Aggregator

CVE-2006-0936 | Free Host Shop Website Generator 3.3 formname privilege escalation (EDB-27312 / BID-16823)

Vuldb Updates
4 days 5 hours ago
A vulnerability, which was classified as critical, has been found in Free Host Shop Website Generator 3.3. This impacts an unknown function. This manipulation of the argument formname causes privilege escalation. The identification of this vulnerability is CVE-2006-0936. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2006-5764 | Free Php Scripts Free File Hosting up to 1.1 File Upload contact.php AD_BODY_TEMP code injection (EDB-29772 / XFDB-29874)

Vuldb Updates
4 days 5 hours ago
A vulnerability was found in Free Php Scripts Free File Hosting up to 1.1 and classified as critical. Affected is an unknown function of the file contact.php of the component File Upload. Executing manipulation of the argument AD_BODY_TEMP can lead to code injection. This vulnerability is tracked as CVE-2006-5764. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com

CVE-2025-12203 | givanz Vvveb up to 1.0.7.3 Code Editor system/functions.php sanitizeFileName File path traversal (Issue 333 / EUVD-2025-36065)

Vuldb Updates
4 days 6 hours ago
A vulnerability was found in givanz Vvveb up to 1.0.7.3 and classified as critical. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing manipulation of the argument File can lead to path traversal. This vulnerability is tracked as CVE-2025-12203. The attack can be launched remotely. Moreover, an exploit is present. Applying a patch is advised to resolve this issue.
vuldb.com

CVE-2025-12209 | Tenda O3 1.0.0.10(2478) /goform/setDhcpConfig SetValue/GetValue dhcpEn stack-based overflow (EUVD-2025-36067)

Vuldb Updates
4 days 6 hours ago
A vulnerability labeled as critical has been found in Tenda O3 1.0.0.10(2478). Affected is the function SetValue/GetValue of the file /goform/setDhcpConfig. Executing manipulation of the argument dhcpEn can lead to stack-based buffer overflow. This vulnerability appears as CVE-2025-12209. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

CVE-2025-12210 | Tenda O3 1.0.0.10(2478) /goform/AdvSetLanip SetValue/GetValue lanIp stack-based overflow (EUVD-2025-36069)

Vuldb Updates
4 days 6 hours ago
A vulnerability marked as critical has been reported in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-12210. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-12211 | Tenda O3 1.0.0.10(2478) /goform/setDmzInfo SetValue/GetValue dmzIP stack-based overflow (EUVD-2025-36074)

Vuldb Updates
4 days 6 hours ago
A vulnerability described as critical has been identified in Tenda O3 1.0.0.10(2478). Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. This vulnerability is known as CVE-2025-12211. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com

CVE-2025-12212 | Tenda O3 1.0.0.10(2478) setNetworkService SetValue/GetValue upnpEn stack-based overflow (EUVD-2025-36073)

Vuldb Updates
4 days 6 hours ago
A vulnerability classified as critical has been found in Tenda O3 1.0.0.10(2478). This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. This vulnerability is handled as CVE-2025-12212. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com

It’s Always DNS: Lessons from the AWS Outage

Security Boulevard
4 days 6 hours ago

In episode 404 (no pun intended!) we discuss the recurring issue of DNS outages, the recent Amazon AWS disruption, and what this reveals about our dependency on cloud services. The conversation touches on the need for tested business continuity plans, the implications of DNS failures, and the misconceptions around cloud infrastructure’s automatic failover capabilities. ** […]

The post It’s Always DNS: Lessons from the AWS Outage appeared first on Shared Security Podcast.

The post It’s Always DNS: Lessons from the AWS Outage appeared first on Security Boulevard.

Tom Eston

CVE-2007-3354 | Scriptdevelopers.net NetClassifieds 1.0.1/1.5.1/1.9.6.3 viewcat.php s_user_id sql injection (EDB-30223 / XFDB-34994)

Vuldb Updates
4 days 7 hours ago
A vulnerability described as critical has been identified in Scriptdevelopers.net NetClassifieds 1.0.1/1.5.1/1.9.6.3. This impacts an unknown function of the file viewcat.php. Executing manipulation of the argument s_user_id can lead to sql injection. This vulnerability is registered as CVE-2007-3354. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com

CVE-2007-6634 | Netbizcity FAQMasterFlexPlus 1.5 faq.php category_id sql injection (EDB-30947 / XFDB-39286)

Vuldb Updates
4 days 7 hours ago
A vulnerability was found in Netbizcity FAQMasterFlexPlus 1.5. It has been classified as critical. This affects an unknown part of the file faq.php. This manipulation of the argument category_id causes sql injection. The identification of this vulnerability is CVE-2007-6634. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad