Submit #575240: PHPGurukul Nipah virus (NiV) – Testing Management System V1.0 SQL Injection [Duplicate]
Submit #575240 / VDB-243617
Aggregator
Submit #575234: PHPGurukul Company Visitors Management System 2.0 SQL Injection [Duplicate]
11 months 2 weeks ago
Submit #575234 / VDB-307476
-Schatten-
Submit #575232: PHPGurukul Company Visitors Management System 2.0 SQL Injection [Duplicate]
11 months 2 weeks ago
Submit #575232 / VDB-251377
-Schatten-
Submit #575230: PHPGurukul Beauty Parlour Management System 1.1 SQL Injection [Accepted]
11 months 2 weeks ago
Submit #575230 / VDB-309403
-Schatten-
Submit #575103: D-Link DAP-2695 firmware 20210528 Cross Site Scripting [Accepted]
11 months 2 weeks ago
Submit #575103 / VDB-309402
lcyf-fizz
Submit #575101: D-Link DAP-2695 firmware 20210528 Cross Site Scripting [Accepted]
11 months 2 weeks ago
Submit #575101 / VDB-309401
lcyf-fizz
Submit #575100: D-Link DAP-2695 firmware 20210528 Cross Site Scripting [Accepted]
11 months 2 weeks ago
Submit #575100 / VDB-309400
lcyf-fizz
CVE-2025-4391 | CodeRevolution Echo RSS Feed Post Generator Plugin up to 5.4.8.1 on WordPress echo_generate_featured_image unrestricted upload (EUVD-2025-15566)
11 months 2 weeks ago
A vulnerability was found in CodeRevolution Echo RSS Feed Post Generator Plugin up to 5.4.8.1 on WordPress. It has been classified as critical. This affects the function echo_generate_featured_image. The manipulation leads to unrestricted upload.
This vulnerability is uniquely identified as CVE-2025-4391. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-4389 | Crawlomatic Multipage Scraper Post Generator Plugin crawlomatic_generate_featured_image unrestricted upload (EUVD-2025-15567)
11 months 2 weeks ago
A vulnerability was found in Crawlomatic Multipage Scraper Post Generator Plugin up to 2.6.8.1 on WordPress and classified as critical. Affected by this issue is the function crawlomatic_generate_featured_image. The manipulation leads to unrestricted upload.
This vulnerability is handled as CVE-2025-4389. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-3812 | WPBot Pro Chatbot Plugin up to 13.6.2 on WordPress wp-config.php qcld_openai_delete_training_file denial of service (EUVD-2025-15565)
11 months 2 weeks ago
A vulnerability has been found in WPBot Pro Chatbot Plugin up to 13.6.2 on WordPress and classified as critical. Affected by this vulnerability is the function qcld_openai_delete_training_file of the file wp-config.php. The manipulation leads to denial of service.
This vulnerability is known as CVE-2025-3812. The attack can be launched remotely. There is no exploit available.
vuldb.com
New botnet HTTPBot targets gaming and tech industries with surgical attacks
11 months 2 weeks ago
New botnet HTTPBot is targeting China’s gaming, tech, and education sectors, cybersecurity researchers warn. NSFOCUS cybersecurity discovered a new botnet called HTTPBot that has been used to target the gaming industry, technology firms, and educational institutions in China. HTTPBot is a Go-based botnet first detected in August 2024, however, its activity surged by April 2025. The botnet […]
Pierluigi Paganini
CVE-2025-4476 | Red Hat Enterprise Linux 6/7/8/9 libsoup domain null pointer dereference
11 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in Red Hat Enterprise Linux 6/7/8/9. Affected is an unknown function of the component libsoup. The manipulation of the argument domain leads to null pointer dereference.
This vulnerability is traded as CVE-2025-4476. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
Microsoft confirms May Windows 10 updates trigger BitLocker recovery
11 months 2 weeks ago
Microsoft has confirmed that some Windows 10 and Windows 10 Enterprise LTSC 2021 systems will boot into BitLocker recovery after installing the May 2025 security updates. [...]
Sergiu Gatlan
CVE-2019-2974 | Oracle MySQL Server up to 5.6.45/5.7.27/8.0.17 Optimizer denial of service (Nessus ID 236704)
11 months 2 weeks ago
A vulnerability was found in Oracle MySQL Server up to 5.6.45/5.7.27/8.0.17. It has been rated as critical. Affected by this issue is some unknown functionality of the component Optimizer. The manipulation leads to denial of service.
This vulnerability is handled as CVE-2019-2974. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2019-2938 | Oracle MySQL Server up to 5.7.27/8.0.17 InnoDB input validation (Nessus ID 236704)
11 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Oracle MySQL Server up to 5.7.27/8.0.17. Affected is an unknown function of the component InnoDB. The manipulation leads to improper input validation.
This vulnerability is traded as CVE-2019-2938. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2020-14765 | Oracle MySQL Server up to 5.6.49/5.7.31/8.0.21 FTS denial of service (Nessus ID 236704)
11 months 2 weeks ago
A vulnerability was found in Oracle MySQL Server up to 5.6.49/5.7.31/8.0.21. It has been rated as critical. This issue affects some unknown processing of the component FTS. The manipulation leads to denial of service.
The identification of this vulnerability is CVE-2020-14765. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2020-2574 | Oracle MySQL Client up to 5.6.46/5.7.28/8.0.18 C API denial of service (Nessus ID 236705)
11 months 2 weeks ago
A vulnerability was found in Oracle MySQL Client up to 5.6.46/5.7.28/8.0.18. It has been declared as critical. This vulnerability affects unknown code of the component C API. The manipulation leads to denial of service.
This vulnerability was named CVE-2020-2574. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2020-2752 | Oracle MySQL Client up to 5.6.47/5.7.27/8.0.17 C API denial of service (Nessus ID 236705)
11 months 2 weeks ago
A vulnerability was found in Oracle MySQL Client up to 5.6.47/5.7.27/8.0.17. It has been rated as critical. This issue affects some unknown processing of the component C API. The manipulation leads to denial of service.
The identification of this vulnerability is CVE-2020-2752. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2020-2922 | Oracle MySQL Client up to 5.6.47/5.7.29/8.0.18 C API information disclosure (Nessus ID 236705)
11 months 2 weeks ago
A vulnerability has been found in Oracle MySQL Client up to 5.6.47/5.7.29/8.0.18 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component C API. The manipulation leads to information disclosure.
This vulnerability is known as CVE-2020-2922. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2021-2007 | Oracle MySQL Client up to 5.6.47/5.7.29/8.0.19 C API information disclosure (Nessus ID 236705)
11 months 2 weeks ago
A vulnerability has been found in Oracle MySQL Client up to 5.6.47/5.7.29/8.0.19 and classified as problematic. This vulnerability affects unknown code of the component C API. The manipulation leads to information disclosure.
This vulnerability was named CVE-2021-2007. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com