Web Security

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

CVE News

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

A critical SQL injection vulnerability (CVE-2025-43949) has been identified in MuM MapEdit version 24.2.3, posing significant risk...

Garage Management System 1.0 Stored XSS Vulnerability (CVE-2022-41358): Analysis and Mitigation

CVE News

Garage Management System 1.0 Stored XSS Vulnerability (CVE-2022-41358): Analysis and Mitigation

A stored cross-site scripting (XSS) vulnerability has been identified in Garage Management System 1.0, specifically affecting the...

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

CVE News

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

A critical unauthenticated SQL injection vulnerability (CVE-2024-11728) has been identified in KiviCare Clinic & Patient Management System...

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

CVE News

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

A recently disclosed vulnerability in the code-projects Online Exam Mastering System 1.0 exposes users to reflected Cross-Site...

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

CVE News

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

A newly disclosed SQL injection vulnerability (CVE-2025-23176) in Apache Web Server has been rated with a CVSS...

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

CVE News

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

A critical SQL injection vulnerability (CVE-2025-28009) has been identified in Dietiqa App version 1.0.20, posing significant risks...

Critical SQL Injection Vulnerability in Pantherius Modal Survey Plugin (CVE-2025-39471)

CVE News

Critical SQL Injection Vulnerability in Pantherius Modal Survey Plugin (CVE-2025-39471)

A critical SQL injection vulnerability (CVE-2025-39471) has been identified in the Pantherius Modal Survey plugin for WordPress,...

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

CVE News

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

A critical vulnerability (CVE-2025-1093) has been identified in the AIHub WordPress theme, allowing unauthenticated attackers to upload...

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

CVE News

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

A critical path traversal vulnerability (CVE-2025-31131) has been identified in YesWiki, a PHP-based wiki system, with a...

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

CVE News

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

A critical SQL injection vulnerability (CVE-2025-31534) has been identified in the Shopperdotcom Shopper platform, affecting all versions...

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

CVE News

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

A critical SQL injection vulnerability (CVE-2025-31552) has been identified in the RSVPMarker WordPress plugin, affecting versions up...

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

CVE News

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

A high-severity SQL injection vulnerability (CVE-2025-31547) has been identified in the Aphotrax Uptime Robot Plugin for WordPress,...

Massive JavaScript Injection Campaign Targets 150,000 Sites to Redirect Users to Chinese Gambling Platforms

Threat Intelligence

Massive JavaScript Injection Campaign Targets 150,000 Sites to Redirect Users to Chinese Gambling Platforms

A widespread cyber campaign has compromised approximately 150,000 legitimate websites by injecting malicious JavaScript code that redirects...

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

CVE News

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

A high-severity open redirect vulnerability (CVE-2025-24381) has been identified in Dell Unity storage systems running versions 5.4...

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

CVE News

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

A critical vulnerability (CVE-2025-2294) has been identified in the Kubio AI Page Builder plugin for WordPress, affecting...

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

News

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

Reports indicate that a prominent Indonesian educational technology platform may have been the target of a cybersecurity...

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

News

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

Network traffic analysis often reveals hidden artifacts, including images transferred over HTTP. These images can contain valuable...

How Trend Micro’s Managed XDR Detected and Contained a Web Shell Attack on IIS Servers

Blue-Team

How Trend Micro’s Managed XDR Detected and Contained a Web Shell Attack on IIS Servers

A recent investigation by Trend Micro’s Managed XDR team uncovered a sophisticated web shell attack targeting Internet...

VulnNodeApp: A Purposefully Vulnerable Node.js Application for Security Training

News

VulnNodeApp: A Purposefully Vulnerable Node.js Application for Security Training

VulnNodeApp serves as an intentionally vulnerable Node.js application specifically designed for security education and training purposes. This...

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Bug Bounties & Responsible Disclosure

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Bug bounty programs have become a proven strategy for strengthening system security through collaboration with external researchers....

Posts pagination

1 2 Next

Web Security

Critical SQL Injection Vulnerability in MuM MapEdit 24.2.3 (CVE-2025-43949)

Garage Management System 1.0 Stored XSS Vulnerability (CVE-2022-41358): Analysis and Mitigation

KiviCare Clinic & Patient Management System (EHR) 3.6.4 SQL Injection Vulnerability (CVE-2024-11728)

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Dietiqa App (CVE-2025-28009): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Pantherius Modal Survey Plugin (CVE-2025-39471)

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

High-Severity SQL Injection Vulnerability in WordPress Uptime Robot Plugin (CVE-2025-31547)

Massive JavaScript Injection Campaign Targets 150,000 Sites to Redirect Users to Chinese Gambling Platforms

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

Indonesian E-Learning Platform Reportedly Targeted in Cybersecurity Incident

Extracting Image Metadata from HTTP Captures Using Tshark for Security Analysis

How Trend Micro’s Managed XDR Detected and Contained a Web Shell Attack on IIS Servers

VulnNodeApp: A Purposefully Vulnerable Node.js Application for Security Training

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

You may have missed

Selecting the Right University for a Cybersecurity Career: A Practical Guide

CyberArk’s Identity Security Solution for AI Agents: Technical Analysis

Critical Authentication Bypass in Apache Student Study Center Desk Management System (CVE-2023-44752)

CarlinKit CPC200-CCPA Firmware Update Vulnerabilities Expose Devices to Remote Code Execution