Aggregator

Submit #565531 / VDB-308230

A vulnerability has been found in EnerSys AMPA up to 24.16 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to command injection. This vulnerability is known as CVE-2024-12442. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in PHPGurukul Vehicle Parking Management System 1.13. Affected is an unknown function of the file /vpms/users/login.php. The manipulation of the argument emailcont leads to sql injection. This vulnerability is traded as CVE-2025-45885. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in KuwaitPHP eSmile. It has been declared as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument cid leads to sql injection. This vulnerability was named CVE-2010-0764. The attack can be initiated remotely. Furthermore, there is an exploit available.

Alleged Sale of 300 Validated SSH Credentials with Root Access

Submit #565530 / VDB-299996

Nederland moet meer verantwoordelijkheid nemen voor de eigen veiligheid. De huwelijkscrisis tussen Europa en de Verenigde Staten, en een instabiele geopolitieke wereld, maken dat broodnodig. Dat bleek op de EU-dag, georganiseerd in het kader van de ‘dag van Europa’. Die is op poten gezet voor de Bestuursstaf van Defensie.

Native apps are built compatible with a platform or operating system, such as iOS or Android. While unrestricted access to all device functionalities (camera, GPS, and push notifications) makes native apps attractive for users, it also poses significant risks. Cyber attacks increased by 30% between January 2023 and 2024 and amount to 13 attacks per […]

The post 5 Must-Have Security Features for Native Apps appeared first on Cyber Security News.

我开始想象在长江上的生活

我开始想象在长江上的生活

Your ultimate goal shouldn't be security perfection — it should be making exploitation of your organization unprofitable.

A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/pass-bwdates-report.php. The manipulation of the argument fromdate/todate leads to sql injection. This vulnerability is known as CVE-2025-4074. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in PHPGurukul Park Ticketing Management System 2.0. This affects an unknown part of the file normal-search.php. The manipulation of the argument searchdata leads to basic cross site scripting. This vulnerability is uniquely identified as CVE-2025-45009. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in PHPGurukul Park Ticketing Management System 2.0. This vulnerability affects unknown code of the file normal-bwdates-reports-details.php of the component POST Parameter Handler. The manipulation of the argument fromdate/todate leads to basic cross site scripting. This vulnerability was named CVE-2025-45010. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in PHPGurukul Park Ticketing Management System 2.0. This issue affects some unknown processing of the file foreigner-search.php of the component POST Request Handler. The manipulation of the argument searchdata leads to basic cross site scripting. The identification of this vulnerability is CVE-2025-45011. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in PHPGurukul Directory Management System 2.0. Affected is an unknown function of the file admin/edit-directory.php. The manipulation of the argument email leads to sql injection. This vulnerability is traded as CVE-2025-45021. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. This vulnerability is handled as CVE-2025-4174. The attack may be launched remotely. Furthermore, there is an exploit available.

A critical remote code execution (RCE) vulnerability, identified as CVE-2025-31324, in SAP NetWeaver Visual Composer 7.x is being actively exploited by a Chinese threat actor, tracked as Chaya_004. This deserialization flaw allows attackers to upload malicious binaries, including web shells, to unpatched servers, granting full system takeover capabilities. According to research from Forescout, exploitation has […]

The post Chinese Hackers Exploit SAP RCE Vulnerability to Deploy Supershell Backdoors appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.