Aggregator

雷神众测拥有该文章的修改和解释权。如欲转载或传播此文章，必须保证此文章的副本，包括版权声明等全部内容。声明雷神众测允许，不得任意修改或增减此文章内容，不得以任何方式将其用于商业目的。

雷神众测拥有该文章的修改和解释权。如欲转载或传播此文章，必须保证此文章的副本，包括版权声明等全部内容。声明雷神众测允许，不得任意修改或增减此文章内容，不得以任何方式将其用于商业目的。

A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file process_book_add.php of the component Add Book Page. The manipulation of the argument Book Name leads to cross site scripting. This vulnerability was named CVE-2025-1174. The attack can be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file process_users_del.php. The manipulation of the argument id leads to sql injection. This vulnerability is uniquely identified as CVE-2025-1173. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0. Affected by this issue is some unknown functionality of the file addtocart.php. The manipulation of the argument bcid leads to sql injection. This vulnerability is handled as CVE-2025-1172. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in code-projects Real Estate Property Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /Admin/CustomerReport.php. The manipulation of the argument Address leads to cross site scripting. This vulnerability is known as CVE-2025-1171. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /Admin/Category.php. The manipulation of the argument Desc leads to cross site scripting. This vulnerability is traded as CVE-2025-1170. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Submit #495318 / VDB-295078

Submit #495309 / VDB-295077

Submit #495183 / VDB-295076

诈骗分子伪装成意大利国防部长克罗塞托（Guido Crosetto）及其团队成员，试图说服意大利一些顶级企业家向海外汇款。

Submit #494830 / VDB-295075

Submit #494829 / VDB-295074

Крошечный просчёт мгновенно превратил облачную платформу в пустышку.

A vulnerability was found in SourceCodester Image Compressor Tool 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /image-compressor/compressor.php. The manipulation of the argument image leads to cross site scripting. The identification of this vulnerability is CVE-2025-1169. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-contact.php. The manipulation of the argument contact leads to sql injection. This vulnerability was named CVE-2025-1168. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in GnuTLS. It has been classified as problematic. This affects an unknown part of the component DER Decoding. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-12243. It is possible to initiate the attack remotely. There is no exploit available.

Submit #494775 / VDB-295073

Zimbra has released software updates to address critical security flaws in its Collaboration software that, if successfully exploited, could result in information disclosure under certain conditions. The vulnerability, tracked as CVE-2025-25064, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as an SQL injection bug in the ZimbraSync Service SOAP endpoint affecting