CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-5757 |
Description: A vulnerability was found in code-projects Traffic Offense Reporting System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /save-reported.php. The manipulation of the argument offence_id/vehicle_no/driver_license/name/address/gender/officer_reporting/offence leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Eine problematische Schwachstelle wurde in code-projects Traffic Offense Reporting System 1.0 ausgemacht. Davon betroffen ist unbekannter Code der Datei /save-reported.php. Dank der Manipulation des Arguments offence_id/vehicle_no/driver_license/name/address/gender/officer_reporting/offence mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: LOW (3.5) EPSS Score: 0.03%
June 6th, 2025 (about 1 month ago)
|
|
CVE-2025-5756 |
Description: A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Admin/EditCity.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. In code-projects Real Estate Property Management System 1.0 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei /Admin/EditCity.php. Durch Beeinflussen mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.04%
June 6th, 2025 (about 1 month ago)
|
|
Description: Mass layoffs create cybersecurity vulnerabilities through dormant accounts and disgruntled employees.
June 6th, 2025 (about 1 month ago)
|
|
Description: Cybersecurity involves both playing the good guy and the bad guy. Diving deep into advanced technologies and yet also going rogue in the Dark Web. Defining technical policies and also profiling attacker behavior. Security teams cannot be focused on just ticking boxes, they need to inhabit the attacker’s mindset.
This is where AEV comes in.
AEV (Adversarial Exposure Validation) is an advanced
June 6th, 2025 (about 1 month ago)
|
|
CVE-2025-5755 |
Description: A vulnerability was found in SourceCodester Open Source Clinic Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /email_config.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in SourceCodester Open Source Clinic Management System 1.0 ausgemacht. Dabei betrifft es einen unbekannter Codeteil der Datei /email_config.php. Durch das Beeinflussen des Arguments email mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.9) EPSS Score: 0.03%
June 6th, 2025 (about 1 month ago)
|
|
CVE-2025-5192 |
Description: A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions.
CVSS: CRITICAL (9.3) EPSS Score: 0.25%
June 6th, 2025 (about 1 month ago)
|
|
CVE-2025-48784 |
Description: A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization.
CVSS: HIGH (8.8) EPSS Score: 0.19%
June 6th, 2025 (about 1 month ago)
|
|
CVE-2025-48783 |
Description: An external control of file name or path vulnerability in the delete file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to delete partial files by specifying arbitrary file paths.
CVSS: HIGH (8.8) EPSS Score: 0.19%
June 6th, 2025 (about 1 month ago)
|
|
CVE-2025-48782 |
Description: An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file.
CVSS: CRITICAL (9.9) EPSS Score: 0.19%
June 6th, 2025 (about 1 month ago)
|
|
CVE-2025-48781 |
Description: An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths.
CVSS: HIGH (8.7) EPSS Score: 0.19%
June 6th, 2025 (about 1 month ago)
|