洞利用工具修改版,支持JDK1.5老旧系统
4 months 2 weeks ago
第117篇:ysoserial反序列化漏洞利用工具修改版,支持JDK1.5老旧系统
4 months 2 weeks ago
第117篇:ysoserial反序列化漏洞利用工具修改版,支持JDK1.5老旧系统
4 months 2 weeks ago
CVE-2025-2364 | lenve VBlog up to 1.0.0 ArticleService.java addNewArticle mdContent/htmlContent cross site scripting
4 months 2 weeks ago
A vulnerability classified as problematic was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function addNewArticle of the file blogserver/src/main/java/org/sang/service/ArticleService.java. The manipulation of the argument mdContent/htmlContent leads to cross site scripting.
This vulnerability is known as CVE-2025-2364. The attack can be launched remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2025-2363 | lenve VBlog up to 1.0.0 ArticleController.java uploadImg filename path traversal
4 months 2 weeks ago
A vulnerability classified as critical has been found in lenve VBlog up to 1.0.0. Affected is the function uploadImg of the file blogserver/src/main/java/org/sang/controller/ArticleController.java. The manipulation of the argument filename leads to path traversal.
This vulnerability is traded as CVE-2025-2363. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2025-2362 | PHPGurukul Pre-School Enrollment System 1.0 /admin/contact-us.php mobnum sql injection
4 months 2 weeks ago
A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/contact-us.php. The manipulation of the argument mobnum leads to sql injection.
The identification of this vulnerability is CVE-2025-2362. The attack may be initiated remotely. Furthermore, there is an exploit available.
Other parameters might be affected as well.
vuldb.com
Submit #514763: VBlog 1.0.0 Stored XSS [Accepted]
4 months 2 weeks ago
Submit #514763 / VDB-299863
s0l42
Submit #514721: VBlog 1.0.0 Unrestricted Upload [Accepted]
4 months 2 weeks ago
Submit #514721 / VDB-299862
s0l42
Первый квантовый мост через экватор: Китай соединил Пекин и ЮАР
4 months 2 weeks ago
К 2027 году Китай создаст глобальную квантовую сеть для стран БРИКС.
Submit #514464: PHPGurukul Pre-School Enrollment System V1.0 sql [Accepted]
4 months 2 weeks ago
Submit #514464 / VDB-299861
12T4
CVE-2025-2361 | Mercurial SCM 4.5.3/71.19.145.211 Web Interface cmd cross site scripting
4 months 2 weeks ago
A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument cmd leads to cross site scripting.
This vulnerability was named CVE-2025-2361. The attack can be initiated remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com