Aggregator

CVE-2020-8887 | Telestream Tektronix Medius/Sentry up to 10.7.4 Server Login Page index.php page sql injection

Vuldb Updates
10 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Telestream Tektronix Medius and Sentry up to 10.7.4. This issue affects some unknown processing of the file index.php of the component Server Login Page. The manipulation of the argument page as part of Parameter leads to sql injection. The identification of this vulnerability is CVE-2020-8887. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-4163 | PHPGurukul Land Record System 1.0 /admin/aboutus.php pagetitle sql injection

Vuldb Updates
10 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in PHPGurukul Land Record System 1.0. This issue affects some unknown processing of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. The identification of this vulnerability is CVE-2025-4163. The attack may be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.
vuldb.com

CVE-2025-4164 | PHPGurukul Employee Record Management System 1.3 changepassword.php currentpassword sql injection

Vuldb Updates
10 months 3 weeks ago
A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file changepassword.php. The manipulation of the argument currentpassword leads to sql injection. This vulnerability is traded as CVE-2025-4164. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-3889 | Simple Shopping Cart Plugin up to 5.1.3 on WordPress process_payment_data quantity resource injection

Vuldb Updates
10 months 3 weeks ago
A vulnerability, which was classified as critical, was found in Simple Shopping Cart Plugin up to 5.1.3 on WordPress. This affects the function process_payment_data. The manipulation of the argument quantity leads to improper control of resource identifiers. This vulnerability is uniquely identified as CVE-2025-3889. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-3890 | Simple Shopping Cart Plugin up to 5.1.3 on WordPress Shortcode wp_cart_button cross site scripting

Vuldb Updates
10 months 3 weeks ago
A vulnerability has been found in Simple Shopping Cart Plugin up to 5.1.3 on WordPress and classified as problematic. Affected by this vulnerability is the function wp_cart_button of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-3890. The attack can be launched remotely. There is no exploit available.
vuldb.com

ISMG Editors: Day 3 Highlights From RSAC Conference 2025

DataBreachToday.com
10 months 3 weeks ago
Panel Explores AI Innovation, Geopolitical Tensions and Cybersecurity Leadership
ISMG editors share insights from Day 3 of RSAC Conference 2025, unpacking nagging AI security challenges, evolving CISO roles, operational technology protection and the impact of geopolitical tensions on global cybersecurity collaboration.

ISMG Editors: Day 3 Highlights From RSAC Conference 2025

BankInfoSecurity.com
10 months 3 weeks ago
Panel Explores AI Innovation, Geopolitical Tensions and Cybersecurity Leadership
ISMG editors share insights from Day 3 of RSAC Conference 2025, unpacking nagging AI security challenges, evolving CISO roles, operational technology protection and the impact of geopolitical tensions on global cybersecurity collaboration.

Managed ad