Aggregator

CVE-2026-9519 | stonith404 pingvin-share up to 1.13.0 Sign-in Auto-Redirect signIn.tsx getServerSideProps redirect cross site scripting (EUVD-2026-31778)

VulDB Recent Entries
6 days 3 hours ago
A vulnerability described as problematic has been identified in stonith404 pingvin-share up to 1.13.0. This affects the function getServerSideProps of the file frontend/src/pages/auth/signIn.tsx of the component Sign-in Auto-Redirect. The manipulation of the argument redirect results in cross site scripting. This vulnerability was named CVE-2026-9519. The attack may be performed from remote. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-9518 | hemant6488 CodeIgniter-StudentManagementSystem Students Controller view_students.php addStudent Name cross site scripting (EUVD-2026-31776)

VulDB Recent Entries
6 days 3 hours ago
A vulnerability marked as problematic has been reported in hemant6488 CodeIgniter-StudentManagementSystem. The impacted element is the function addStudent of the file view_students.php of the component Students Controller. The manipulation of the argument Name leads to cross site scripting. This vulnerability is uniquely identified as CVE-2026-9518. The attack is possible to be carried out remotely. Moreover, an exploit is present. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The project was informed of the problem early through an issue report but has not responded yet.
vuldb.com

CVE-2026-9517 | hemant6488 CodeIgniter-StudentManagementSystem Student Management addStudentView access control (EUVD-2026-31773)

VulDB Recent Entries
6 days 3 hours ago
A vulnerability labeled as critical has been found in hemant6488 CodeIgniter-StudentManagementSystem. The affected element is an unknown function of the file /index.php/students/addStudentView of the component Student Management Handler. Executing a manipulation can lead to improper access controls. This vulnerability is handled as CVE-2026-9517. The attack can be executed remotely. Additionally, an exploit exists. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.
vuldb.com

Cybercriminals Use Telegram Channels to Sell Verified Bank and Fintech Mule Accounts

Cyber Security News
6 days 3 hours ago

Cybercriminals are openly selling verified bank accounts, fintech wallets, and cryptocurrency exchange accounts through Telegram channels, turning money laundering into a structured, on-demand criminal service. This underground market has grown far beyond informal recruitment and now operates like a professional industry, complete with tiered pricing, customer support, and account replacement guarantees. The funds moved through […]

The post Cybercriminals Use Telegram Channels to Sell Verified Bank and Fintech Mule Accounts appeared first on Cyber Security News.

Tushar Subhra Dutta

Managed ad