Self Reflected XSS on target.nasa.gov via unescaped user input in field Self Reflected XSS on target.nasa.gov via unescaped user input...
self cross site scripting self cross site scripting Researcher: bugcrowd_staff Engagement: National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure...
Cross Site Scripting Cross Site Scripting Researcher: ChrisRanaMagar Engagement: National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program Disclosed...
Ransomware Group: SAFEPAY VICTIM NAME: chamberlainhuckeriedecom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Vulnerability Summary: CVE-2025-29557 ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint, where...
Vulnerability Summary: CVE-2025-50270 A stored Cross Site Scripting (xss) vulnerability in the "content management" feature in AnQiCMS v.3.4.11 allows a...
Vulnerability Summary: CVE-2025-50849 CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR). The user profile functionality allows enabling...
Vulnerability Summary: CVE-2025-50475 An OS command injection vulnerability exists in Russound MBX-PRE-D67F firmware version 3.1.6, allowing unauthenticated attackers to execute...
Vulnerability Summary: CVE-2025-52289 A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by...
Vulnerability Summary: CVE-2025-50848 A file upload vulnerability was discovered in CS Cart 4.18.3, allows attackers to execute arbitrary code. CS...
Vulnerability Summary: CVE-2025-29556 ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3, ExaGrid enforces restrictions...
Vulnerability Summary: CVE-2025-51569 A cross-site scripting (XSS) vulnerability exists in the LB-Link BL-CPE300M 01.01.02P42U14_06 router's web interface. The /goform/goform_get_cmd_process endpoint...
Vulnerability Summary: CVE-2025-8408 A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. Affected is an...
Vulnerability Summary: CVE-2025-50847 Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a...
Ransomware Group: QILIN VICTIM NAME: cadexcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Ransomware Group: QILIN VICTIM NAME: envaces NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Ransomware Group: QILIN VICTIM NAME: fortsmithschoolsorg NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Ransomware Group: INCRANSOM VICTIM NAME: Radford City Schools NOTE: No files or stolen information are by RedPacket Security. Any legal...
Ransomware Group: AKIRA VICTIM NAME: Meissner Fenstertechnik NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Ransomware Group: AKIRA VICTIM NAME: Great Lakes Carpet &Tile NOTE: No files or stolen information are by RedPacket Security. Any...
Ransomware Group: AKIRA VICTIM NAME: Hölscher Holding NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Ransomware Group: AKIRA VICTIM NAME: Herrman Law Firm NOTE: No files or stolen information are by RedPacket Security. Any legal...
Ransomware Group: AKIRA VICTIM NAME: Guyana Sugar NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Vulnerability Summary: CVE-2025-52203 A stored cross-site scripting (XSS) vulnerability exists in DevaslanPHP project-management v1.2.4. The vulnerability resides in the Ticket...
