CVE Alert: CVE-2025-31101
Vulnerability Summary: CVE-2025-31101 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vault Group Pty Ltd VaultRE...
Month: March 2025
CVE Alert: CVE-2025-2878
Vulnerability Summary: CVE-2025-2878 A vulnerability was found in Kentico CMS up to 13.0.178. It has been declared as problematic. Affected...
CVE Alert: CVE-2025-26873
Vulnerability Summary: CVE-2025-26873 Deserialization of Untrusted Data vulnerability in Shinetheme Traveler.This issue affects Traveler: from n/a through 3.1.8. Affected Endpoints:...
CVE Alert: CVE-2025-31031
Vulnerability Summary: CVE-2025-31031 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify Job Colors for WP...
Microsoft Edge Security Restriction Bypass Vulnerability
A vulnerability was identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger security restriction bypass on...
Unlocking Blockchain Security in the Digital Age
Blockchain technology has revolutionized how we think about data security and transactions. However, it is not without its vulnerabilities. Understanding...
Cobalt Strike Beacon Detected – 139[.]9[.]135[.]76:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 62[.]234[.]27[.]146:3306
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 148[.]66[.]2[.]198:8083
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-28916
Vulnerability Summary: CVE-2025-28916 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound...
CVE Alert: CVE-2025-28917
Vulnerability Summary: CVE-2025-28917 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Custom Smilies allows Stored...
CVE Alert: CVE-2025-28899
Vulnerability Summary: CVE-2025-28899 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Event Ticketing allows...
CVE Alert: CVE-2025-28911
Vulnerability Summary: CVE-2025-28911 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gravity2pdf Gravity 2 PDF allows...
CVE Alert: CVE-2025-28903
Vulnerability Summary: CVE-2025-28903 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Driving Directions allows Reflected...
CVE Alert: CVE-2025-28934
Vulnerability Summary: CVE-2025-28934 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Simple Post Series allows...
CVE Alert: CVE-2025-28939
Vulnerability Summary: CVE-2025-28939 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound WP Google...
CVE Alert: CVE-2025-28898
Vulnerability Summary: CVE-2025-28898 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound WP Multistore...
CVE Alert: CVE-2025-28935
Vulnerability Summary: CVE-2025-28935 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in puzich Fancybox Plus allows Reflected...
CVE Alert: CVE-2025-28928
Vulnerability Summary: CVE-2025-28928 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sureshdsk Are you robot google...
HackerOne Bug Bounty Disclosure: http-response-header-injection-in-shopify-pitchfork-rack-ooooooo-q
Company Name: Shopify Company HackerOne URL: https://hackerone.com/shopify Submitted By:ooooooo_qLink to Submitters Profile:https://hackerone.com/ooooooo_q Report Title:HTTP Response Header Injection in shopify/pitchfork +...
HackerOne Bug Bounty Disclosure: cloudflare-waf-bypass-origin-ip-exposure-aaravhex
Company Name: Hemi VDP Company HackerOne URL: https://hackerone.com/hemi_labs_vdp Submitted By:aaravhexLink to Submitters Profile:https://hackerone.com/aaravhex Report Title:Cloudflare WAF Bypass - Origin IP...
CVE Alert: CVE-2025-30524
Vulnerability Summary: CVE-2025-30524 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in origincode Product Catalog...
CVE Alert: CVE-2025-28924
Vulnerability Summary: CVE-2025-28924 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ZenphotoPress allows Reflected XSS....
CVE Alert: CVE-2025-28942
Vulnerability Summary: CVE-2025-28942 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Trust Payments Trust...
