[06/03/2026 23:58] 'Sicário' de Vorcaro morre no hospital, diz advogado - G1

[07/03/2026 09:53] Show do Coldplay, hotel de 'White Lotus' e mais: Vorcaro organizou festa de R$ 220 milhões na Itália em 2023; veja detalhes - G1

[06/03/2026 16:52] Trump descarta acordo e exige a ‘rendição incondicional’ do Irã - CartaCapital

[06/03/2026 08:42] Guerra no Irã completa uma semana: o que aconteceu até agora - BBC

[07/03/2026 05:30] Cela de 6 m² e 6 refeições: a rotina de Vorcaro na penitenciária federal - UOL Notícias

[07/03/2026 10:30] A Hora: Virada de Motta evita derrota de Lula e dribla lobby das bets - UOL Notícias

[07/03/2026 08:31] Datafolha divulga neste sábado nova pesquisa sobre a eleição presidencial - CartaCapital

[07/03/2026 07:39] Frente fria e baixa pressão trazem chuva, temporais e encerram período quente - MetSul Meteorologia

[06/03/2026 22:04] Presidente da CPMI do INSS nega ter divulgado material sigiloso envolvendo ministros do STF - G1

[07/03/2026 08:40] Marçal nega moderação e diz: “Não vai ter trégua para comunista” - Revista Oeste

[CVE-2025-12853] [Modified: 18-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affects the function delete_house of the file /admin_class.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

[CVE-2025-12855] [Modified: 17-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A security flaw has been discovered in code-projects Responsive Hotel Site 1.0. This issue affects some unknown processing of the file /admin/newsletterdel.php. The manipulation of the argument eid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.

[CVE-2025-12856] [Modified: 17-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A weakness has been identified in code-projects Responsive Hotel Site 1.0. Impacted is an unknown function of the file /admin/reservation.php. This manipulation of the argument email causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

[CVE-2025-12857] [Modified: 17-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A security vulnerability has been detected in code-projects Responsive Hotel Site 1.0. The affected element is an unknown function of the file /admin/roombook.php. Such manipulation of the argument rid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

[CVE-2025-34299] [Modified: 10-12-2025] [Analyzed] [V3.1 S9.8:CRITICAL] Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitrary code by uploading a specially crafted file from a malicious (S)FTP server.

[CVE-2025-12859] [Modified: 20-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A vulnerability has been found in DedeBIZ up to 6.3.2. This impacts an unknown function of the file /admin/templets_one_edit.php. The manipulation of the argument ids leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

[CVE-2025-12860] [Modified: 20-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelist_main.php. The manipulation of the argument orderby results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.

[CVE-2025-12861] [Modified: 20-11-2025] [Analyzed] [V3.1 S4.7:MEDIUM] A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/spec_add.php. This manipulation of the argument flags[] causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

[CVE-2025-47207] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] A NULL pointer dereference vulnerability has been reported to affect several product versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-52425] [Modified: 14-11-2025] [Analyzed] [V3.1 S9.8:CRITICAL] An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QuMagie 2.7.0 and later

[CVE-2025-52865] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53408] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53409] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53410] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53411] [Modified: 14-11-2025] [Analyzed] [V3.1 S4.9:MEDIUM] An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53412] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-53413] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-54168] [Modified: 14-11-2025] [Analyzed] [V3.1 S4.8:MEDIUM] A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.923 ( 2025/08/27 ) and later

[CVE-2025-57706] [Modified: 14-11-2025] [Analyzed] [V3.1 S5.4:MEDIUM] A cross-site scripting (XSS) vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

[CVE-2025-57712] [Modified: 14-11-2025] [Analyzed] [V3.1 S6.5:MEDIUM] A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.3 ( 2025/08/28 ) and later