Aggregator

CVE-2025-10099 | Portabilis i-Educar up to 2.10 Editar usuário Page educar_usuario_cad.php email/data_inicial/data_expiracao cross site scripting (EUVD-2025-27153)

VulDB Recent Entries
3 months 1 week ago
A vulnerability identified as problematic has been detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_usuario_cad.php of the component Editar usuário Page. This manipulation of the argument email/data_inicial/data_expiracao causes cross site scripting. The identification of this vulnerability is CVE-2025-10099. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

The Hackers News
3 months 1 week ago
Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it’s knowing which risks matter most right now. That’s what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the
The Hacker News

Reports Hub Shapes Cyber Risk Insights for Leaders | Kovrr

不安全
3 months 1 week ago
Kovrr的Reports Hub通过将网络安全风险量化数据转化为定制化报告,帮助不同决策者(如董事会、高管和风险经理)以符合其需求的方式理解风险信息。该平台提供预定义报告和定制选项,涵盖企业风险敞口、保险对齐、投资回报等主题,并将技术数据转化为财务视角,助力企业战略规划和长期决策。

CVE-2025-10098 | PHPGurukul User Management System 1.0 edit-user-profile.php uid sql injection

VulDB Recent Entries
3 months 1 week ago
A vulnerability categorized as critical has been discovered in PHPGurukul User Management System 1.0. Affected is an unknown function of the file /admin/edit-user-profile.php. The manipulation of the argument uid results in sql injection. This vulnerability was named CVE-2025-10098. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

CVE-2025-10097 | SimStudioAI sim up to 1.0.0 route.ts code code injection (Issue 961)

VulDB Recent Entries
3 months 1 week ago
A vulnerability was found in SimStudioAI sim up to 1.0.0. It has been rated as critical. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. This vulnerability is uniquely identified as CVE-2025-10097. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com

CVE-2025-10096 | SimStudioAI sim up to 1.0.0 route.ts filePath server-side request forgery (Issue 960)

VulDB Recent Entries
3 months 1 week ago
A vulnerability was found in SimStudioAI sim up to 1.0.0. It has been declared as critical. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. This vulnerability is handled as CVE-2025-10096. The attack can be executed remotely. Additionally, an exploit exists. Applying a patch is advised to resolve this issue.
vuldb.com

Managed ad