Tagged: Cybersecurity Alert

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /orders.php. More information : https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-9

Car-Booking-System-PHP v.1.0 is vulnerable to Cross Site Scripting (XSS) in /carlux/booking.php. More information : https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-11

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php. More information : https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-12

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/forgot-pass.php. More information : https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-13

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php. More information : https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-14

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_customer.php. More information : https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-8

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edit_product.php?id=1. More information : https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-9

Water Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /add_vendor.php. More information : https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-7

A cross-site scripting (XSS) vulnerability exists in the administrative interface of ultimatefosters UltimatePOS 4.8 where input submitted in the purchase functionality is reflected without proper escaping in the admin log panel page in the...

A remote code execution (RCE) vulnerability in the Postgres Drivers component of iceScrum v7.54 Pro On-prem allows attackers to execute arbitrary code via a crafted HTML page. More information : https://zdaylabs.com/CVE-2025-60785.html

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment. More information : https://www.ibm.com/support/pages/node/7249999

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause a denial of service due to the improper validation of input length. More information : https://www.ibm.com/support/pages/node/7249999

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an attacker to access unauthorized content or perform unauthorized actions using man in the middle techniques due to improper access controls. More...

A potential security vulnerability has been identified in the HP Client Management Script Library software, which might allow escalation of privilege during the installation process. HP is releasing software updates to mitigate the potential...