🚨 CVE-2025-48979
An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.
🎖@cveNotify
An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.
🎖@cveNotify
🚨 CVE-2025-9595
A vulnerability was found in code-projects Student Information Management System 1.0. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. The attack may be performed from a remote location. The exploit has been made public and could be used.
🎖@cveNotify
A vulnerability was found in code-projects Student Information Management System 1.0. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. The attack may be performed from a remote location. The exploit has been made public and could be used.
🎖@cveNotify
🚨 CVE-2025-9596
A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /login.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
🎖@cveNotify
A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /login.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
🎖@cveNotify
GitHub
itsourcecode Sports Management System Project V1.0 /login.php SQL injection · Issue #55 · zzb1388/cve
itsourcecode Sports Management System Project V1.0 /login.php SQL injection NAME OF AFFECTED PRODUCT(S) Sports Management System Vendor Homepage https://itsourcecode.com/free-projects/php-project/s...
🚨 CVE-2025-9597
A vulnerability was identified in itsourcecode Apartment Management System 1.0. This impacts an unknown function of the file /o_dashboard/rented_all_info.php. Such manipulation of the argument uid leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
🎖@cveNotify
A vulnerability was identified in itsourcecode Apartment Management System 1.0. This impacts an unknown function of the file /o_dashboard/rented_all_info.php. Such manipulation of the argument uid leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
🎖@cveNotify
GitHub
itsourcecode Apartment Management System Project V1.0 /o_dashboard/rented_all_info.php SQL injection · Issue #54 · zzb1388/cve
itsourcecode Apartment Management System Project V1.0 /o_dashboard/rented_all_info.php SQL injection NAME OF AFFECTED PRODUCT(S) Apartment Management System Vendor Homepage https://itsourcecode.com...
🚨 CVE-2025-9598
A security flaw has been discovered in itsourcecode Apartment Management System 1.0. Affected is an unknown function of the file /setting/year_setup.php. Performing manipulation of the argument txtXYear results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited.
🎖@cveNotify
A security flaw has been discovered in itsourcecode Apartment Management System 1.0. Affected is an unknown function of the file /setting/year_setup.php. Performing manipulation of the argument txtXYear results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited.
🎖@cveNotify
GitHub
itsourcecode Apartment Management System Project V1.0 /setting/year_setup.php SQL injection · Issue #53 · zzb1388/cve
itsourcecode Apartment Management System Project V1.0 /setting/year_setup.php SQL injection NAME OF AFFECTED PRODUCT(S) Apartment Management System Vendor Homepage https://itsourcecode.com/free-pro...
🚨 CVE-2024-44271
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record the screen without an indicator.
🎖@cveNotify
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record the screen without an indicator.
🎖@cveNotify
Apple Support
About the security content of macOS Sequoia 15.2 - Apple Support
This document describes the security content of macOS Sequoia 15.2.
🚨 CVE-2024-54554
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data.
🎖@cveNotify
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data.
🎖@cveNotify
Apple Support
About the security content of macOS Sequoia 15.1 - Apple Support
This document describes the security content of macOS Sequoia 15.1.
🚨 CVE-2024-54568
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. Parsing a maliciously crafted file may lead to an unexpected app termination.
🎖@cveNotify
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. Parsing a maliciously crafted file may lead to an unexpected app termination.
🎖@cveNotify
Apple Support
About the security content of macOS Sequoia 15.2 - Apple Support
This document describes the security content of macOS Sequoia 15.2.
🚨 CVE-2025-40927
CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw
This vulnerability is a confirmed HTTP response splitting flaw in CGI::Simple that allows HTTP response header injection, which can be used for reflected XSS or open redirect under certain conditions.
Although some validation exists, it can be bypassed using URL-encoded values, allowing an attacker to inject untrusted content into the response via query parameters.
As a result, an attacker can inject a line break (e.g. %0A) into the parameter value, causing the server to split the HTTP response and inject arbitrary headers or even an HTML/JavaScript body, leading to reflected cross-site scripting (XSS), open redirect or other attacks.
The issue documented in CVE-2010-4410 https://www.cve.org/CVERecord?id=CVE-2010-4410 is related but the fix was incomplete.
Impact
By injecting %0A (newline) into a query string parameter, an attacker can:
* Break the current HTTP header
* Inject a new header or entire body
* Deliver a script payload that is reflected in the server’s response
That can lead to the following attacks:
* reflected XSS
* open redirect
* cache poisoning
* header manipulation
🎖@cveNotify
CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw
This vulnerability is a confirmed HTTP response splitting flaw in CGI::Simple that allows HTTP response header injection, which can be used for reflected XSS or open redirect under certain conditions.
Although some validation exists, it can be bypassed using URL-encoded values, allowing an attacker to inject untrusted content into the response via query parameters.
As a result, an attacker can inject a line break (e.g. %0A) into the parameter value, causing the server to split the HTTP response and inject arbitrary headers or even an HTML/JavaScript body, leading to reflected cross-site scripting (XSS), open redirect or other attacks.
The issue documented in CVE-2010-4410 https://www.cve.org/CVERecord?id=CVE-2010-4410 is related but the fix was incomplete.
Impact
By injecting %0A (newline) into a query string parameter, an attacker can:
* Break the current HTTP header
* Inject a new header or entire body
* Deliver a script payload that is reflected in the server’s response
That can lead to the following attacks:
* reflected XSS
* open redirect
* cache poisoning
* header manipulation
🎖@cveNotify
🚨 CVE-2025-43187
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. Running an hdiutil command may unexpectedly execute arbitrary code.
🎖@cveNotify
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. Running an hdiutil command may unexpectedly execute arbitrary code.
🎖@cveNotify
Apple Support
About the security content of macOS Sequoia 15.6 - Apple Support
This document describes the security content of macOS Sequoia 15.6.
🚨 CVE-2025-43255
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Sequoia 15.6, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.
🎖@cveNotify
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Sequoia 15.6, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.
🎖@cveNotify
Apple Support
About the security content of macOS Sequoia 15.6 - Apple Support
This document describes the security content of macOS Sequoia 15.6.
🚨 CVE-2025-9601
A vulnerability was detected in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /setting/employee_salary_setup.php. The manipulation of the argument ddlEmpName results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
🎖@cveNotify
A vulnerability was detected in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /setting/employee_salary_setup.php. The manipulation of the argument ddlEmpName results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
🎖@cveNotify
GitHub
itsourcecode Apartment Management System Project V1.0 /setting/employee_salary_setup.php SQL injection · Issue #50 · zzb1388/cve
itsourcecode Apartment Management System Project V1.0 /setting/employee_salary_setup.php SQL injection NAME OF AFFECTED PRODUCT(S) Apartment Management System Vendor Homepage https://itsourcecode.c...
🚨 CVE-2025-9602
A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
🎖@cveNotify
A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
🎖@cveNotify
GitHub
Database Backdoor via publicsaveAjax Method in xinhu v2.6.9 (CWE-285) · Issue #9 · rainrocka/xinhu
Database Backdoor via publicsaveAjax Method in xinhu v2.6.9 (CWE-285) Summary In xinhu v2.6.9, the publicsaveAjax method contains both vertical and horizontal privilege escalation issues. This allo...
🚨 CVE-2025-9603
A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
GitHub
lin-cve/Telesquare Tlr-2005Ksh/Telesquare Tlr-2005Ksh存在命令注入漏洞.md at main · lin-3-start/lin-cve
Contribute to lin-3-start/lin-cve development by creating an account on GitHub.
🚨 CVE-2025-9604
A vulnerability was identified in coze-studio up to 0.2.4. The impacted element is an unknown function of the file backend/domain/plugin/encrypt/aes.go. The manipulation of the argument AuthSecretKey/StateSecretKey/OAuthTokenSecretKey leads to use of hard-coded cryptographic key . It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is regarded as difficult. To fix this issue, it is recommended to deploy a patch. The vendor replied to the GitHub issue (translated from simplified Chinese): "For scenarios requiring encryption, we will implement user-defined key management through configuration and optimize the use of encryption tools, such as random salt."
🎖@cveNotify
A vulnerability was identified in coze-studio up to 0.2.4. The impacted element is an unknown function of the file backend/domain/plugin/encrypt/aes.go. The manipulation of the argument AuthSecretKey/StateSecretKey/OAuthTokenSecretKey leads to use of hard-coded cryptographic key . It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is regarded as difficult. To fix this issue, it is recommended to deploy a patch. The vendor replied to the GitHub issue (translated from simplified Chinese): "For scenarios requiring encryption, we will implement user-defined key management through configuration and optimize the use of encryption tools, such as random salt."
🎖@cveNotify
GitHub
在插件系统中发现了AES加密实现,存在多个严重的安全漏洞: · Issue #505 · coze-dev/coze-studio
主要安全问题: 1.硬编码密钥:三个加密密钥直接硬编码在源码中,任何能访问代码的人都能获取 密钥强度不足:使用16字节的ASCII字符串作为密钥,熵值较低 密钥重用:多个不同用途使用不同的固定密钥,但都存在相同问题 2. 不安全的CBC模式实现 安全漏洞: IV重用:使用密钥的前16字节作为IV,这是极其危险的做法 固定IV:每次加密都使用相同的IV,导致相同明文产生相同密文 可预测性:攻击...
👍1
🚨 CVE-2025-8857
Clinic Image System developed by Changing contains hard-coded Credentials, allowing unauthenticated remote attackers to log into the system using administrator credentials embedded in the source code.
🎖@cveNotify
Clinic Image System developed by Changing contains hard-coded Credentials, allowing unauthenticated remote attackers to log into the system using administrator credentials embedded in the source code.
🎖@cveNotify
🚨 CVE-2025-8858
Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
🎖@cveNotify
Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
🎖@cveNotify
🚨 CVE-2025-8861
TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents.
🎖@cveNotify
TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents.
🎖@cveNotify
🚨 CVE-2025-9609
A vulnerability was found in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /educacenso/consulta. The manipulation results in improper authorization. The attack can be executed remotely. The exploit has been made public and could be used.
🎖@cveNotify
A vulnerability was found in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /educacenso/consulta. The manipulation results in improper authorization. The attack can be executed remotely. The exploit has been made public and could be used.
🎖@cveNotify
🚨 CVE-2025-9610
A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /create_account.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Other parameters might be affected as well.
🎖@cveNotify
A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /create_account.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Other parameters might be affected as well.
🎖@cveNotify
🚨 CVE-2025-9619
A security flaw has been discovered in E4 Sistemas Mercatus ERP 2.00.019. The affected element is an unknown function of the file /basico/webservice/imprimir-danfe/id/. Performing manipulation results in improper control of resource identifiers. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A security flaw has been discovered in E4 Sistemas Mercatus ERP 2.00.019. The affected element is an unknown function of the file /basico/webservice/imprimir-danfe/id/. Performing manipulation results in improper control of resource identifiers. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify