CVE ID : CVE-2025-7158

Published : July 8, 2025, 3:15 a.m. | 3 hours, 36 minutes ago

Description : A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-normal-ticket.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-7159

Published : July 8, 2025, 3:15 a.m. | 3 hours, 36 minutes ago

Description : A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/manage-animals.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-7160

Published : July 8, 2025, 4:15 a.m. | 2 hours, 35 minutes ago

Description : A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. This affects an unknown part of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-7161

Published : July 8, 2025, 4:15 a.m. | 2 hours, 35 minutes ago

Description : A vulnerability classified as critical was found in PHPGurukul Zoo Management System 2.1. This vulnerability affects unknown code of the file /admin/add-normal-ticket.php. The manipulation of the argument cprice leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5537

Published : July 8, 2025, 5:15 a.m. | 1 hour, 36 minutes ago

Description : The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alternative texts in all versions up to, and including, 2.7.34 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5957

Published : July 8, 2025, 5:15 a.m. | 1 hour, 36 minutes ago

Description : The Guest Support – Complete customer support ticket system for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ‘deleteMassTickets’ function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to delete arbitrary support tickets.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-7162

Published : July 8, 2025, 5:15 a.m. | 1 hour, 36 minutes ago

Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Zoo Management System 2.1. This issue affects some unknown processing of the file /admin/add-foreigners-ticket.php. The manipulation of the argument cprice leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-7163

Published : July 8, 2025, 5:15 a.m. | 1 hour, 36 minutes ago

Description : A vulnerability, which was classified as critical, was found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/add-animals.php. The manipulation of the argument cnum leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-7164

Published : July 8, 2025, 6:15 a.m. | 36 minutes ago

Description : A vulnerability has been found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-7165

Published : July 8, 2025, 6:15 a.m. | 36 minutes ago

Description : A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-7327

Published : July 8, 2025, 6:15 a.m. | 36 minutes ago

Description : The Widget for Google Reviews plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.0.15 via the layout parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. This is limited to just PHP files.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More

Everything feels secure—until one small thing slips through. Even strong systems can break if a simple check is missed or a trusted tool is misused. Most threats don’t start with alarms—they sneak in …
Read more

Published Date:
Jul 07, 2025 (19 hours, 29 minutes ago)

Vulnerabilities has been mentioned in this article.

Microsoft Edge Achieves Sub-300ms FCP: Browser UI Now Loads Instantly

According to Microsoft’s latest blog post, the initial content rendering time—also known as First Contentful Paint (FCP)—in the Microsoft Edge browser has now been reduced to under 300 milliseconds, s …
Read more

Published Date:
Jul 08, 2025 (3 hours, 49 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2023-36735

CISA Adds Zimbra Vulnerability CVE-2019-9621 to KEV Catalog

🔍 OverviewCVE ID: CVE-2019-9621Platform Affected: Zimbra Collaboration Suite (ZCS)Vulnerability Type: Server-Side Request Forgery (SSRF)CVSS Score: 9.8 (Critical)Exploit Status: Actively Exploited in …
Read more

Published Date:
Jul 08, 2025 (3 hours, 35 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2019-9621

CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation

Cyber Attacks / Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence …
Read more

Published Date:
Jul 08, 2025 (1 hour, 47 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-6543

CVE-2025-5777

CVE-2019-9621

CVE-2019-5418

CVE-2014-3931

CVE-2016-10033

From questions of cannibalization to degrading the value of all of gaming, Xbox Game Pass has been zeroed in on…

When you’re working with any website, application, or API, you’ll inevitably need to log in and authenticate your user base.…

For all their impressive capabilities, large language models (LLMs) often fall short when given challenging new tasks that require complex…

Our 215th episode with a summary and discussion of last week’s big AI news!Recorded on 07/04/2025 Hosted by Andrey Kurenkov…

Accessibility testing guarantees that software applications can be used effectively by all individuals, including those with disabilities. Many users rely…