[11/01/2026 15:07] ATENÇÃO - 11/01 15:04 - TEMPORAL com RAIOS, RAJADAS DE VENTO, GRANIZO e ALAGAMENTOS na próxima 1 hora - Secretaria de Estado da Proteção e Defesa Civil

[11/01/2026 04:55] Previsão para os próximos 5 dias (11/01) - Secretaria de Estado da Proteção e Defesa Civil

[11/01/2026 06:22] Ação contra Maduro é recado de Trump para China, diz autora de livro sobre Doutrina Monroe - BBC

[12/01/2026 05:29] Banco Master: Toffoli e Moraes deveriam se declarar suspeitos, diz especialista em regulação - BBC

[11/01/2026 23:02] Trump publica imagem em que aparece como ‘presidente interino da Venezuela’ - O Globo

[11/01/2026 04:30] Preços abusivos nas praias do Rio: banhistas reclamam e quiosques são contra tabelar preços - O Globo

[12/01/2026 08:28] IPTU 2026: Prefeitura do Rio começa a enviar guias de pagamento - G1

[11/01/2026 21:42] Congresso terá força para derrubar o veto de Lula à dosimetria? - Gazeta do Povo

[11/01/2026 11:15] Ministro Alexandre de Moraes ensina institucionalidade ao CFM - ICL Notícias

[11/01/2026 04:00] Como Trump quer deter o silencioso avanço chinês na América do Sul - O Globo

[CVE-2025-10407] [Modified: 18-09-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_user.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

[CVE-2025-10408] [Modified: 18-09-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A security flaw has been discovered in SourceCodester Student Grading System 1.0. Affected by this issue is some unknown functionality of the file /edit_user.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited.

[CVE-2025-10409] [Modified: 19-09-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A weakness has been identified in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /rms.php?page=users. Executing manipulation of the argument fname can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited.

[CVE-2025-10410] [Modified: 18-09-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A security vulnerability has been detected in SourceCodester Link Status Checker 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument proxy leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

[CVE-2025-10411] [Modified: 18-09-2025] [Analyzed] [V3.1 S4.3:MEDIUM] A vulnerability was detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This issue affects some unknown processing of the file /stc-log-keeper/check_profile.php of the component POST Request Handler. The manipulation of the argument profile_id results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used.

[CVE-2025-10413] [Modified: 18-09-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability has been found in Campcodes Grocery Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=delete_customer. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

[CVE-2025-10414] [Modified: 18-09-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was found in Campcodes Grocery Sales and Inventory System 1.0. The impacted element is an unknown function of the file /ajax.php?action=save_customer. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

[CVE-2025-10415] [Modified: 18-09-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was determined in Campcodes Grocery Sales and Inventory System 1.0. This affects an unknown function of the file /ajax.php?action=save_supplier. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

[CVE-2025-10416] [Modified: 18-09-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was identified in Campcodes Grocery Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_supplier. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

[CVE-2025-10417] [Modified: 19-09-2025] [Analyzed] [V3.1 S7.3:HIGH] A security flaw has been discovered in Campcodes Grocery Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=delete_product. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.

[CVE-2025-10418] [Modified: 19-09-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A weakness has been identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_students.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

[CVE-2025-10419] [Modified: 19-09-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A security vulnerability has been detected in SourceCodester Student Grading System 1.0. Affected by this issue is some unknown functionality of the file /del_promote.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

[CVE-2025-10420] [Modified: 19-09-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A vulnerability was detected in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /form137.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used.

[CVE-2025-10421] [Modified: 19-09-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A flaw has been found in SourceCodester Student Grading System 1.0. This vulnerability affects unknown code of the file /update_account.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.

[CVE-2025-10422] [Modified: 14-10-2025] [Analyzed] [V3.1 S4.3:MEDIUM] A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the function paySuccess of the file /paySuccess of the component Order Status Handler. The manipulation of the argument orderNo leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided.

[CVE-2025-10423] [Modified: 14-10-2025] [Analyzed] [V3.1 S3.7:LOW] A vulnerability was found in newbee-mall 1.0. Impacted is the function mallKaptcha of the file /common/mall/kaptcha. The manipulation results in guessable captcha. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The exploit has been made public and could be used.

[CVE-2025-10424] [Modified: 18-09-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was determined in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The affected element is an unknown function of the file /admin/controller/faculty_controller.php. This manipulation of the argument new_image causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

[CVE-2025-10425] [Modified: 18-09-2025] [Analyzed] [V3.1 S7.3:HIGH] A vulnerability was identified in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The impacted element is an unknown function of the file /admin/controller/student_controller.php. Such manipulation of the argument new_image leads to unrestricted upload. The attack may be performed from remote. The exploit is publicly available and might be used.

[CVE-2025-10426] [Modified: 18-09-2025] [Analyzed] [V3.1 S7.3:HIGH] A security flaw has been discovered in itsourcecode Online Laundry Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited.

[CVE-2025-10427] [Modified: 18-09-2025] [Analyzed] [V3.1 S6.3:MEDIUM] A weakness has been identified in SourceCodester Pet Grooming Management Software 1.0. This impacts an unknown function of the file /admin/operation/user.php. Executing manipulation of the argument website_image can lead to unrestricted upload. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.