Aggregator

Submit #600726 / VDB-289365

A vulnerability has been found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /edituser.php. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2025-6483. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /edituser-exec.php. The manipulation of the argument userid leads to sql injection. This vulnerability is traded as CVE-2025-6482. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in code-projects Simple Pizza Ordering System 1.0. This issue affects some unknown processing of the file /update.php. The manipulation of the argument ID leads to sql injection. The identification of this vulnerability is CVE-2025-6481. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in code-projects Simple Pizza Ordering System 1.0. This vulnerability affects unknown code of the file /addcatexec.php. The manipulation of the argument textfield leads to sql injection. This vulnerability was named CVE-2025-6480. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /salesreport.php. The manipulation of the argument dayfrom leads to sql injection. This vulnerability is uniquely identified as CVE-2025-6479. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #600707 / VDB-313592

Submit #600704 / VDB-313592

Submit #600705 / VDB-313592

Submit #600702 / VDB-313592

Submit #600694 / VDB-313592

Godfather Android trojan uses virtualization to hijack banking and crypto apps, stealing user funds, warns mobile security firm Zimperium. Zimperium zLabs has uncovered a major evolution of the GodFather Android trojan, which uses on-device virtualization to hijack real banking and crypto apps. Instead of using fake overlays, the malware creates a sandbox on the victim’s […]

Submit #600690 / VDB-313591

Submit #600689 / VDB-313590

Submit #600685 / VDB-313589

Submit #600684 / VDB-313588

Submit #600683 / VDB-313587

A vulnerability was found in CodeAstro Expense Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2025-6478. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /script/admin/system of the component System Settings Page. The manipulation of the argument School Name leads to cross site scripting. This vulnerability is known as CVE-2025-6477. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Gym Management System 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2025-6476. It is possible to launch the attack remotely. Furthermore, there is an exploit available.