Aggregator

CVE-2025-6339 | ponaravindb Hospital Management System 1.0 /func3.php username1 sql injection

VulDB Recent Entries
8 months 1 week ago
A vulnerability was found in ponaravindb Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /func3.php. The manipulation of the argument username1 leads to sql injection. This vulnerability is handled as CVE-2025-6339. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6337 | TOTOLINK A3002R/A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531.1404 HTTP POST Request /boafrm/formTmultiAP submit-url buffer overflow

VulDB Recent Entries
8 months 1 week ago
A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615/4.0.0-B20230531.1404. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is known as CVE-2025-6337. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6336 | TOTOLINK EX1200T 4.1.2cu.5232_B20210713 HTTP POST Request /boafrm/formTmultiAP submit-url buffer overflow

VulDB Recent Entries
8 months 1 week ago
A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is traded as CVE-2025-6336. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6335 | DedeCMS up to 5.7.2 Template dedetag.class.php notes command injection

VulDB Recent Entries
8 months 1 week ago
A vulnerability was found in DedeCMS up to 5.7.2 and classified as critical. This issue affects some unknown processing of the file /include/dedetag.class.php of the component Template Handler. The manipulation of the argument notes leads to command injection. The identification of this vulnerability is CVE-2025-6335. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

Security Affairs
8 months 1 week ago
Java-based malware targets Minecraft users via fake cheat tools, utilizing the Stargazers Ghost Network distribution-as-a-service (DaaS). Check Point researchers found a multi-stage malware on GitHub targeting Minecraft users via Stargazers DaaS, using Java/.NET stealers disguised as cheat tools. Minecraft, one of the world’s most popular games with over 200 million monthly players and 300 million […]
Pierluigi Paganini

CVE-2025-6334 | D-Link DIR-867 1.0 Query String strncpy stack-based overflow

VulDB Recent Entries
8 months 1 week ago
A vulnerability has been found in D-Link DIR-867 1.0 and classified as critical. This vulnerability affects the function strncpy of the component Query String Handler. The manipulation leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2025-6334. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6333 | PHPGurukul Directory Management System 2.0 /admin/admin-profile.php adminname sql injection

VulDB Recent Entries
8 months 1 week ago
A vulnerability, which was classified as critical, was found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. This vulnerability is uniquely identified as CVE-2025-6333. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6332 | PHPGurukul Directory Management System 2.0 manage-directory.php del sql injection

VulDB Recent Entries
8 months 1 week ago
A vulnerability, which was classified as critical, has been found in PHPGurukul Directory Management System 2.0. Affected by this issue is some unknown functionality of the file /admin/manage-directory.php. The manipulation of the argument del leads to sql injection. This vulnerability is handled as CVE-2025-6332. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6331 | PHPGurukul Directory Management System 1.0 search-directory.php searchdata sql injection

VulDB Recent Entries
8 months 1 week ago
A vulnerability classified as critical was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search-directory.php. The manipulation of the argument searchdata leads to sql injection. This vulnerability is known as CVE-2025-6331. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6330 | PHPGurukul Directory Management System 1.0 /searchdata.php searchdata sql injection

VulDB Recent Entries
8 months 1 week ago
A vulnerability classified as critical has been found in PHPGurukul Directory Management System 1.0. Affected is an unknown function of the file /searchdata.php. The manipulation of the argument searchdata leads to sql injection. This vulnerability is traded as CVE-2025-6330. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad