CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-5838
PHPGurukul Employee Record Management System adminprofile.php sql injection
Description: A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. Affected by this vulnerability is an unknown functionality of the file /admin/adminprofile.php. The manipulation of the argument AdminName leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. In PHPGurukul Employee Record Management System 1.3 wurde eine kritische Schwachstelle entdeckt. Das betrifft eine unbekannte Funktionalität der Datei /admin/adminprofile.php. Mittels Manipulieren des Arguments AdminName mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.

CVSS: MEDIUM (5.3)

EPSS Score: 0.03%

Source: CVE
June 7th, 2025 (about 1 month ago)

CVE-2025-5837
PHPGurukul Employee Record Management System allemployees.php sql injection
Description: A vulnerability classified as critical has been found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file /admin/allemployees.php. The manipulation of the argument delid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in PHPGurukul Employee Record Management System 1.3 entdeckt. Es betrifft eine unbekannte Funktion der Datei /admin/allemployees.php. Mittels dem Manipulieren des Arguments delid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.

CVSS: MEDIUM (6.3)

EPSS Score: 0.03%

Source: CVE
June 7th, 2025 (about 1 month ago)
🏴‍☠️ Global has just published a new victim : Ascot Vale Health Group
Description: Ascot Vale Health Group is a comprehensive healthcare provider located in Ascot Vale, Victoria, Australia. The organization is dedicated to delivering high-quality medical services and preventive care to the community, focusing on the holistic health of its patients.
Source: Ransomware.live
June 7th, 2025 (about 1 month ago)
🏴‍☠️ Global has just published a new victim : ad-engineering.co.uk
Description: AD Engineering is a leading provider of innovative solutions for the packaging industry, specializing in Vertical Fill Form & Seal (VFFS) machinery. Founded over 14 years ago by Andy, a seasoned service engineer with extensive experience in the food sector, the company is dedicated to delivering high-quality, reliable, and cost-effective services to its clients.
Source: Ransomware.live
June 7th, 2025 (about 1 month ago)
🏴‍☠️ Global has just published a new victim : Deakin Medical
Description: Deakin Medical Centre is a family-centered medical practice dedicated to providing high-quality healthcare services to the community. Established in 1985, the center focuses on personalized care, ensuring that each patient receives tailored medical attention to meet their unique health needs.
Source: Ransomware.live
June 7th, 2025 (about 1 month ago)
🏴‍☠️ Global has just published a new victim : https://www.personalservice.com.br/
Description: ERSONAL SERVICE is one of the leading service providers in Brazil, operating in the areas of Facilities, Business Process Outsourcing (BPO) solutions that combine Human Resources with processes and technology, and Technical Services for dealerships. Founded 21 years ago, the company is now present in 11 states across the country, with 12,000 employees and around 160 clients in sectors such as industries, shopping malls, corporate headquarters, hospitals, commercial and residential condominiums, among others
Source: Ransomware.live
June 7th, 2025 (about 1 month ago)
🏴‍☠️ Rhysida has just published a new victim : Hudson River Housing
Description: Hudson River Housing Hudson River Housing provides quality, affordable rental housing for individual, families and seniors throughout the Mid-Hudson Valley region.
Source: Ransomware.live
June 7th, 2025 (about 1 month ago)

CVE-2025-5836
Tenda AC9 POST Request SetIPTVCfg formSetIptv command injection
Description: A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file /goform/SetIPTVCfg of the component POST Request Handler. The manipulation of the argument list leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Eine Schwachstelle wurde in Tenda AC9 15.03.02.13 ausgemacht. Sie wurde als kritisch eingestuft. Hierbei geht es um die Funktion formSetIptv der Datei /goform/SetIPTVCfg der Komponente POST Request Handler. Durch Manipulation des Arguments list mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.

CVSS: MEDIUM (5.3)

EPSS Score: 6.19%

Source: CVE
June 7th, 2025 (about 1 month ago)

CVE-2025-49619
Skyvern through 0.1.85 has a Jinja runtime leak in sdk/workflow/models/block.py.
Description: Skyvern through 0.1.85 has a Jinja runtime leak in sdk/workflow/models/block.py.

CVSS: HIGH (8.5)

EPSS Score: 31.37%

Source: CVE
June 7th, 2025 (about 1 month ago)
Scientists Just Discovered a Lost Ancient Culture That Vanished
Description: Plus: a surprising case of galactic eschatology, nematode cheerleading pyramids, ancient makeup kits, and more.
Source: 404 Media
June 7th, 2025 (about 1 month ago)