Aggregator

A vulnerability was found in Solution Plugin up to 3.1.0 on WordPress and classified as critical. Affected is an unknown function. Executing manipulation of the argument filterText can lead to sql injection. The identification of this vulnerability is CVE-2025-14477. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in HT Plugins HT Slider for Elementor Plugin up to 1.7.4 on WordPress and classified as problematic. This impacts an unknown function. Performing manipulation of the argument slide_title results in cross site scripting. This vulnerability was named CVE-2025-14278. The attack may be initiated remotely. There is no available exploit.

A vulnerability, which was classified as critical, was found in Design Import Export Plugin up to 2.2 on WordPress. This affects an unknown function of the component XML File Import. Such manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2025-14050. The attack can be launched remotely. No exploit exists.

Behind the polished exterior of many modern buildings sit outdated systems with vulnerabilities waiting to be found

A vulnerability, which was classified as problematic, has been found in AMI AptioV 5.040. The impacted element is an unknown function. This manipulation causes improper handling of insufficient permissions or privileges. This vulnerability is handled as CVE-2025-58770. It is possible to launch the attack on the local host. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in CleverDisplay BlueOne up to 12.11.1/12.12.0. The affected element is an unknown function. The manipulation results in internal asset exposed to unsafe debug access level or state. This vulnerability is known as CVE-2025-36755. An attack on the physical device is feasible. No exploit is available. Upgrading the affected component is advised.

科学家绘制了全球 97% 建筑物的 3D 地图。地图 GlobalBuildingAtlas 发布在 GitHub 上，采用 MIT 许可证带公地条款限制（禁止商业出售）。数据集涵盖了 27.5 亿栋建筑物，以 3 米× 3 米的空间分辨率绘制了每栋建筑物的轮廓和高度，该地图可用于灾害风险评估、气候建模和城市规划。研究人员利用深度学习工具，基于 2019 年拍摄的约 80 万张卫星影像，创建了 3D 地图。研究发现，亚洲建筑物数量几乎占全球所有已测绘建筑物的一半，约 12.2 亿栋。亚洲建筑物总体积也位居全球之首，达到 1.27 万亿立方米，这一结果反映了中国、印度和东南亚地区快速城市化和密集的都市区。非洲建筑物数量位居第二，达 5.4 亿栋，但其总体积仅为 1170 亿立方米，以小型低层建筑为主。芬兰人均建筑物体积是希腊的六倍，尼日尔的人均建筑物体积为世界平均水平的 1/27。

A vulnerability classified as critical has been found in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. This vulnerability is traded as CVE-2025-14590. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability described as critical has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing manipulation of the argument keyname can lead to sql injection. This vulnerability appears as CVE-2025-14589. The attack may be performed from remote. In addition, an exploit is available.

Новая система ARTEMIS показала, что автономный пентест уже близок к «производственному» уровню.

A vulnerability marked as critical has been reported in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /update_program.php. Performing manipulation of the argument ID results in sql injection. This vulnerability is reported as CVE-2025-14588. The attack is possible to be carried out remotely. Moreover, an exploit is present.

Submit #707096 / VDB-336210

Submit #707094 / VDB-336209

《美国人才战略：为黄金时代打造劳动力》的完整总结，涵盖战略背景、五大支柱及具体实施路径。

《美国边境巡逻2025-2029年战略》详细总结

Submit #707081 / VDB-336208

When users encounter a phishing email, the danger extends far beyond the initial click. A typical phishing attack begins when someone is deceived into entering their login credentials on a fake website. However, this is merely the starting point. Once cybercriminals obtain the stolen information, it immediately becomes valuable merchandise in the underground market. The […]

The post New Research Details on What Happens to Data Stolen in a Phishing Attack appeared first on Cyber Security News.

Незаметные цифровые следы могут рассказать о вас больше, чем любой пост в соцсетях.

A vulnerability labeled as critical has been found in itsourcecode Online Pet Shop Management System 1.0. This affects an unknown part of the file /pet1/available.php. Such manipulation of the argument Name leads to sql injection. This vulnerability is documented as CVE-2025-14587. The attack can be executed remotely. Additionally, an exploit exists.

When official systems can't support everyday workflows, employees turn to spreadsheets — creating "shadow spreadsheets" that circulate unchecked. Grist shows how these spreadsheets expose sensitive data, create version sprawl, and remove the audit trails security teams depend on. [...]