Aggregator

Submit #667117 / VDB-327594

Submit #667116 / VDB-205667

Submit #667107 / VDB-327593

Submit #665590 / VDB-327349

A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. It has been classified as critical. Affected by this vulnerability is an unknown functionality of the file /edit_booking.php. Performing manipulation of the argument Name results in sql injection. This vulnerability is identified as CVE-2025-11474. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0 and classified as critical. Affected is an unknown function of the file /edit_curr.php. Such manipulation of the argument currsymbol leads to sql injection. This vulnerability is referenced as CVE-2025-11473. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0 and classified as critical. This impacts an unknown function of the file /edit_room.php. This manipulation of the argument ID causes sql injection. The identification of this vulnerability is CVE-2025-11472. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /edit_customer.php. The manipulation of the argument ID results in sql injection. This vulnerability was named CVE-2025-11471. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability, which was classified as critical, has been found in SourceCodester Hotel and Lodge Management System up to 1.0. The impacted element is an unknown function of the file /manage_website.php. The manipulation of the argument website_image/back_login_image leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2025-11470. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability classified as critical was found in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /pages/save_customer.php. Executing manipulation of the argument Contact can lead to sql injection. This vulnerability is handled as CVE-2025-11469. The attack can be executed remotely. Additionally, an exploit exists.

Submit #665478 / VDB-327592

Submit #665477 / VDB-327591

Submit #665476 / VDB-327590

Submit #665473 / VDB-327589

Submit #665462 / VDB-327588

Submit #665461 / VDB-327587

文章介绍了如何绕过CDN找到网站的真实IP，并列举了多种方法，包括使用多地区Ping、DNS查询、子域名扫描、SSL证书分析等技术手段来获取网站的真实IP地址。这些方法旨在帮助取证人员解决CDN带来的挑战。

A vulnerability classified as critical has been found in Red Hat AMQ. Impacted is an unknown function of the file /etc/passwd. Performing manipulation results in permission issues. This vulnerability is known as CVE-2025-58712. Attacking locally is a requirement. No exploit is available.

A vulnerability described as critical has been identified in Welcart e-Commerce Plugin up to 2.11.21 on WordPress. This issue affects some unknown processing of the component Cookie Handler. Such manipulation leads to sql injection. This vulnerability is traded as CVE-2025-10649. The attack may be launched remotely. There is no exploit available.

A vulnerability labeled as critical has been found in 7-zip. This affects an unknown part of the component ZIP File Parser. The manipulation results in path traversal. This vulnerability is reported as CVE-2025-11001. The attack can be launched remotely. No exploit exists.