Vulnerabilities

CVE Alert: CVE-2025-8151

August 2, 2025

Vulnerability Summary: CVE-2025-8151 The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Path Traversal in...

CVE Alert: CVE-2025-8381

August 2, 2025

Vulnerability Summary: CVE-2025-8381 A vulnerability, which was classified as critical, has been found in Campcodes Online Hotel Reservation System 1.0....

CVE Alert: CVE-2025-8382

August 2, 2025

Vulnerability Summary: CVE-2025-8382 A vulnerability, which was classified as critical, was found in Campcodes Online Hotel Reservation System 1.0. Affected...

CVE Alert: CVE-2025-8407

August 2, 2025

Vulnerability Summary: CVE-2025-8407 A vulnerability, which was classified as critical, has been found in code-projects Vehicle Management 1.0. This issue...

CVE Alert: CVE-2025-8213

August 2, 2025

Vulnerability Summary: CVE-2025-8213 The NinjaScanner – Virus & Malware scan plugin for WordPress is vulnerable to arbitrary file deletion due...

CVE Alert: CVE-2024-34328

August 2, 2025

Vulnerability Summary: CVE-2024-34328 An open redirect in Sielox AnyWare v2.1.2 allows attackers to execute a man-in-the-middle attack via a crafted...

CVE Alert: CVE-2025-7738

August 2, 2025

Vulnerability Summary: CVE-2025-7738 A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret...

CVE Alert: CVE-2025-54589

August 2, 2025

Vulnerability Summary: CVE-2025-54589 Copyparty is a portable file server. In versions 1.18.6 and below, when accessing the recent uploads page...

CVE Alert: CVE-2025-50270

August 1, 2025

Vulnerability Summary: CVE-2025-50270 A stored Cross Site Scripting (xss) vulnerability in the "content management" feature in AnQiCMS v.3.4.11 allows a...

CVE Alert: CVE-2025-29557

August 1, 2025

Vulnerability Summary: CVE-2025-29557 ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint, where...

CVE Alert: CVE-2025-52289

August 1, 2025

Vulnerability Summary: CVE-2025-52289 A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by...

CVE Alert: CVE-2025-50475

August 1, 2025

Vulnerability Summary: CVE-2025-50475 An OS command injection vulnerability exists in Russound MBX-PRE-D67F firmware version 3.1.6, allowing unauthenticated attackers to execute...

CVE Alert: CVE-2025-50849

August 1, 2025

Vulnerability Summary: CVE-2025-50849 CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR). The user profile functionality allows enabling...

Vulnerability Summary: CVE-2025-51569 A cross-site scripting (XSS) vulnerability exists in the LB-Link BL-CPE300M 01.01.02P42U14_06 router's web interface. The /goform/goform_get_cmd_process endpoint...

CVE Alert: CVE-2025-29556

August 1, 2025

Vulnerability Summary: CVE-2025-29556 ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3, ExaGrid enforces restrictions...

CVE Alert: CVE-2025-50848

August 1, 2025

Vulnerability Summary: CVE-2025-50848 A file upload vulnerability was discovered in CS Cart 4.18.3, allows attackers to execute arbitrary code. CS...

CVE Alert: CVE-2025-50847

August 1, 2025

Vulnerability Summary: CVE-2025-50847 Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a...

CVE Alert: CVE-2025-8408

August 1, 2025

Vulnerability Summary: CVE-2025-8408 A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. Affected is an...

CVE Alert: CVE-2025-8409

August 1, 2025

Vulnerability Summary: CVE-2025-8409 A vulnerability has been found in code-projects Vehicle Management 1.0 and classified as critical. Affected by this...

CVE Alert: CVE-2025-52203

August 1, 2025

Vulnerability Summary: CVE-2025-52203 A stored cross-site scripting (XSS) vulnerability exists in DevaslanPHP project-management v1.2.4. The vulnerability resides in the Ticket...

CVE Alert: CVE-2025-50867

August 1, 2025

Vulnerability Summary: CVE-2025-50867 A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0, where the Q5 POST...

CVE Alert: CVE-2025-50850

August 1, 2025

Vulnerability Summary: CVE-2025-50850 An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential security controls...

CVE Alert: CVE-2025-46809

August 1, 2025

Vulnerability Summary: CVE-2025-46809 A Insertion of Sensitive Information into Log File vulnerability in SUSE Multi Linux Manager exposes the HTTP...

CVE Alert: CVE-2025-50866

August 1, 2025

Vulnerability Summary: CVE-2025-50866 CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of the postquerypublic endpoint....

Vulnerabilities

CVE Alert: CVE-2025-8151

CVE Alert: CVE-2025-8381

CVE Alert: CVE-2025-8382

CVE Alert: CVE-2025-8407

CVE Alert: CVE-2025-8213

CVE Alert: CVE-2024-34328

CVE Alert: CVE-2025-7738

CVE Alert: CVE-2025-54589

CVE Alert: CVE-2025-50270

CVE Alert: CVE-2025-29557

CVE Alert: CVE-2025-52289

CVE Alert: CVE-2025-50475

CVE Alert: CVE-2025-50849

CVE Alert: CVE-2025-51569

CVE Alert: CVE-2025-29556

CVE Alert: CVE-2025-50848

CVE Alert: CVE-2025-50847

CVE Alert: CVE-2025-8408

CVE Alert: CVE-2025-8409

CVE Alert: CVE-2025-52203

CVE Alert: CVE-2025-50867

CVE Alert: CVE-2025-50850

CVE Alert: CVE-2025-46809

CVE Alert: CVE-2025-50866

BugCrowd Bug Bounty Disclosure: P3 – Publicly Editable Google Docs Linked from NASA SnowEx PPT –

BugCrowd Bug Bounty Disclosure: P3 – Details of the collaboration between NASA and Inmarsat Government and the type of contract –

Apple Products Multiple Vulnerabilities

Miljödata – 870,108 breached accounts

Cobalt Strike Beacon Detected – 119[.]91[.]203[.]199:88

You may have missed