CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-5840 |
Description: A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_update_customer_order.php. The manipulation of the argument uploaded_file leads to unrestricted upload. It is possible to initiate the attack remotely. Es wurde eine kritische Schwachstelle in SourceCodester Client Database Management System 1.0 gefunden. Dabei betrifft es einen unbekannter Codeteil der Datei /user_update_customer_order.php. Durch Manipulieren des Arguments uploaded_file mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen.
CVSS: MEDIUM (6.9) EPSS Score: 0.04%
June 7th, 2025 (about 1 month ago)
|
|
CVE-2024-55585 |
Description: moPS App Engine 1.8.618 has incorrect access control.
EPSS Score: 0.17%
June 7th, 2025 (about 1 month ago)
|
|
Description: [AI generated] Triangle Heating & Cooling is a heating and cooling service provider, renowned for their commitment to high-quality work and customer satisfaction. The company operates throughout Randolph County, WV, offering various HVAC services, including installations, repairs, and maintenance of cooling, heating, and indoor air quality systems. They are dedicated to providing comfortable living environments for their clients.
June 7th, 2025 (about 1 month ago)
|
|
|
Description: [AI generated] Mercer Capital is a business valuation and financial advisory services firm. With expertise in providing business valuation services, this US-based company also offers financial reporting, tax compliance, corporate advisory services, and litigation support. Other services include portfolio valuation and investment banking. Their clientele is diverse, including public and private businesses, financial institutions, and high-net-worth individuals.
June 7th, 2025 (about 1 month ago)
|
|
|
Description: [AI generated] N/A
June 7th, 2025 (about 1 month ago)
|
|
CVE-2025-5839 |
Description: A vulnerability, which was classified as critical, has been found in Tenda AC9 15.03.02.13. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Handler. The manipulation of the argument lanMask leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Eine kritische Schwachstelle wurde in Tenda AC9 15.03.02.13 entdeckt. Dies betrifft die Funktion fromadvsetlanip der Datei /goform/AdvSetLanip der Komponente POST Request Handler. Durch das Manipulieren des Arguments lanMask mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: HIGH (8.8) EPSS Score: 0.08%
June 7th, 2025 (about 1 month ago)
|
|
CVE-2025-5838 |
Description: A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. Affected by this vulnerability is an unknown functionality of the file /admin/adminprofile.php. The manipulation of the argument AdminName leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. In PHPGurukul Employee Record Management System 1.3 wurde eine kritische Schwachstelle entdeckt. Das betrifft eine unbekannte Funktionalität der Datei /admin/adminprofile.php. Mittels Manipulieren des Arguments AdminName mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (5.3) EPSS Score: 0.03%
June 7th, 2025 (about 1 month ago)
|
|
CVE-2025-5837 |
Description: A vulnerability classified as critical has been found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file /admin/allemployees.php. The manipulation of the argument delid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in PHPGurukul Employee Record Management System 1.3 entdeckt. Es betrifft eine unbekannte Funktion der Datei /admin/allemployees.php. Mittels dem Manipulieren des Arguments delid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.3) EPSS Score: 0.03%
June 7th, 2025 (about 1 month ago)
|
|
|
Description: Ascot Vale Health Group is a comprehensive healthcare provider located in Ascot Vale, Victoria, Australia. The organization is dedicated to delivering high-quality medical services and preventive care to the community, focusing on the holistic health of its patients.
June 7th, 2025 (about 1 month ago)
|
|
|
Description: AD Engineering is a leading provider of innovative solutions for the packaging industry, specializing in Vertical Fill Form & Seal (VFFS) machinery. Founded over 14 years ago by Andy, a seasoned service engineer with extensive experience in the food sector, the company is dedicated to delivering high-quality, reliable, and cost-effective services to its clients.
June 7th, 2025 (about 1 month ago)
|