Aggregator

A Threat Actor Claims to be Selling AV/EDR Killer

Microsoft is investigating a new Microsoft 365 outage that is affecting Teams customers and causing call failures. [...]

A vulnerability has been found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. This vulnerability was named CVE-2025-1906. The attack can be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

Уязвимость старых моделей: почему опасно выбрасывать телефон?

A vulnerability, which was classified as problematic, was found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file employee.php. The manipulation of the argument Full Name leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-1905. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

Submit #508915 / VDB-298426

Submit #508913 / VDB-248952

A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank System 1.0. Affected by this issue is some unknown functionality of the file /Blood/A+.php. The manipulation of the argument Availibility leads to cross site scripting. This vulnerability is handled as CVE-2025-1904. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in StoreFront 1.0. Affected by this vulnerability is an unknown functionality of the file index.html. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2025-26206. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in HCL SX 21. Affected is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-30154. It is possible to launch the attack remotely. There is no exploit available.

Submit #508301 / VDB-298425

A vulnerability was found in Codezips Online Shopping Website 1.0. It has been rated as critical. This issue affects some unknown processing of the file /cart_add.php. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2025-1903. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #506868 / VDB-298424

Strong credentials safeguard your digital resources, but common mistakes like weak passwords, credential reuse, and exposed secrets give attackers an easy path to unauthorized access.

The post What Is Credential Management? Best Practices and Examples appeared first on Security Boulevard.

Система уже доказала неверность ряда старых гипотез.

Submit #506667 / VDB-298421

A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown code of the file /password-recovery.php. The manipulation of the argument emailid leads to sql injection. This vulnerability was named CVE-2025-1902. The attack can be initiated remotely. Furthermore, there is an exploit available.