-
CVE-2025-22542 – Ofek Nakar Virtual Bot SQL Injection
CVE ID : CVE-2025-22542 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Ofek Nakar Virtual Bot allows Blind SQL Injection.This issue affects Virtual Bot: from n/a through 1.0.0. Severity: 9.3 | CRITICAL Visit the link for…
-
CVE-2025-22540 – Sebastian Orellana Emailing Subscription SQL Injection Vulnerability
CVE ID : CVE-2025-22540 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Sebastian Orellana Emailing Subscription allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through 1.4.1. Severity: 9.3 | CRITICAL Visit the link for…
-
CVE-2025-22537 – Google Maps Travel Route SQL Injection
CVE ID : CVE-2025-22537 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in traveller11 Google Maps Travel Route allows SQL Injection.This issue affects Google Maps Travel Route: from n/a through 1.3.1. Severity: 8.5 | HIGH Visit the…
-
Scribus 1.6.3 Released! 3 New Script Functions & Various Fixes
Scribus, the popular free open-source desktop publishing software, announced new 1.6.3 version on Wednesday! This is a maintenance release that contains primarily bug-fixes, though there are also a few new features included in the release. For scripting, Scribus 1.6.3 added three Python script functions for working with points and the document unit. They include: pointsToDocUnit…
-
CVE-2025-22535 – WPListCal SQL Injection Vulnerability
CVE ID : CVE-2025-22535 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Jonathan Kern WPListCal allows SQL Injection.This issue affects WPListCal: from n/a through 1.3.5. Severity: 8.5 | HIGH Visit the link for more details, such…
-
CVE-2025-22508 – Roninwp FAT Event Lite PHP Local File Include Vulnerability
CVE ID : CVE-2025-22508 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Roninwp FAT Event Lite allows PHP Local File Inclusion.This issue affects FAT Event Lite: from n/a through 1.1. Severity: 8.1 | HIGH…
-
RetroArch 1.20.0 Released with PipeWire Audio Driver, Qt6 Support
RetroArch, the popular free open-source front-end for emulators and game engines, released version 1.20.0 a few days ago. The new release added illuminance sensor support for Linux users. Meaning you can play Boktai with real light, just as intended. While, it’s also working on sunlight and camera support. Also for Linux, the release added audio…
-
CVE-2025-22505 – NC Wishlist for Woocommerce SQL Injection Vulnerability
CVE ID : CVE-2025-22505 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Nabaraj Chapagain NC Wishlist for Woocommerce allows SQL Injection.This issue affects NC Wishlist for Woocommerce: from n/a through 1.0.1. Severity: 8.5 | HIGH Visit…
-
CVE-2025-22504 – Jumpdemand 4ECPS Web Forms Unrestricted File Upload RCE
CVE ID : CVE-2025-22504 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in jumpdemand 4ECPS Web Forms allows Upload a Web Shell to a Web Server.This issue affects 4ECPS Web Forms: from n/a through 0.2.18. Severity: 10.0 | CRITICAL Visit the link…
-
CVE-2023-24012 – “ThreatX DDS PKCS7 Signature Bypass”
CVE ID : CVE-2023-24012 Published : Jan. 9, 2025, 3:15 p.m. | 22 hours, 37 minutes ago Description : An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s…