Aggregator

Submit #645712 / VDB-323093

Submit #645702 / VDB-323092

A vulnerability described as critical has been identified in ruisibi rsbi-os 4.7. This impacts an unknown function of the file /rsbi/model/testDataSource.action of the component sqlite-jdbc. Such manipulation leads to privilege escalation. This vulnerability is referenced as CVE-2025-57141. It is possible to launch the attack remotely. No exploit is available.

Wealthsimple confirmed a third-party vendor data breach affecting roughly 30,000 customers

A vulnerability marked as critical has been reported in uverif up to 3.2. This affects the function addbatch of the file /admin/kami_list. This manipulation of the argument note causes sql injection. The identification of this vulnerability is CVE-2025-10121. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

AI提示词越狱-emoji注入

A vulnerability labeled as critical has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function strcpy of the file /goform/GetParentControlInfo. The manipulation of the argument mac results in buffer overflow. This vulnerability was named CVE-2025-10120. The attack may be performed from remote. In addition, an exploit is available.

Submit #645685 / VDB-323090

Meer dan 400.000 belangstellenden kwamen afgelopen weekend en vrijdag af op de Wereldhavendagen in Rotterdam. Met 6 schepen aan de kade was de Koninklijke Marine ruim vertegenwoordigd. Iedere dag waren er 3 sensationele shows op het water.

Submit #645680 / VDB-323089

A vulnerability identified as critical has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. The affected element is an unknown function of the file /login.php. The manipulation of the argument Username leads to sql injection. This vulnerability is uniquely identified as CVE-2025-10118. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability identified as critical has been detected in Campcodes Online Water Billing System 1.0. Affected by this issue is some unknown functionality of the file /process.php. The manipulation of the argument Username leads to sql injection. This vulnerability is uniquely identified as CVE-2025-9739. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability was found in Campcodes Online Feeds Product Inventory System 1.0. It has been classified as critical. This vulnerability affects unknown code of the file /feeds/index.php of the component Login. The manipulation of the argument Username leads to sql injection. This vulnerability is documented as CVE-2025-9761. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability was found in Campcodes Online Learning Management System 1.0. It has been declared as critical. This issue affects some unknown processing of the file /student_signup.php. The manipulation of the argument Username results in sql injection. This vulnerability is reported as CVE-2025-9763. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability was found in itsourcecode Sports Management System 1.0. It has been rated as critical. Impacted is an unknown function of the file /Admin/resultdetails.php. This manipulation of the argument ID causes sql injection. This vulnerability appears as CVE-2025-9764. The attack may be initiated remotely. In addition, an exploit is available.