Aggregator

A vulnerability has been found in Campcodes Online Learning Management System 1.0 and classified as critical. Affected is an unknown function of the file /teacher_signup.php. Performing manipulation of the argument firstname results in sql injection. This vulnerability is identified as CVE-2025-9786. The attack can be initiated remotely. Additionally, an exploit exists. Other parameters might be affected as well.

A vulnerability was found in SourceCodester/Campcodes School Log Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin_class.php. Executing manipulation of the argument id_no can lead to sql injection. This vulnerability is tracked as CVE-2025-9788. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected by this issue is some unknown functionality of the file /admin/edituser.php. The manipulation of the argument userid leads to sql injection. This vulnerability is listed as CVE-2025-9789. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability classified as critical was found in SourceCodester Eye Clinic Management System 1.0. Affected by this issue is some unknown functionality of the file /main/search_index_Diagnosis.php. Such manipulation of the argument Search leads to sql injection. This vulnerability is referenced as CVE-2025-9771. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability was found in SourceCodester Hotel Reservation System 1.0. It has been declared as critical. This affects an unknown part of the file /admin/updateabout.php. The manipulation of the argument address results in sql injection. This vulnerability is cataloged as CVE-2025-9790. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability marked as critical has been reported in code-projects Human Resource Integrated System 1.0. This vulnerability affects unknown code of the file /login_query12.php. This manipulation of the argument ID causes sql injection. The identification of this vulnerability is CVE-2025-9741. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability described as critical has been identified in code-projects Human Resource Integrated System 1.0. This issue affects some unknown processing of the file /login.php. Such manipulation of the argument user/pass leads to sql injection. This vulnerability is referenced as CVE-2025-9742. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability classified as critical has been found in code-projects Human Resource Integrated System 1.0. Impacted is an unknown function of the file login_attendance2.php. Performing manipulation of the argument employee_id/date results in sql injection. This vulnerability is identified as CVE-2025-9743. The attack can be initiated remotely. Additionally, an exploit exists.

Structured Approach to Mitigate Vulnerabilities and Risks in Synthetic Biology Labs
Advances in synthetic biology promise breakthroughs, such as engineered bacteria and microbes for pollution cleanup and medicine production. But this promise brings new risks: cyberthreats that intersect with biosecurity. Threat modeling provides a critical framework to anticipate these risks.

Claude Creators Ride Wave of AI Momentum With Updated Valuation
Anthropic raised $13 billion in fresh capital, bringing its post-money valuation to $183 billion. A Series F round was co-led by Iconiq, Fidelity Management & Research Company and Lightspeed Venture Partners, with participation from a slew of institutional investors and sovereign wealth funds.

Intel Chief Tulsi Gabbard Will Ax a Cyberthreat Sharing Hub, Citing Redundancy
Director of National Intelligence Tulsi Gabbard said the decision to eliminate the Cyber Threat Intelligence Integration Center was meant to remove redundancies and save taxpayer money, though analysts warn the move could leave a major gap in federal threat information sharing.

The EU General Court Gives Victory to Backers of Trans-Atlantic Data Flows
The European Union General Court on Wednesday dismissed a plea by a French politician to annul the legal framework underpinning commercial data flows across the Atlantic, rejecting claims that a U.S. intelligence agency oversight body is not independent of the federal government.

Ransomware Gang Nova Poised to Leak Patient Data, Lab Stays Mum on Negotiations
With ransomware gang Nova threatening to leak patient data on the darkweb, a Dutch laboratory that performs cervical cancer tests for a government screening program is mum about the ransom negotiations, but it says the cyberattack in July has affected 941,000 patients.

With the continued success of North Korea's IT worker scams, Asia-Pacific nations are working with private firms to blunt the scheme's effectiveness.

NepCTF2025

构建更加坚实的安全防线，

当前环境出现异常,需完成验证后才能继续访问。

A vulnerability has been found in itsourcecode Apartment Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /report/bill_info.php. Performing manipulation of the argument vid results in sql injection. This vulnerability is known as CVE-2025-9592. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability was found in itsourcecode Apartment Management System 1.0 and classified as critical. Impacted is an unknown function of the file /report/unit_status_info.php. Executing manipulation of the argument usid can lead to sql injection. This vulnerability is handled as CVE-2025-9593. The attack can be executed remotely. Additionally, an exploit exists.