Aggregator

Submit #636370 / VDB-321775

Submit #636369 / VDB-321774

A vulnerability was found in code-projects Student Information Management System 1.0. It has been declared as problematic. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. This vulnerability was named CVE-2025-9595. The attack may be performed from a remote location. In addition, an exploit is available.

Submit #636365 / VDB-321773

Submit #636364 / VDB-321772

Submit #636363 / VDB-321771

A vulnerability was found in itsourcecode Apartment Management System 1.0. It has been classified as critical. The affected element is an unknown function of the file /report/complain_info.php. The manipulation of the argument vid leads to sql injection. This vulnerability is uniquely identified as CVE-2025-9594. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability was found in itsourcecode Apartment Management System 1.0 and classified as critical. Impacted is an unknown function of the file /report/unit_status_info.php. Executing manipulation of the argument usid can lead to sql injection. This vulnerability is handled as CVE-2025-9593. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability has been found in itsourcecode Apartment Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /report/bill_info.php. Performing manipulation of the argument vid results in sql injection. This vulnerability is known as CVE-2025-9592. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Farmers Insurance Exchange and its subsidiaries recently disclosed a significant security incident that compromised personal information of approximately 1.1 million customers through an unauthorized access to a third-party vendor’s database. The breach, which occurred on May 29, 2025, represents one of the largest insurance industry data exposures of the year, affecting customer records containing names, […]

The post Farmers Insurance Cyber Attack – 1.1 Million Customers Data Exposed in Salesforce Attack appeared first on Cyber Security News.

Submit #636362 / VDB-321770

Submit #636361 / VDB-320536

A vulnerability, which was classified as problematic, was found in ZrLog up to 3.1.5. This vulnerability affects unknown code of the file /api/admin/template/config of the component Theme Configuration Form. Such manipulation of the argument footerLink leads to cross site scripting. This vulnerability is traded as CVE-2025-9591. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #636359 / VDB-321769

Anthropic has thwarted multiple sophisticated attempts by cybercriminals to misuse its Claude AI platform, according to a newly released Threat Intelligence report. Despite layered safeguards designed to prevent harmful outputs, malicious actors have adapted to exploit Claude’s advanced capabilities, weaponizing agentic AI to execute large-scale extortion, employment fraud, and ransomware operations. In one high-profile case […]

The post Hackers Attempted to Misuse Claude AI to Launch Cyber Attacks appeared first on Cyber Security News.

Submit #636187 / VDB-321768

Submit #636186 / VDB-321767

Submit #636178 / VDB-321766

FireMon Insights deckt Firewall-Richtlinienrisiken auf und bietet Maßnahmenempfehlungen Das Firewall-Management ist der stille Held (oder der geheime Schurke) der Netzwerksicherheit. Zwar hängt sein Abwehrkonzept zum Großteil an Ihrer Firewall, jedoch...

The post 60 % scheitern. Sie auch? appeared first on Security Boulevard.

A vulnerability, which was classified as critical, has been found in D-Link DIR-868L B1 2.05WWB0. This affects an unknown part of the file fileaccess.cgi. This manipulation of the argument pre_api_arg causes os command injection. This vulnerability appears as CVE-2025-55583. The attack may be initiated remotely. There is no available exploit.