Aggregator

Secretary Noem asks the cybersecurity community to get in touch with CISA to help reshape the agency to focus on finding efficiencies.

A vulnerability has been found in PHPGurukul Park Ticketing Management System 2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file foreigner-bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to cross site scripting. This vulnerability is known as CVE-2025-45015. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in PHPGurukul Directory Management System 2.0. Affected is an unknown function of the file admin/edit-directory.php. The manipulation of the argument email leads to sql injection. This vulnerability is traded as CVE-2025-45021. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in PHPGurukul Park Ticketing Management System 2.0. This issue affects some unknown processing of the file foreigner-search.php of the component POST Request Handler. The manipulation of the argument searchdata leads to basic cross site scripting. The identification of this vulnerability is CVE-2025-45011. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in PHPGurukul Park Ticketing Management System 2.0. This vulnerability affects unknown code of the file normal-bwdates-reports-details.php of the component POST Parameter Handler. The manipulation of the argument fromdate/todate leads to basic cross site scripting. This vulnerability was named CVE-2025-45010. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in PHPGurukul Park Ticketing Management System 2.0. This affects an unknown part of the file normal-search.php. The manipulation of the argument searchdata leads to basic cross site scripting. This vulnerability is uniquely identified as CVE-2025-45009. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /add-foreigners-ticket.php of the component POST Request Parameter Handler. The manipulation of the argument cprice leads to sql injection. This vulnerability is handled as CVE-2025-45019. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file foreigner-bwdates-reports-details.php. The manipulation of the argument todate leads to sql injection. This vulnerability is known as CVE-2025-45018. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been classified as critical. Affected is an unknown function of the file edit-ticket.php of the component POST Request Parameter Handler. The manipulation of the argument tprice leads to sql injection. This vulnerability is traded as CVE-2025-45017. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0 and classified as critical. This issue affects some unknown processing of the file normal-bwdates-reports-details.php of the component POST Request Handler. The manipulation of the argument todate leads to sql injection. The identification of this vulnerability is CVE-2025-45020. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. This vulnerability affects the function sub_3C8EC. The manipulation of the argument host leads to buffer overflow. This vulnerability was named CVE-2025-4142. The attack can be initiated remotely. There is no exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

British supermarket chain Co-op Food has confirmed to BleepingComputer via a statement that it has suffered limited operational disruption as it responds to a cyberattack. [...]

A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. This affects the function sub_3C03C. The manipulation of the argument host leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-4141. It is possible to initiate the attack remotely. There is no exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

声明：文章中涉及的程序(方法)可能带有攻击性，仅供安全研究与教学之用，读者将其信息做其他用途，由用户承担全部

声明：文章中涉及的程序(方法)可能带有攻击性，仅供安全研究与教学之用，读者将其信息做其他用途，由用户承担全部