Current Conditions
São Paulo
nuvens quebradas

24 ℃
84%
Temperatura
Umidade
Fonte: OpenWeatherMap. - 12:30:01
  1. [USD] USD 67,926.30
  1. [BRL] BRL 356,270.07 [USD] USD 67,926.30 [GBP] GBP 50,664.80 [EUR] EUR 58,471.44
    Price index provided by blockchain.info.
  2. Bitcoin Core version 29.3 is now available for download. See the release notes for more information about the bug fixes in this release.
    If you have any questions, please stop by the #bitcoin IRC chatroom (IRC, web) and we’ll do our best to help you.

[CVE-2025-12853] [Modified: 18-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affects the function delete_house of the file /admin_class.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

[CVE-2025-12855] [Modified: 17-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A security flaw has been discovered in code-projects Responsive Hotel Site 1.0. This issue affects some unknown processing of the file /admin/newsletterdel.php. The manipulation of the argument eid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.

[CVE-2025-12856] [Modified: 17-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A weakness has been identified in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/reservation.php. This manipulation of the argument email causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

[CVE-2025-12857] [Modified: 17-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A security vulnerability has been detected in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/roombook.php. Such manipulation of the argument rid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

[CVE-2025-34299] [Modified: 10-12-2025] [Analyzed] [V3.1 S9.8:CRITICAL] Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitrary code by uploading a specially crafted file from a malicious (S)FTP server.

[CVE-2025-12859] [Modified: 20-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file /admin/templets_one_edit.php. The manipulation of the argument ids leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

[CVE-2025-12860] [Modified: 20-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelist_main.php. The manipulation of the argument orderby results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.

[CVE-2025-12861] [Modified: 20-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/spec_add.php. This manipulation of the argument flags[] causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

[CVE-2025-47207] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] A NULL pointer dereference vulnerability has been reported to affect several product versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-52425] [Modified: 14-11-2025] [Analyzed] [V3.1 S9.8:CRITICAL] An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QuMagie 2.7.0 and later

[CVE-2025-52865] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53408] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53409] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53410] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53411] [Modified: 14-11-2025] [Analyzed] [V3.1 S4.9:MEDIUM] An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53412] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53413] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-54168] [Modified: 14-11-2025] [Analyzed] [V3.1 S4.8:MEDIUM] A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.923 ( 2025/08/27 ) and later

[CVE-2025-57706] [Modified: 14-11-2025] [Analyzed] [V3.1 S5.4:MEDIUM] A cross-site scripting (XSS) vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-57712] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.3 ( 2025/08/28 ) and later