Aggregator

CVE-2025-6134 | Projectworlds Life Insurance Management System 1.0 /insertClient.php client_id sql injection(link is external)

Vuldb Updates
7 hours 50 minutes ago
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been classified as critical. This affects an unknown part of the file /insertClient.php. The manipulation of the argument client_id leads to sql injection. This vulnerability is uniquely identified as CVE-2025-6134. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.
vuldb.com

CVE-2025-6135 | Projectworlds Life Insurance Management System 1.0 /insertNominee.php client_id/nominee_id sql injection(link is external)

Vuldb Updates
7 hours 50 minutes ago
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /insertNominee.php. The manipulation of the argument client_id/nominee_id leads to sql injection. This vulnerability was named CVE-2025-6135. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-4748 | Erlang OTP up to 28.0.1 lib/stdlib/src/zip.erl path traversal (GHSA-9g37-pgj9-wrhc / EUVD-2025-18414)(link is external)

Vuldb Updates
7 hours 50 minutes ago
A vulnerability was found in Erlang OTP up to 28.0.1. It has been rated as critical. Affected by this issue is some unknown functionality in the library lib/stdlib/src/zip.erl. The manipulation leads to path traversal. This vulnerability is handled as CVE-2025-4748. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2025-6132 | Chanjet CRM 1.0 departmentsetting.php gblOrgID sql injection (EUVD-2025-18423)(link is external)

Vuldb Updates
7 hours 50 minutes ago
A vulnerability has been found in Chanjet CRM 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /sysconfig/departmentsetting.php. The manipulation of the argument gblOrgID leads to sql injection. This vulnerability is known as CVE-2025-6132. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6130 | TOTOLINK EX1200T 4.1.2cu.5232_B20210713 HTTP POST Request /boafrm/formStats buffer overflow (EUVD-2025-18422)(link is external)

Vuldb Updates
7 hours 50 minutes ago
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The identification of this vulnerability is CVE-2025-6130. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6131 | CodeAstro Food Ordering System 1.0 POST Request Parameter /admin/store/edit/ Restaurant Name/Address cross site scripting(link is external)

Vuldb Updates
7 hours 50 minutes ago
A vulnerability, which was classified as problematic, was found in CodeAstro Food Ordering System 1.0. Affected is an unknown function of the file /admin/store/edit/ of the component POST Request Parameter Handler. The manipulation of the argument Restaurant Name/Address leads to cross site scripting. This vulnerability is traded as CVE-2025-6131. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-48446 | Commerce Alphabank Redirect up to 1.0.2 on Drupal authorization (sa-contrib-2025-067 / EUVD-2025-18126)(link is external)

Vuldb Updates
7 hours 50 minutes ago
A vulnerability classified as critical was found in Commerce Alphabank Redirect up to 1.0.2 on Drupal. This vulnerability affects unknown code. The manipulation leads to incorrect authorization. This vulnerability was named CVE-2025-48446. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-48445 | Commerce Eurobank up to 2.1.0 on Drupal authorization (sa-contrib-2025-066 / EUVD-2025-18125)(link is external)

Vuldb Updates
7 hours 50 minutes ago
A vulnerability was found in Commerce Eurobank up to 2.1.0 on Drupal and classified as critical. This issue affects some unknown processing. The manipulation leads to incorrect authorization. The identification of this vulnerability is CVE-2025-48445. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-49710 | Mozilla Firefox up to 139.0.3 JavaScript Engine OrderedHashTable integer overflow (Nessus ID 238072)(link is external)

Vuldb Updates
7 hours 50 minutes ago
A vulnerability classified as critical has been found in Mozilla Firefox up to 139.0.3. Affected is the function OrderedHashTable of the component JavaScript Engine. The manipulation leads to integer overflow. This vulnerability is traded as CVE-2025-49710. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-49709 | Mozilla Firefox up to 139.0.3 Canvas memory corruption (Nessus ID 238072)(link is external)

Vuldb Updates
7 hours 50 minutes ago
A vulnerability was found in Mozilla Firefox up to 139.0.3. It has been rated as critical. This issue affects some unknown processing of the component Canvas Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2025-49709. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CookieShop商城代码审计小结(link is external)

先知技术社区
8 hours 9 minutes ago
蛋糕商城JPA版本是一个开源的CMS系统,它主要基于Spring Boot 3.4.0进行开发,采用MariaDB数据库,涉及Jakarta Servlet、JSP、JSTL,同时使用了Java通用代码生成器来生成后台界面,使用方可以按需定制页面并对项目进行二开,总体是一个对使用者很友好的产品

SmartAttack攻击利用智能手表从物理隔离系统窃取数据(link is external)

嘶吼
8 hours 11 minutes ago

一种名为“SmartAttack”的新攻击利用智能手表作为隐蔽的超声波信号接收器,从物理隔离(air-gapped)系统中窃取数据。

物理隔离系统通常部署在关键任务环境中,如政府设施、武器平台和核电站,它与外部网络物理隔离,以防止恶意软件感染和数据盗窃。

尽管如此,它们仍然容易受到内部威胁的影响,比如恶意员工使用USB驱动器或国家支持的供应链攻击。一旦被渗透,恶意软件就可以秘密运作,使用隐秘的技术来调节硬件组件的物理特性,在不干扰系统正常运行的情况下将敏感数据传输到附近的接收器。

SmartAttack是由Mordechai Guri领导的以色列大学研究人员设计的。虽然在许多情况下,对空气间隙环境的攻击是理论上的,而且很难实现,但它们仍然提供了有趣和新颖的方法来窃取数据。

SmartAttack如何工作

SmartAttack需要恶意软件以某种方式感染与互联网物理隔离的计算机,以收集诸如键盘输入、加密密钥和凭证等敏感信息。然后,它可以利用计算机的内置扬声器向环境中发出超声波信号。

通过使用二进制频移键控(B-FSK),音频信号频率可以被调制以表示二进制数据,即“0”和“1”。18.5 kHz的频率表示“0”,而19.5 kHz表示“1”。

隐蔽信道和键盘输入的干扰

人类听不到这个范围的频率,但附近的人戴的智能手表麦克风却可以捕捉到它们。智能手表中的声音监测应用程序使用信号处理技术来检测频移并解调编码信号,同时还可以应用完整性测试。数据的最终泄露可以通过Wi-Fi、蓝牙或蜂窝连接进行。智能手表可能会被恶意员工故意安装这种工具,也可能在佩戴者不知情的情况下被外部人员感染。

性能和局限性

研究人员指出,与智能手机相比,智能手表使用的是更小、信噪比更低的麦克风,因此信号解调相当具有挑战性,尤其是在更高频率和更低信号强度的情况下。

研究发现,即使手腕的方向对攻击的可行性也起着至关重要的作用,当手表与电脑扬声器处于“视线范围”时,攻击效果最好。

根据发射器(扬声器类型),最大传输范围在6到9米(20 - 30英尺)之间。

发射机性能

数据传输速率范围为5bps ~ 50bps,随着速率和距离的增加,可靠性逐渐降低。

性能测量(信噪比、误码率)

研究人员表示,最好的应对 SmartAttack 的方法是禁止在安全环境中使用智能手表。另一种措施是移除空气隔离机器中的内置扬声器。这将消除所有声学秘密通道的攻击面,而不仅仅是SmartAttack。

如果以上方法都不可行,通过发射宽带噪声进行超声波干扰、基于软件的防火墙和音频阻塞仍然可能有效。

胡金鱼

Managed ad