Aggregator

Submit #640807 / VDB-322070

A vulnerability marked as critical has been reported in itsourcecode Sports Management System 1.0. This impacts an unknown function of the file /Admin/mode.php. The manipulation of the argument code leads to sql injection. This vulnerability is uniquely identified as CVE-2025-9768. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability labeled as critical has been found in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /Admin/sporttype.php. Executing manipulation of the argument code can lead to sql injection. This vulnerability is handled as CVE-2025-9767. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability identified as critical has been detected in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/facilitator.php. Performing manipulation of the argument code results in sql injection. This vulnerability is known as CVE-2025-9766. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability categorized as critical has been discovered in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/tournament_details.php. Such manipulation of the argument ID leads to sql injection. This vulnerability is traded as CVE-2025-9765. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in itsourcecode Sports Management System 1.0. It has been rated as critical. Impacted is an unknown function of the file /Admin/resultdetails.php. This manipulation of the argument ID causes sql injection. This vulnerability appears as CVE-2025-9764. The attack may be initiated remotely. In addition, an exploit is available.

Submit #640797 / VDB-299965

Submit #640779 / VDB-322069

A vulnerability was found in Campcodes Online Learning Management System 1.0. It has been declared as critical. This issue affects some unknown processing of the file /student_signup.php. The manipulation of the argument Username results in sql injection. This vulnerability is reported as CVE-2025-9763. The attack can be launched remotely. Moreover, an exploit is present.

Submit #641753 / VDB-322068

Submit #641113 / VDB-322067

Submit #641112 / VDB-322066

Submit #641111 / VDB-322065

Submit #640770 / VDB-322064

Одна микросхема вместо 9 антенн.

Submit #640747 / VDB-322063

OpenAI has announced a big update for Codex, which is the company's agentic coding tool. [...]

Authorities in the United States and the Netherlands have seized VerifTools, a marketplace selling fake IDs for cybercrime.…

A vulnerability was found in Tenda AC9 15.03.05.19. It has been rated as problematic. The impacted element is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. This vulnerability is handled as CVE-2025-9731. It is possible to launch the attack on the local host. Additionally, an exploit exists.

A vulnerability was found in O2OA up to 10.0-410 and classified as problematic. The impacted element is an unknown function of the file /x_query_assemble_designer/jaxrs/stat of the component Personal Profile Page. The manipulation of the argument name/alias/description/applicationName results in cross site scripting. This vulnerability is reported as CVE-2025-9734. The attack can be launched remotely. Moreover, an exploit is present. The vendor replied in the GitHub issue (translated from simplified Chinese): "This issue will be fixed in the new version."