🚨 CVE-2025-55621
An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL.
🎖@cveNotify
An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL.
🎖@cveNotify
relieved-knuckle-264 on Notion
Reolink - Download a profile due to IDOR | Notion
📌 1. Reporting information
🚨 CVE-2025-55623
An issue in the lock screen component of Reolink v4.54.0.4.20250526 allows attackers to bypass authentication via using an ADB (Android Debug Bridge).
🎖@cveNotify
An issue in the lock screen component of Reolink v4.54.0.4.20250526 allows attackers to bypass authentication via using an ADB (Android Debug Bridge).
🎖@cveNotify
relieved-knuckle-264 on Notion
Reolink App lock screen Bypass | Notion
📌 1. Reporting information
🚨 CVE-2025-55624
An intent redirection vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access internal functions or access non-public components.
🎖@cveNotify
An intent redirection vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access internal functions or access non-public components.
🎖@cveNotify
relieved-knuckle-264 on Notion
Reolink Intent Redirection | Notion
📌 1. Reporting information
🚨 CVE-2025-48100
Improper Control of Generation of Code ('Code Injection') vulnerability in extremeidea bidorbuy Store Integrator allows Remote Code Inclusion. This issue affects bidorbuy Store Integrator: from n/a through 2.12.0.
🎖@cveNotify
Improper Control of Generation of Code ('Code Injection') vulnerability in extremeidea bidorbuy Store Integrator allows Remote Code Inclusion. This issue affects bidorbuy Store Integrator: from n/a through 2.12.0.
🎖@cveNotify
Patchstack
WordPress bidorbuy Store Integrator plugin <= 2.12.0 - Remote Code Execution (RCE) vulnerability - Patchstack
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2025-48109
Cross-Site Request Forgery (CSRF) vulnerability in Xavier Media XM-Backup allows Stored XSS. This issue affects XM-Backup: from n/a through 0.9.1.
🎖@cveNotify
Cross-Site Request Forgery (CSRF) vulnerability in Xavier Media XM-Backup allows Stored XSS. This issue affects XM-Backup: from n/a through 0.9.1.
🎖@cveNotify
Patchstack
WordPress XM-Backup plugin <= 0.9.1 - CSRF to Stored XSS vulnerability - Patchstack
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2025-8908
A vulnerability was determined in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4. Affected by this issue is some unknown functionality of the file crm/WeiXinApp/yunzhijia/event.php. The manipulation of the argument openid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 8.6.5 is able to address this issue. It is recommended to upgrade the affected component. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+."
🎖@cveNotify
A vulnerability was determined in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4. Affected by this issue is some unknown functionality of the file crm/WeiXinApp/yunzhijia/event.php. The manipulation of the argument openid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 8.6.5 is able to address this issue. It is recommended to upgrade the affected component. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+."
🎖@cveNotify
🚨 CVE-2025-9140
A vulnerability was identified in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this issue is some unknown functionality of the file /crm/crmapi/erp/tabdetail_moduleSave.php. The manipulation of the argument getvaluestring leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Upgrading to version 8.6.5.4 can resolve this issue. The affected component should be upgraded. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+."
🎖@cveNotify
A vulnerability was identified in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this issue is some unknown functionality of the file /crm/crmapi/erp/tabdetail_moduleSave.php. The manipulation of the argument getvaluestring leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Upgrading to version 8.6.5.4 can resolve this issue. The affected component should be upgraded. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+."
🎖@cveNotify
🚨 CVE-2025-55619
Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering.
🎖@cveNotify
Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering.
🎖@cveNotify
cwe.mitre.org
CWE -
CWE-321: Use of Hard-coded Cryptographic Key (4.19)
CWE-321: Use of Hard-coded Cryptographic Key (4.19)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
🚨 CVE-2025-55620
A cross-site scripting (XSS) vulnerability in the valuateJavascript() function of Reolink v4.54.0.4.20250526 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
🎖@cveNotify
A cross-site scripting (XSS) vulnerability in the valuateJavascript() function of Reolink v4.54.0.4.20250526 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
🎖@cveNotify
relieved-knuckle-264 on Notion
Reolink javascript injection (qr code) | Notion
1. Reporting information
🚨 CVE-2025-55622
Reolink v4.54.0.4.20250526 was discovered to contain a task hijacking vulnerability due to inappropriate taskAffinity settings.
🎖@cveNotify
Reolink v4.54.0.4.20250526 was discovered to contain a task hijacking vulnerability due to inappropriate taskAffinity settings.
🎖@cveNotify
relieved-knuckle-264 on Notion
Reolink Task Hijacking | Notion
📌 1. Reporting information
🚨 CVE-2025-55625
An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL.
🎖@cveNotify
An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL.
🎖@cveNotify
cwe.mitre.org
CWE -
CWE-601: URL Redirection to Untrusted Site ('Open Redirect') (4.19)
CWE-601: URL Redirection to Untrusted Site ('Open Redirect') (4.19)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
🚨 CVE-2022-4536
The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address or country from logging in.
🎖@cveNotify
The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address or country from logging in.
🎖@cveNotify
🚨 CVE-2024-52510
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Desktop client is upgraded to 3.14.2 or later.
🎖@cveNotify
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Desktop client is upgraded to 3.14.2 or later.
🎖@cveNotify
🚨 CVE-2024-6219
Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.
🎖@cveNotify
Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured.
🎖@cveNotify
GitHub
Restricted TLS certificate privilege escalation when in PKI mode
### Summary
If a `server.ca` file is present in `LXD_DIR` at LXD start up, LXD is in "PKI mode". In this mode, all clients must have certificates that have been signed by the CA.
The...
If a `server.ca` file is present in `LXD_DIR` at LXD start up, LXD is in "PKI mode". In this mode, all clients must have certificates that have been signed by the CA.
The...
🚨 CVE-2025-51970
A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter.
🎖@cveNotify
A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter.
🎖@cveNotify
Gist
SQL Injection Vulnerability in Online Shopping System Advanced (CVE-2025-51970)
SQL Injection Vulnerability in Online Shopping System Advanced (CVE-2025-51970) - CVE-2025-51970-SQL-Injection.md
🚨 CVE-2025-9429
A security vulnerability has been detected in mtons mblog up to 3.5.0. This vulnerability affects unknown code of the file /post/submit of the component Post Handler. The manipulation of the argument content/title/ leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
🎖@cveNotify
A security vulnerability has been detected in mtons mblog up to 3.5.0. This vulnerability affects unknown code of the file /post/submit of the component Post Handler. The manipulation of the argument content/title/ leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
🎖@cveNotify
Gitee
langhsu/mblog.git: mblog开源免费的博客系统, Java语言开发, 支持mysql/h2数据库, 采用spring-boot、jpa、shiro、bootstrap等流行框架开发
🚨 CVE-2025-9430
A vulnerability was detected in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /admin/options/update. The manipulation of the argument input results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.
🎖@cveNotify
A vulnerability was detected in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /admin/options/update. The manipulation of the argument input results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.
🎖@cveNotify
Gitee
langhsu/mblog.git: mblog开源免费的博客系统, Java语言开发, 支持mysql/h2数据库, 采用spring-boot、jpa、shiro、bootstrap等流行框架开发
🚨 CVE-2024-0266
A vulnerability classified as problematic has been found in Project Worlds Online Lawyer Management System 1.0. Affected is an unknown function of the component User Registration. The manipulation of the argument First Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249822 is the identifier assigned to this vulnerability.
🎖@cveNotify
A vulnerability classified as problematic has been found in Project Worlds Online Lawyer Management System 1.0. Affected is an unknown function of the component User Registration. The manipulation of the argument First Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249822 is the identifier assigned to this vulnerability.
🎖@cveNotify
🚨 CVE-2024-0498
A vulnerability was found in Project Worlds Lawyer Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file searchLawyer.php. The manipulation of the argument experience leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250603.
🎖@cveNotify
A vulnerability was found in Project Worlds Lawyer Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file searchLawyer.php. The manipulation of the argument experience leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250603.
🎖@cveNotify
🚨 CVE-2024-11059
A vulnerability was found in Project Worlds Free Download Online Shopping System up to 192.168.1.88. It has been rated as critical. This issue affects some unknown processing of the file /online-shopping-webvsite-in-php-master/success.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability was found in Project Worlds Free Download Online Shopping System up to 192.168.1.88. It has been rated as critical. This issue affects some unknown processing of the file /online-shopping-webvsite-in-php-master/success.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
Cve-report/SQLi-1.md at main · Sy0ung-cmd/Cve-report
my cve. Contribute to Sy0ung-cmd/Cve-report development by creating an account on GitHub.
🚨 CVE-2024-53261
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. "Unsanitized input from *the request URL* flows into `end`, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS)." The files `packages/kit/src/exports/vite/dev/index.js` and `packages/kit/src/exports/vite/utils.js` both contain user controllable data which under specific conditions may flow to dev mode pages. There is little to no expected impact. The Vite development is not exposed to the network by default and even if someone were able to trick a developer into executing an XSS against themselves, a development database should not have any sensitive data. None the less this issue has been addressed in version 2.8.3 and all users are advised to upgrade.
🎖@cveNotify
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. "Unsanitized input from *the request URL* flows into `end`, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS)." The files `packages/kit/src/exports/vite/dev/index.js` and `packages/kit/src/exports/vite/utils.js` both contain user controllable data which under specific conditions may flow to dev mode pages. There is little to no expected impact. The Vite development is not exposed to the network by default and even if someone were able to trick a developer into executing an XSS against themselves, a development database should not have any sensitive data. None the less this issue has been addressed in version 2.8.3 and all users are advised to upgrade.
🎖@cveNotify
GitHub
fix: escape values included in dev 404 page (#13039) · sveltejs/kit@d338d46
web development, streamlined. Contribute to sveltejs/kit development by creating an account on GitHub.