Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-5658 |
Description: A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/updatecomplaint.php. The manipulation of the argument Status leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in PHPGurukul Complaint Management System 2.0 entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei /admin/updatecomplaint.php. Mit der Manipulation des Arguments Status mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.3) EPSS Score: 0.03%
June 5th, 2025 (3 days ago)
|
|
CVE-2025-5657 |
Description: A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument uid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Eine Schwachstelle wurde in PHPGurukul Complaint Management System 2.0 ausgemacht. Sie wurde als kritisch eingestuft. Dies betrifft einen unbekannten Teil der Datei /admin/manage-users.php. Dank Manipulation des Arguments uid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.3) EPSS Score: 0.03%
June 5th, 2025 (3 days ago)
|
|
Description: AT&T has launched a formal investigation after threat actors leaked a database containing personal information of over 86 million individuals, including decrypted Social Security Numbers (SSNs), on multiple cybercrime forums. The company told CyberInsider it had only recently learned of the leak and is currently assessing the data’s origin. The dataset was first posted on …
The post AT&T Investigating New Leak of 86 Million Customer Records with Decrypted SSNs appeared first on CyberInsider.
June 5th, 2025 (3 days ago)
|
|
Description: ISCAMEN is focused on the proper management of agricultural waste to protect the environment. They provide programs related to phytosanitary protection and offer technical exchanges to address issues like pest control. Their services are aimed at regulating and controlling the entry of agricultural products to safeguard local agriculture. Intended clients include agricultural producers and regulatory agencies in Mendoza
June 5th, 2025 (3 days ago)
|
|
|
Description: Learn about the GRECA Transparency Program and access the reporting channel. 60 years of history, achievements, challenges and continuous development in Asphalt, Logistics and Financial Solutions The GRECA Asfaltos Group is one of the largest asphalt specialist companies in Brazil. We transport, produce and sell products for asphalt paving. Always focused on the growth and updating of our products and services, we invest incessantly in research and technology. From production to delivery, we are a team that works with passion and our pioneering spirit and quality are what make us recognized on roads throughout the country. There are 14 units installed in 10 Brazilian states with the capacity to serve the entire national territory. GRECA Asfaltos maintains a commitment to quality with its customers, guaranteed through constant investments in new technologies and solutions for products that meet their needs. This energy is present in the Research, Development and Quality Center.
June 5th, 2025 (3 days ago)
|
|
Description: Law enforcement officials said initial access brokers with ties to Play ransomware operators continue to exploit multiple vulnerabilities in remote monitoring and management tool SimpleHelp.
June 5th, 2025 (3 days ago)
|
|
Description: Two cybersecurity companies issued reports tying a cyber-espionage group known as Bitter or TA397 more directly to the Indian government.
June 5th, 2025 (3 days ago)
|
|
CVE-2025-5701 |
Description: The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the hc_request_handler function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
CVSS: CRITICAL (9.8) EPSS Score: 0.07%
June 5th, 2025 (3 days ago)
|
|
CVE-2025-5656 |
Description: A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-category.php. The manipulation of the argument description leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. In PHPGurukul Complaint Management System 2.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Das betrifft eine unbekannte Funktionalität der Datei /admin/edit-category.php. Dank der Manipulation des Arguments description mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.3) EPSS Score: 0.03%
June 5th, 2025 (3 days ago)
|
|
CVE-2025-5655 |
Description: A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument subcategory leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine Schwachstelle in PHPGurukul Complaint Management System 2.0 ausgemacht. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /admin/edit-subcategory.php. Durch Beeinflussen des Arguments subcategory mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.3) EPSS Score: 0.03%
June 5th, 2025 (3 days ago)
|