🚨 CVE-2009-3369
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then initiating a backup or restore.
🎖@cveNotify
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then initiating a backup or restore.
🎖@cveNotify
🚨 CVE-2011-3361
Cross-site scripting (XSS) vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi.
🎖@cveNotify
Cross-site scripting (XSS) vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi.
🎖@cveNotify
SourceForge
BackupPC
Download BackupPC for free. BackupPC is a high-performance, enterprise-grade backup system for backing up Linux, WinXX PCs, Macs and laptops to a server's disk. Features include clever pooling of identical files, no client-side software, and a powerful Apache/CGI…
🚨 CVE-2011-4923
Cross-site scripting (XSS) vulnerability in View.pm in BackupPC 3.0.0, 3.1.0, 3.2.0, 3.2.1, and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the num parameter in a view action to index.cgi, related to the log file viewer, a different vulnerability than CVE-2011-3361.
🎖@cveNotify
Cross-site scripting (XSS) vulnerability in View.pm in BackupPC 3.0.0, 3.1.0, 3.2.0, 3.2.1, and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the num parameter in a view action to index.cgi, related to the log file viewer, a different vulnerability than CVE-2011-3361.
🎖@cveNotify
Flexera
Secunia Research
Flexera provides software licensing management, software compliance, installation and application packaging solutions to developers and their customers.
🚨 CVE-2011-5081
Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC 3.1.0, 3.2.1, and possibly other earlier versions allows remote attackers to inject arbitrary web script or HTML via the share parameter in a RestoreFile action to index.cgi.
🎖@cveNotify
Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC 3.1.0, 3.2.1, and possibly other earlier versions allows remote attackers to inject arbitrary web script or HTML via the share parameter in a RestoreFile action to index.cgi.
🎖@cveNotify
seclists.org
Bugtraq: HTB22965: Multiple XSS vulnerabilities in BackupPC
🚨 CVE-2021-3878
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
🎖@cveNotify
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
🎖@cveNotify
GitHub
Missed a couple possibly unsafe XMLUtils · stanfordnlp/CoreNLP@e5bbe13
CoreNLP: A Java suite of core NLP tools for tokenization, sentence segmentation, NER, parsing, coreference, sentiment analysis, etc. - Missed a couple possibly unsafe XMLUtils · stanfordnlp/CoreNLP@e5bbe13
🚨 CVE-2025-54388
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.
🎖@cveNotify
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.
🎖@cveNotify
GitHub
Merge pull request #50506 from robmry/backport-28.x/fix_firewalld_reload · moby/moby@bea959c
[28.x backport] Fix firewalld reload for per-endpoint rules
🚨 CVE-2025-52586
The MOD3 command traffic between the monitoring application and the
inverter is transmitted in plaintext without encryption or obfuscation.
This vulnerability may allow an attacker with access to a local network
to intercept, manipulate, replay, or forge critical data, including
read/write operations for voltage, current, and power configuration,
operational status, alarms, telemetry, system reset, or inverter control
commands, potentially disrupting power generation or reconfiguring
inverter settings.
🎖@cveNotify
The MOD3 command traffic between the monitoring application and the
inverter is transmitted in plaintext without encryption or obfuscation.
This vulnerability may allow an attacker with access to a local network
to intercept, manipulate, replay, or forge critical data, including
read/write operations for voltage, current, and power configuration,
operational status, alarms, telemetry, system reset, or inverter control
commands, potentially disrupting power generation or reconfiguring
inverter settings.
🎖@cveNotify
EG4 Electronics
Contact - EG4 Electronics
Have questions or need support? We’re here to help! Reach out and one of our knowledgeable team members will assist you as soon as possible.
🚨 CVE-2025-54172
QuickCMS is vulnerable to Stored XSS in sTitle parameter in page editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. Regular admin user is not able to inject any JS scripts into the page.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
QuickCMS is vulnerable to Stored XSS in sTitle parameter in page editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. Regular admin user is not able to inject any JS scripts into the page.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
cert.pl
Vulnerabilities in OpenSolution Quick.CMS and Quick.CMS.Ext software
CERT Polska has received a report about 3 vulnerabilities (CVE-2025-54172, CVE-2025-54174 and CVE-2025-54175) found in OpenSolution Quick.CMS and Quick.CMS.Ext software.
❤1
🚨 CVE-2025-54174
QuickCMS is vulnerable to Cross-Site Request Forgery in article creation functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST request creating a malicious article with content defined by the attacker.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
QuickCMS is vulnerable to Cross-Site Request Forgery in article creation functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST request creating a malicious article with content defined by the attacker.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
cert.pl
Vulnerabilities in OpenSolution Quick.CMS and Quick.CMS.Ext software
CERT Polska has received a report about 3 vulnerabilities (CVE-2025-54172, CVE-2025-54174 and CVE-2025-54175) found in OpenSolution Quick.CMS and Quick.CMS.Ext software.
🚨 CVE-2025-54175
QuickCMS.EXT is vulnerable to Reflected XSS in sFileName parameter in thumbnail viewer functionality. An attacker can craft a malicious URL that results in arbitrary JavaScript execution in the victim's browser when opened.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
QuickCMS.EXT is vulnerable to Reflected XSS in sFileName parameter in thumbnail viewer functionality. An attacker can craft a malicious URL that results in arbitrary JavaScript execution in the victim's browser when opened.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
cert.pl
Podatności w oprogramowaniu OpenSolution Quick.CMS oraz Quick.CMS.Ext
W oprogramowaniu OpenSolution Quick.CMS oraz Quick.CMS.Ext wykryto 3 podatności różnego typu (CVE-2025-54172, CVE-2025-54174 oraz CVE-2025-54175).
🚨 CVE-2025-54540
QuickCMS is vulnerable to Reflected XSS via sSort parameter in admin's panel functionality. A malicious attacker can craft a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
QuickCMS is vulnerable to Reflected XSS via sSort parameter in admin's panel functionality. A malicious attacker can craft a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
cert.pl
Podatności w oprogramowaniu OpenSolution QuickCMS
W oprogramowaniu OpenSolution QuickCMS wykryto 6 podatności różnego typu (od CVE-2025-54540 do CVE-2025-55175)
🚨 CVE-2025-54544
QuickCMS is vulnerable to Stored XSS via aDirFilesDescriptions parameter in files editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. By default admin user is not able to add JavaScript into the website.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
QuickCMS is vulnerable to Stored XSS via aDirFilesDescriptions parameter in files editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. By default admin user is not able to add JavaScript into the website.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
cert.pl
Podatności w oprogramowaniu OpenSolution QuickCMS
W oprogramowaniu OpenSolution QuickCMS wykryto 6 podatności różnego typu (od CVE-2025-54540 do CVE-2025-55175)
🚨 CVE-2025-55175
QuickCMS is vulnerable to Reflected XSS via sLangEdit parameter in admin's panel functionality. A malicious attacker can craft a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
QuickCMS is vulnerable to Reflected XSS via sLangEdit parameter in admin's panel functionality. A malicious attacker can craft a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
🎖@cveNotify
cert.pl
Podatności w oprogramowaniu OpenSolution QuickCMS
W oprogramowaniu OpenSolution QuickCMS wykryto 6 podatności różnego typu (od CVE-2025-54540 do CVE-2025-55175)
🚨 CVE-2025-57146
phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset-password.php via the mobileno parameter.
🎖@cveNotify
phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset-password.php via the mobileno parameter.
🎖@cveNotify
Clickup
🚨 CVE-2025-57147
A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The vulnerability is due to lack of input validation of multiple parameters including fullname, email, and contactno in user/registration.php.
🎖@cveNotify
A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The vulnerability is due to lack of input validation of multiple parameters including fullname, email, and contactno in user/registration.php.
🎖@cveNotify
Clickup
🚨 CVE-2025-58458
In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying `amazon-s3` protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
🎖@cveNotify
In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying `amazon-s3` protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
🎖@cveNotify
Jenkins Security Advisory 2025-09-03
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software
🚨 CVE-2025-58459
Jenkins global-build-stats Plugin 322.v22f4db_18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attackers with Overall/Read permission to enumerate graph IDs.
🎖@cveNotify
Jenkins global-build-stats Plugin 322.v22f4db_18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attackers with Overall/Read permission to enumerate graph IDs.
🎖@cveNotify
Jenkins Security Advisory 2025-09-03
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software
🚨 CVE-2025-10097
A vulnerability was identified in SimStudioAI sim up to 1.0.0. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. The attack is possible to be carried out remotely.
🎖@cveNotify
A vulnerability was identified in SimStudioAI sim up to 1.0.0. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. The attack is possible to be carried out remotely.
🎖@cveNotify
GitHub
[BUG] RCE (unauthenticated) · Issue #961 · simstudioai/sim
RCE (unauthenticated) Summary The RCE vulnerability was discovered on /api/function/execute in latest version of SIM. The functionality has user-controllable parameter without any blacklist/whiteli...
🚨 CVE-2025-10098
A security flaw has been discovered in PHPGurukul User Management System 1.0. Affected is an unknown function of the file /admin/edit-user-profile.php. The manipulation of the argument uid results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
🎖@cveNotify
A security flaw has been discovered in PHPGurukul User Management System 1.0. Affected is an unknown function of the file /admin/edit-user-profile.php. The manipulation of the argument uid results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
🎖@cveNotify
GitHub
Phpgurukul UMS Project PHP V1.0 /admin/edit-user-profile.php SQL injection · Issue #2 · CSentinel/CVE
NAME OF AFFECTED PRODUCT(S) UMS Project PHP Vendor Homepage https://phpgurukul.com/user-management-system-in-php-using-stored-procedure/ AFFECTED AND/OR FIXED VERSION(S) submitter CSentinel Vulnera...
🚨 CVE-2025-51586
An issue was discoverd in file controllers/admin/AdminLoginController.php in PrestaShop before 8.2.1 allowing attackers to gain sensitive information via the reset password feature.
🎖@cveNotify
An issue was discoverd in file controllers/admin/AdminLoginController.php in PrestaShop before 8.2.1 allowing attackers to gain sensitive information via the reset password feature.
🎖@cveNotify
GitHub
Release Prestashop 8.2.1 · PrestaShop/PrestaShop
Full Changelog
This patch release fixes some bugs and adds some improvements
Click here to read the changes since 8.2.0
Back Office:
Improvement:
#37828: Add URL Validation when installing the...
This patch release fixes some bugs and adds some improvements
Click here to read the changes since 8.2.0
Back Office:
Improvement:
#37828: Add URL Validation when installing the...
🚨 CVE-2025-56608
The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest authentication in `OkHttpClientWrapper.java`. The `handleDigest()` function employs `MessageDigest.getInstance("MD5")` to hash credentials. MD5 is a broken cryptographic algorithm known to allow hash collisions. This makes the authentication mechanism vulnerable to replay, spoofing, or brute-force attacks, potentially leading to unauthorized access. The vulnerability corresponds to CWE-327 and aligns with OWASP M5: Insufficient Cryptography and MASVS MSTG-CRYPTO-4.
🎖@cveNotify
The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest authentication in `OkHttpClientWrapper.java`. The `handleDigest()` function employs `MessageDigest.getInstance("MD5")` to hash credentials. MD5 is a broken cryptographic algorithm known to allow hash collisions. This makes the authentication mechanism vulnerable to replay, spoofing, or brute-force attacks, potentially leading to unauthorized access. The vulnerability corresponds to CWE-327 and aligns with OWASP M5: Insufficient Cryptography and MASVS MSTG-CRYPTO-4.
🎖@cveNotify
GitHub
owasp-mstg/Document/0x04g-Testing-Cryptography.md at master · MobSF/owasp-mstg
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering. - MobSF/owasp-mstg