ИИ пишет код быстрее человека. Но каждый второй файл — дыра в безопасности
100 моделей ИИ протестировали на безопасность. Почти все провалились.
Aggregator
CVE-2025-8506 | 495300897 wx-shop up to de1b66331368695779cfc6e4d11a64caddf8716e /user/editUI cross site scripting (EUVD-2025-23473)
8 months 3 weeks ago
A vulnerability was found in 495300897 wx-shop up to de1b66331368695779cfc6e4d11a64caddf8716e and classified as problematic. This issue affects some unknown processing of the file /user/editUI. The manipulation leads to cross site scripting.
The identification of this vulnerability is CVE-2025-8506. The attack may be initiated remotely. Furthermore, there is an exploit available.
This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
vuldb.com
CVE-2025-8505 | 495300897 wx-shop up to de1b66331368695779cfc6e4d11a64caddf8716e cross-site request forgery (EUVD-2025-23471)
8 months 3 weeks ago
A vulnerability has been found in 495300897 wx-shop up to de1b66331368695779cfc6e4d11a64caddf8716e and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery.
This vulnerability was named CVE-2025-8505. The attack can be initiated remotely. Furthermore, there is an exploit available.
This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
vuldb.com
Submit #627323: Gitee 495300897 wx-shop wise-net-web 1.0 Cross Site Scripting [Accepted]
8 months 3 weeks ago
Submit #627323 / VDB-318605
HJAQiang
Submit #627322: Gitee 495300897 wx-shop wise-net-web 1.0 Cross-Site Request Forgery [Accepted]
8 months 3 weeks ago
Submit #627322 / VDB-318604
HJAQiang
CVE-2025-8504 | code-projects Kitchen Treasure 1.0 /userregistration.php photo unrestricted upload (EUVD-2025-23472)
8 months 3 weeks ago
A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument photo leads to unrestricted upload.
This vulnerability is uniquely identified as CVE-2025-8504. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8503 | code-projects Online Medicine Guide 1.0 /adaddmed.php mname sql injection (EUVD-2025-23469)
8 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in code-projects Online Medicine Guide 1.0. Affected by this issue is some unknown functionality of the file /adaddmed.php. The manipulation of the argument mname leads to sql injection.
This vulnerability is handled as CVE-2025-8503. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8502 | code-projects Online Medicine Guide 1.0 /changepass.php ups sql injection (EUVD-2025-23470)
8 months 3 weeks ago
A vulnerability classified as critical was found in code-projects Online Medicine Guide 1.0. Affected by this vulnerability is an unknown functionality of the file /changepass.php. The manipulation of the argument ups leads to sql injection.
This vulnerability is known as CVE-2025-8502. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #626935: code-projects Kitchen Treasure V1.0 Unrestricted Upload [Accepted]
8 months 3 weeks ago
Submit #626935 / VDB-318603
Haoatao
Submit #626923: code-projects Online Medicine Guide V1.0 SQL injection [Accepted]
8 months 3 weeks ago
Submit #626923 / VDB-318602
Haoatao
Submit #626920: code-projects Online Medicine Guide V1.0 SQL injection [Accepted]
8 months 3 weeks ago
Submit #626920 / VDB-318601
Haoatao
CVE-2025-8501 | code-projects Human Resource Integrated System 1.0 action.php content cross site scripting (EUVD-2025-23468)
8 months 3 weeks ago
A vulnerability classified as problematic has been found in code-projects Human Resource Integrated System 1.0. Affected is an unknown function of the file /insert-and-view/action.php. The manipulation of the argument content leads to cross site scripting.
This vulnerability is traded as CVE-2025-8501. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8500 | code-projects Human Resource Integrated System 1.0 action.php content sql injection (EUVD-2025-23466)
8 months 3 weeks ago
A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insert-and-view/action.php. The manipulation of the argument content leads to sql injection.
The identification of this vulnerability is CVE-2025-8500. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #626840: projectworlds Online Admission System v1.0 SQL Injection [Duplicate]
8 months 3 weeks ago
Submit #626840 / VDB-317835
shqnq
Submit #626839: projectworlds Online Admission System v1.0 SQL Injection [Duplicate]
8 months 3 weeks ago
Submit #626839 / VDB-317835
shqnq
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
8 months 3 weeks ago
SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025.
"In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs," Arctic Wolf Labs researcher Julian Tuin said in a report.
The cybersecurity company
The Hacker News
CVE-2025-8499 | code-projects Online Medicine Guide 1.0 /cusfindambulence2.php Search sql injection (EUVD-2025-23467)
8 months 3 weeks ago
A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cusfindambulence2.php. The manipulation of the argument Search leads to sql injection.
This vulnerability was named CVE-2025-8499. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8498 | code-projects Online Medicine Guide 1.0 /cart/index.php uname sql injection (EUVD-2025-23464)
8 months 3 weeks ago
A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been classified as critical. This affects an unknown part of the file /cart/index.php. The manipulation of the argument uname leads to sql injection.
This vulnerability is uniquely identified as CVE-2025-8498. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8497 | code-projects Online Medicine Guide 1.0 /cusfindphar2.php Search sql injection (EUVD-2025-23465)
8 months 3 weeks ago
A vulnerability was found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /cusfindphar2.php. The manipulation of the argument Search leads to sql injection.
This vulnerability is handled as CVE-2025-8497. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #626829: PHPGurukul Human Metapneumovirus (HMPV) – Testing Management System v1.0 SQL Injection [Duplicate]
8 months 3 weeks ago
Submit #626829 / VDB-299872
furbreeze