High Severity

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

CVE News

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

A critical SQL injection vulnerability (CVE-2025-4039) has been identified in PHPGurukul’s Rail Pass Management System version 1.0,...

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

CVE News

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

A critical authentication bypass vulnerability (CVE-2023-44752) has been identified in the Apache Student Study Center Desk Management...

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

CVE News

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

A recently disclosed vulnerability in the code-projects Online Exam Mastering System 1.0 exposes users to reflected Cross-Site...

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

CVE News

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

A high-severity vulnerability (CVE-2025-2594) has been identified in the WordPress User Registration & Membership plugin, allowing unauthenticated...

Think Router Tk-Rt-Wr135G Authentication Bypass Vulnerability (CVE-2024-55211) Analysis

CVE News

Think Router Tk-Rt-Wr135G Authentication Bypass Vulnerability (CVE-2024-55211) Analysis

A critical authentication bypass vulnerability (CVE-2024-55211) has been identified in Think Router’s Tk-Rt-Wr135G wireless router, posing significant...

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

CVE News

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

A critical SQL injection vulnerability (CVE-2025-28009) has been identified in Dietiqa App version 1.0.20, posing significant risks...

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

CVE News

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

A high-severity SQL injection vulnerability (CVE-2025-31547) has been identified in the Aphotrax Uptime Robot Plugin for WordPress,...

Critical SQL Injection Vulnerability in PiExtract’s SOOP-CLM (CVE-2025-3011)

CVE News

Critical SQL Injection Vulnerability in PiExtract’s SOOP-CLM (CVE-2025-3011)

A critical SQL injection vulnerability (CVE-2025-3011) has been identified in PiExtract’s SOOP-CLM software, rated 9.8 (CRITICAL) on...

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

CVE News

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-28138, has been identified in TOTOLINK A800R routers...

CVE-2025-2691: High-Severity SSRF Vulnerability in Nossrf Package

Blue-Team
CVE News
Exploitation
Red-Team
Threat Intelligence

CVE-2025-2691: High-Severity SSRF Vulnerability in Nossrf Package

A critical Server-Side Request Forgery (SSRF) vulnerability (CVE-2025-2691) has been identified in the nossrf package, affecting versions...

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

Bug Bounties & Responsible Disclosure
Cyber Laws & Regulations
Exploitation
Malware Analysis
Red-Team
SIEM & Detection Engineering

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

A critical vulnerability, CVE-2025-2609, has been identified in MagnusSolution’s MagnusBilling software, a widely used billing and call...

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

Exploitation

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

A high-severity vulnerability, CVE-2024-9880, has been identified in the Apache Pandas library, a cornerstone of data analysis...

High Severity

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

Think Router Tk-Rt-Wr135G Authentication Bypass Vulnerability (CVE-2024-55211) Analysis

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

Critical SQL Injection Vulnerability in PiExtract’s SOOP-CLM (CVE-2025-3011)

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

CVE-2025-2691: High-Severity SSRF Vulnerability in Nossrf Package

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

You may have missed

Anatomy of a Council Ransomware Attack: Tactics, Impact, and Defense Strategies

OpenAI’s $3 Billion Windsurf Acquisition: Strategic Shift Toward AI-Driven Developer Tools

Apple’s AI Partnership with Alibaba Sparks U.S. National Security Concerns

Meta’s Antitrust Battle: Examining the FTC’s Monopoly Allegations