Top 100 Recent CVEs

CVE-2025-5444 6.3
Published: 2025-06-02T12:15:26.337

What it does:

This vulnerability allows an attacker to inject operating system commands into certain Linksys router models (RE6500, RE6250, RE6300, RE6350, RE7000, and RE9000) by manipulating specific arguments in the RP_UpgradeFWByBBS function, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to execute arbitrary operating system commands on the affected routers, potentially leading to unauthorized access, data theft, or other malicious activities, and the fact that the exploit has been publicly disclosed increases the risk of it being used by malicious actors.

Steps to mitigate:

  • Check for firmware updates from Linksys and apply them as soon as possible
  • Change default passwords and settings on the affected routers
  • Limit remote access to the routers and enable firewall rules to restrict incoming traffic
  • Monitor network traffic for suspicious activity
  • Consider replacing affected routers with newer models that are not vulnerable to this exploit.
CVE-2025-5443 6.3
Published: 2025-06-02T12:15:26.143

What it does:

This vulnerability allows an attacker to inject operating system commands into certain Linksys Wi-Fi range extender models (RE6500, RE6250, RE6300, RE6350, RE7000, and RE9000) by manipulating specific arguments in the wirelessAdvancedHidden function, potentially giving them remote control over the device.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, meaning an attacker does not need physical access to the device to launch the attack. This could lead to unauthorized access, data theft, or other malicious activities, compromising the security of the network and connected devices.

Steps to mitigate:

  • Update firmware to the latest version if available
  • [Disable remote management on the device until a patch is released]
  • [Limit access to the device by changing default passwords and enabling WPA2 encryption with a strong password]
  • [Monitor network traffic for suspicious activity]
  • [Consider replacing the device if a patch is not forthcoming from the vendor]
CVE-2025-48990 0
Published: 2025-06-02T12:15:25.997

What it does:

The NeKernal operating system stack version 0.0.2 has a vulnerability that causes a 1-byte heap overflow in the `rt_copy_memory` function, allowing an extra null terminator to be written beyond the end of a 256-byte destination buffer.

Why it's a problem:

This vulnerability is a problem because it can potentially lead to buffer overflow attacks, which can cause the system to crash, allow unauthorized access, or execute malicious code, compromising the security and stability of the system.

Steps to mitigate:

  • Update to a patched version of NeKernal
  • [apply the patch from commit fb7b7f658327f659c6a6da1af151cb389c2ca4ee]
  • [avoid using the `rt_copy_memory` function with buffers of size 256 bytes until the patch is applied]
CVE-2025-48958 5.5
Published: 2025-06-02T12:15:25.840

What it does:

The CVE-2025-48958 vulnerability allows an attacker to inject malicious HTML code into the email section of the Froxlor customer account portal, which can redirect users to external malicious websites.

Why it's a problem:

This vulnerability is a problem because it can lead to phishing attacks, credential theft, and reputational damage, as attackers can use it to trick users into revealing sensitive information or installing malware, all without needing authentication.

Steps to mitigate:

  • Update Froxlor to version 2.2.6 or later
  • Validate and sanitize all user input in the email section
  • Implement additional security measures, such as web application firewalls and phishing detection tools, to detect and prevent similar attacks.
CVE-2025-48957 7.5
Published: 2025-06-02T12:15:25.680

What it does:

The CVE-2025-48957 vulnerability allows an attacker to access sensitive information, such as API keys and account passwords, by exploiting a path traversal weakness in AstrBot versions 3.4.4 through 3.5.12.

Why it's a problem:

This vulnerability is a problem because it can lead to unauthorized access to sensitive data, potentially allowing attackers to gain control over accounts, steal confidential information, or disrupt services, ultimately compromising the security and integrity of the affected systems.

Steps to mitigate:

  • Upgrade to AstrBot version 3.5.13 or later
  • Edit the `cmd_config.json` file to disable the dashboard feature as a temporary workaround
  • Monitor your system for any suspicious activity and take immediate action if you suspect an exploit has occurred.
CVE-2025-48955 6.2
Published: 2025-06-02T12:15:25.523

What it does:

The CVE-2025-48955 vulnerability in Para backend server/framework versions prior to 1.50.8 causes access and secret keys to be exposed in logs without redaction, and these credentials are reused in variable assignments.

Why it's a problem:

This vulnerability is a problem because it allows sensitive credentials to be visible in logs, potentially giving unauthorized access to sensitive information and compromising system security.

Steps to mitigate:

  • Update Para to version 1.50.8 or later
  • Review logs for exposed credentials and take steps to secure them
  • Monitor system for any suspicious activity related to the exposed credentials
CVE-2025-48495 0
Published: 2025-06-02T12:15:25.380

What it does:

The CVE-2025-48495 vulnerability allows an authenticated user to inject JavaScript code into the API key overview of a Gokapi file sharing server by renaming the friendly name of an API key, which can then be executed when another user views the API tab.

Why it's a problem:

This vulnerability is a problem because it enables malicious users to inject and execute arbitrary code, potentially leading to unauthorized access, data theft, or other malicious activities, especially since prior to version 2.0.0, all authenticated users had access to all resources, including end-to-end encrypted files.

Steps to mitigate:

  • Update to Gokapi version 2.0.0 or later
  • [Avoid opening the API page if there's a possibility that another user might have injected code]
  • Implement strict user permission and access controls to limit user capabilities
  • [Monitor user activities and API key usage for suspicious behavior]
CVE-2025-46807 0
Published: 2025-06-02T12:15:24.800

What it does:

The CVE-2025-46807 vulnerability allows attackers to exhaust the file descriptors in sslh, a service that enables multiple protocols to share the same port, by allocating resources without limits or throttling.

Why it's a problem:

This vulnerability is a problem because it enables attackers to deny legitimate users access to the service, effectively causing a denial-of-service (DoS) attack, which can disrupt business operations and impact users who rely on the service.

Steps to mitigate:

  • Update sslh to version 2.2.4 or later
  • Implement rate limiting and IP blocking to prevent excessive connections
  • Monitor file descriptor usage and adjust system configuration to prevent exhaustion
  • Consider implementing additional security measures such as intrusion detection and prevention systems.
CVE-2025-5442 6.3
Published: 2025-06-02T11:15:23.260

What it does:

This vulnerability allows an attacker to inject operating system commands into certain Linksys Wi-Fi range extender models (RE6500, RE6250, RE6300, RE6350, RE7000, and RE9000) by manipulating a specific argument in the RP_pingGatewayByBBS function, potentially giving them remote control over the device.

Why it's a problem:

This is a problem because it enables remote attackers to execute arbitrary commands on the affected devices, which could lead to unauthorized access, data theft, or other malicious activities, compromising the security of the network and connected devices.

Steps to mitigate:

  • Update firmware to a version other than 1.0.013.001, 1.0.04.001, 1.0.04.002, 1.1.05.003, or 1.2.07.001
  • [Disable remote access to the device until a patch is available]
  • Change default passwords and credentials to prevent exploitation
  • [Monitor network activity for suspicious behavior]
  • Contact Linksys support for further guidance and potential patches.
CVE-2025-5441 6.3
Published: 2025-06-02T11:15:23.060

What it does:

This vulnerability allows an attacker to inject operating system commands into certain Linksys router models (RE6500, RE6250, RE6300, RE6350, RE7000, and RE9000) by manipulating the DeviceURL argument in the setDeviceURL function, which can be done remotely.

Why it's a problem:

This is a problem because it enables remote attackers to execute arbitrary commands on the affected routers, potentially allowing them to gain control, steal sensitive information, or disrupt network operations, which can compromise the security and integrity of the network.

Steps to mitigate:

  • Update router firmware to a version that is not vulnerable
  • [Disconnect the router from the internet until a patch is available]
  • Change default passwords and enable WPA2 encryption to limit potential damage
  • [Monitor network traffic for suspicious activity]
  • Contact Linksys support for guidance on patching or replacing the affected device.
CVE-2025-48494 0
Published: 2025-06-02T11:15:22.867

What it does:

The CVE-2025-48494 vulnerability allows an attacker to upload a file with JavaScript code embedded in the filename to a Gokapi file sharing server, which can then be executed when the upload list is opened, potentially leading to cross-site scripting attacks.

Why it's a problem:

This vulnerability is a problem because it can be exploited by any authenticated user to inject malicious code, potentially stealing sensitive information or taking control of the system, especially in versions prior to 2.0.0 where all authenticated users have access to all resources, including end-to-end encrypted files.

Steps to mitigate:

  • Update to Gokapi version 2.0.0 or later
  • [Disable end-to-end encryption as a temporary workaround]
  • [Restrict access to the file sharing server to only trusted users]
  • Regularly monitor the server for suspicious activity and update software as soon as security patches are available.
CVE-2025-47289 6.3
Published: 2025-06-02T11:15:22.710

What it does:

This vulnerability allows an attacker to inject malicious JavaScript code into the testimonial description field of the CE Phoenix eCommerce platform, which executes when a user visits the testimonial page, potentially leading to the theft of session cookies.

Why it's a problem:

This is a problem because the stolen session cookies can be used by the attacker to take over user accounts, including those of administrators, since the cookies are not protected with the `HttpOnly` flag, allowing the attacker to access sensitive information and perform unauthorized actions.

Steps to mitigate:

  • Update CE Phoenix to version 1.1.0.3 or later
  • Ensure that all session cookies are marked with the `HttpOnly` flag to prevent JavaScript access
  • Monitor user accounts for suspicious activity and consider resetting session cookies for all users to prevent potential takeovers.
CVE-2025-47272 5.5
Published: 2025-06-02T11:15:22.557

What it does:

The CE Phoenix eCommerce platform has a vulnerability that allows logged-in users to delete their accounts without needing to re-enter their password, which can be exploited by an attacker with temporary access to an authenticated session.

Why it's a problem:

This vulnerability is a problem because it puts users at risk of losing their accounts and disrupting their data, as an attacker could permanently delete a user's account without knowing the password.

Steps to mitigate:

  • Update CE Phoenix eCommerce platform to version 1.1.0.3 or later]
  • [Use strong security measures to protect against unauthorized access to authenticated sessions]
  • [Implement additional authentication steps for critical actions like account deletion]
  • [Monitor account activity for suspicious behavior.
CVE-2025-3454 5.0
Published: 2025-06-02T11:15:22.167

What it does:

This vulnerability allows an attacker to bypass authorization checks in Grafana's datasource proxy API by adding an extra slash character in the URL path, potentially giving them unauthorized read access to certain endpoints.

Why it's a problem:

This vulnerability is a problem because it enables users with minimal permissions to access sensitive data in Alertmanager and Prometheus datasources, which could lead to unauthorized disclosure of information.

Steps to mitigate:

  • Update Grafana to the latest version]
  • [Implement additional authentication measures for datasources]
  • [Restrict access to Alertmanager and Prometheus datasources to only necessary personnel]
  • [Monitor datasource proxy API logs for suspicious activity
CVE-2025-29785 7.5
Published: 2025-06-02T11:15:21.953

What it does:

The CVE-2025-29785 vulnerability allows a malicious QUIC client to trigger a nil-pointer dereference in the quic-go implementation by sending specifically crafted packets, including valid QUIC packets from different remote addresses and fake ACKs, exploiting the loss recovery logic for path probe packets.

Why it's a problem:

This vulnerability is a problem because it can cause a server using the quic-go implementation to crash or become unstable, potentially leading to a denial-of-service (DoS) attack, which can disrupt the availability of services and impact users.

Steps to mitigate:

  • Update to quic-go version v0.50.1 or later]
  • [Apply the patch provided in the v0.50.1 release]
  • [Monitor server logs for potential crashes or instability related to QUIC connections]
CVE-2025-1246 0
Published: 2025-06-02T11:15:21.823

What it does:

This vulnerability allows a non-privileged user process to access memory outside of the designated buffer bounds on certain Arm GPU userspace drivers, potentially through WebGL or WebGPU operations.

Why it's a problem:

This vulnerability is a problem because it can enable unauthorized access to sensitive data, potentially leading to data breaches, crashes, or other malicious activities, by allowing a user process to bypass normal memory restrictions.

Steps to mitigate:

  • Update Arm Ltd Bifrost GPU Userspace Driver to version r52p0 or later
  • r50p1 or later for specific releases
  • Update Valhall GPU Userspace Driver to version r55p0 or later
  • r50p1 or later for specific releases
  • Update Arm 5th Gen GPU Architecture Userspace Driver to version r55p0 or later
  • r50p1 or later for specific releases
  • Avoid using WebGL or WebGPU until the update is applied
  • Contact Arm Ltd support for further guidance and patches.
CVE-2025-0819 0
Published: 2025-06-02T11:15:21.707

What it does:

The CVE-2025-0819 vulnerability allows a local non-privileged user process to access and use memory that has already been freed by the system, specifically in the context of Arm Ltd's Bifrost, Valhall, and 5th Gen GPU Architecture Kernel Drivers, by performing valid GPU memory processing operations.

Why it's a problem:

This vulnerability is a problem because it can enable an attacker to potentially execute arbitrary code, escalate privileges, or cause a denial-of-service by manipulating the already freed memory, which could lead to system instability or security breaches.

Steps to mitigate:

  • Update Arm Ltd Bifrost GPU Kernel Driver to version r49p4 or later
  • r50p1 or later
  • Update Arm Ltd Valhall GPU Kernel Driver to version r49p4 or later
  • r50p1 or later
  • r54p1 or later
  • Update Arm 5th Gen GPU Architecture Kernel Driver to version r49p4 or later
  • r50p1 or later
  • r54p1 or later
  • Apply security patches from Arm Ltd as soon as they become available
  • Monitor system logs for suspicious activity related to GPU memory processing.
CVE-2025-0073 0
Published: 2025-06-02T11:15:21.067

What it does:

The CVE-2025-0073 vulnerability allows a local non-privileged user process to access and process memory on Arm Ltd's Valhall GPU and 5th Gen GPU Architecture that has already been freed, due to a Use After Free flaw in the kernel driver.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to sensitive memory areas, potentially leading to data breaches, privilege escalation, or other malicious activities, which can compromise the security and integrity of the system.

Steps to mitigate:

  • Update Valhall GPU Kernel Driver to version r54p0 or later
  • Update Arm 5th Gen GPU Architecture Kernel Driver to version r54p0 or later
  • Restrict local user privileges to prevent exploitation
  • Monitor system logs for suspicious activity related to GPU memory processing.
CVE-2025-5440 6.3
Published: 2025-06-02T10:15:22.180

What it does:

This vulnerability allows an attacker to inject operating system commands into certain Linksys router models (RE6500, RE6250, RE6300, RE6350, RE7000, and RE9000) by manipulating specific date and time settings in the Network Time Protocol (NTP) function, which can be done remotely.

Why it's a problem:

This is a problem because it enables unauthorized access and control over the affected routers, potentially leading to malicious activities such as data theft, malware distribution, or disruption of network services, compromising the security and integrity of the network.

Steps to mitigate:

  • Update router firmware to the latest version
  • [Disable remote access to the router until a patch is available]
  • Change default passwords and credentials to prevent unauthorized access
  • Monitor network traffic for suspicious activity
  • Contact Linksys support for further guidance and potential patches.
CVE-2025-5439 6.3
Published: 2025-06-02T10:15:21.907

What it does:

The CVE-2025-5439 vulnerability allows an attacker to inject operating system commands into certain Linksys router models (RE6500, RE6250, RE6300, RE6350, RE7000, and RE9000) by manipulating the "uid" or "accessToken" argument in the "verifyFacebookLike" function, which can be exploited remotely.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to execute arbitrary operating system commands on the affected routers, potentially allowing them to take control of the device, steal sensitive information, or disrupt network operations, which can have serious security and privacy implications.

Steps to mitigate:

  • Update router firmware to a version that is not affected by this vulnerability
  • [Disable remote access to the router until a patch is available]
  • Change default passwords and credentials to prevent unauthorized access
  • Monitor network activity for suspicious behavior
  • Contact Linksys support for further guidance and potential patches.
CVE-2025-3260 8.3
Published: 2025-06-02T10:15:21.740

What it does:

This vulnerability allows authenticated users to bypass dashboard and folder permissions in Grafana, giving them unauthorized access to view, edit, or delete dashboards and folders, regardless of their assigned roles.

Why it's a problem:

This is a problem because it undermines the access control and permission settings in place, potentially exposing sensitive information and allowing unauthorized modifications to dashboards and folders, which could lead to data breaches or disruptions.

Steps to mitigate:

  • Update to the latest version of Grafana that includes the security patch
  • [Apply the recommended security configuration to restrict access to sensitive dashboards and folders]
  • Monitor dashboard and folder access logs for suspicious activity
  • Restrict roles and permissions to the minimum required for each user
  • Consider temporarily revoking editor roles for users who do not require them until the patch is applied.
CVE-2025-1750 0
Published: 2025-06-02T10:15:20.557

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the delete function of DuckDBVectorStore, enabling them to manipulate the ref_doc_id parameter and access arbitrary files on the server, potentially leading to remote code execution.

Why it's a problem:

This vulnerability is a problem because it can give an attacker unauthorized access to sensitive files and data on the server, and potentially allow them to execute malicious code remotely, leading to a complete compromise of the system.

Steps to mitigate:

  • Update to a patched version of run-llama/llama_index>
  • Use parameterized queries or prepared statements to prevent SQL injection
  • Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • Limit file system access and validate user input to prevent arbitrary file reading and writing.
CVE-2025-5455 0
Published: 2025-06-02T09:15:21.493

What it does:

The CVE-2025-5455 vulnerability occurs when the qDecodeDataUrl() function in Qt's QtCore is called with malformed data, such as a URL containing a "charset" parameter without a value, causing the program to hit an assertion and result in a denial of service (abort) if Qt is built with assertions enabled.

Why it's a problem:

This vulnerability is a problem because it can be exploited to cause a denial of service, potentially disrupting the functionality of applications that rely on Qt, leading to system crashes or aborts, and impacting the overall reliability and availability of the system.

Steps to mitigate:

  • Update Qt to version 5.15.19 or later
  • Update Qt to version 6.5.9 or later
  • Update Qt to version 6.8.4 or later
  • Update Qt to version 6.9.1 or later
  • Avoid using malformed URLs with missing "charset" parameter values in Qt-based applications.
CVE-2025-5438 6.3
Published: 2025-06-02T09:15:21.280

What it does:

This vulnerability allows an attacker to inject commands into certain Linksys Wi-Fi range extender models (RE6500, RE6250, RE6300, RE6350, RE7000, and RE9000) by manipulating the PIN argument in the WPS function, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to execute arbitrary commands on the affected device, potentially leading to unauthorized access, data theft, or other malicious activities, and the fact that the exploit has been publicly disclosed makes it more likely to be used by malicious actors.

Steps to mitigate:

  • Disable WPS on the affected device
  • Update the device to a newer firmware version if available
  • Change the default administrator password and PIN
  • Limit remote access to the device
  • Monitor the device for suspicious activity and consider replacing it if a patch is not available.
CVE-2025-5437 5.3
Published: 2025-06-02T09:15:21.027

What it does:

This vulnerability allows an attacker to exploit the Password Change Handler in the Multilaser Sirius RE016 MLT1.0, specifically targeting the /cgi-bin/cstecgi.cgi file, which can lead to improper authentication, enabling remote unauthorized access.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to bypass authentication mechanisms and potentially gain access to sensitive information or systems without proper authorization, which can lead to data breaches, system compromises, or other malicious activities.

Steps to mitigate:

  • Update the Multilaser Sirius RE016 MLT1.0 firmware to the latest version if available
  • [Contact the vendor for a patch or workaround since they have been notified]
  • [Implement additional security measures such as firewall rules or access controls to limit remote access to the vulnerable system]
  • [Monitor the system for suspicious activity and have an incident response plan in place]
CVE-2025-5436 5.3
Published: 2025-06-02T08:15:21.437

What it does:

This vulnerability in the Multilaser Sirius RE016 MLT1.0 allows attackers to manipulate the /cgi-bin/cstecgi.cgi file, leading to the disclosure of sensitive information, and can be initiated remotely.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to confidential information, potentially compromising the security and privacy of individuals or organizations using the affected device, and since the exploit is publicly disclosed, attackers can easily use it.

Steps to mitigate:

  • Update the Multilaser Sirius RE016 MLT1.0 to the latest version if available
  • [contact the vendor for a patch or workaround]
  • Implement network segmentation to limit access to the device
  • [use a firewall to block remote access to the /cgi-bin/cstecgi.cgi file]
  • Monitor the device for suspicious activity and signs of exploitation.
CVE-2025-5435 7.3
Published: 2025-06-02T08:15:21.230

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Marwal Infotech CMS 1.0 system by manipulating the "ID" argument in the /page.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and manipulate sensitive data in the database, potentially leading to data theft, modification, or deletion, and can also be used to gain unauthorized access to the system.

Steps to mitigate:

  • Update to a patched version of Marwal Infotech CMS if available
  • Implement a web application firewall (WAF) to detect and prevent SQL injection attacks
  • Use input validation and parameterized queries to prevent user-input data from being executed as SQL code
  • Limit remote access to the /page.php file and restrict user privileges to minimize potential damage.
CVE-2025-5113 0
Published: 2025-06-02T08:15:21.073

What it does:

The Diviotec professional series has a vulnerable web interface endpoint that allows attackers to inject arbitrary commands, and it also uses hardcoded passwords that can be easily discovered.

Why it's a problem:

This vulnerability is a problem because it enables attackers to execute unauthorized commands on the device, potentially leading to unauthorized access, data breaches, or system compromise, while the hardcoded passwords can be used to gain initial access or escalate privileges.

Steps to mitigate:

  • Change default passwords and avoid using hardcoded passwords
  • Implement input validation and sanitization on the vulnerable endpoint to prevent command injection
  • Update the Diviotec professional series device with a patch or firmware update from the manufacturer, if available
  • Limit access to the web interface through network segmentation and firewall rules
  • Monitor the device for suspicious activity and unauthorized access attempts.
CVE-2025-0358 8.8
Published: 2025-06-02T08:15:20.917

What it does:

This vulnerability allows a lower-privileged user to gain administrator privileges on Axis Communication devices due to a flaw in the VAPIX Device Configuration framework, enabling privilege escalation.

Why it's a problem:

This vulnerability is a problem because it allows unauthorized users to gain high-level access to devices, potentially leading to sensitive data exposure, device tampering, and disruption of services, which can have serious security and operational consequences.

Steps to mitigate:

  • Update Axis Communication devices to the latest firmware version
  • [apply patches or fixes provided by the manufacturer]
  • restrict access to the VAPIX Device Configuration framework to authorized personnel only
  • monitor device activity for suspicious behavior
  • change administrator passwords and credentials as a precautionary measure.
CVE-2025-0325 4.3
Published: 2025-06-02T08:15:20.767

What it does:

The CVE-2025-0325 vulnerability allows an attacker to manipulate a parameter in the Guard Tour VAPIX API, potentially blocking access to the guard tour configuration page on an Axis device's web interface.

Why it's a problem:

This vulnerability is a problem because it enables an attacker to restrict administrative access to important configuration settings, potentially disrupting security monitoring and management capabilities.

Steps to mitigate:

  • Update Axis device software to the latest version
  • [Apply security patches provided by the manufacturer]
  • [Restrict access to the Guard Tour VAPIX API to authorized personnel only]
  • [Monitor device logs for suspicious activity related to the guard tour configuration page]
CVE-2025-0324 9.4
Published: 2025-06-02T08:15:20.560

What it does:

The VAPIX Device Configuration framework has a vulnerability that allows a user with lower privileges to gain administrator privileges, giving them full control over the device.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized users to elevate their access and perform malicious actions, potentially leading to data breaches, system compromise, and other security threats.

Steps to mitigate:

  • Update the VAPIX Device Configuration framework to the latest version
  • [Apply patches or fixes provided by the vendor]
  • Limit user privileges and access to the device configuration framework
  • [Monitor device activity for suspicious behavior]
  • Change all administrator passwords and credentials after applying the update.
CVE-2025-5434 7.3
Published: 2025-06-02T07:15:22.230

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Aem Solutions CMS by manipulating the "ID" argument in the /page.php file, which can be done remotely.

Why it's a problem:

This is a problem because it enables attackers to access, modify, or extract sensitive data from the database, potentially leading to data breaches, unauthorized access, or disruption of services, and the fact that the exploit is publicly disclosed increases the likelihood of attacks.

Steps to mitigate:

  • Update Aem Solutions CMS to a version later than 1.0 if available
  • [Apply a web application firewall (WAF) to detect and prevent SQL injection attacks]
  • [Implement input validation and sanitization for the "ID" argument in the /page.php file
  • [Use a database query parameterization or prepared statements to prevent SQL injection
  • [Monitor database and system logs for suspicious activity and signs of potential exploitation]
CVE-2025-5433 6.3
Published: 2025-06-02T07:15:22.000

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Fengoffice Feng Office system by manipulating the "tz_offset" argument in the /index.php?c=account&a=set_timezone file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This SQL injection vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive data without needing physical access to the system, which can lead to data breaches, unauthorized modifications, and other malicious activities.

Steps to mitigate:

  • Update Fengoffice Feng Office to a version later than 3.5.1.5 if available
  • [Apply a web application firewall (WAF) to detect and prevent SQL injection attacks]
  • Limit remote access to the system and implement strict access controls
  • Use a SQL injection prevention tool to monitor and protect the database
  • Contact a security expert or the vendor for further guidance and support.
CVE-2025-4010 0
Published: 2025-06-02T07:15:21.833

What it does:

The Netcom NTC 6200 and NWL 222 series devices have a vulnerable web interface that allows attackers to inject arbitrary commands and access the system using hardcoded passwords, potentially leading to arbitrary code execution with elevated privileges.

Why it's a problem:

This vulnerability is a problem because it enables remote authenticated attackers to gain control of the device, allowing them to execute malicious code and access sensitive information, which can lead to unauthorized access, data breaches, and disruption of services.

Steps to mitigate:

  • Update device firmware to the latest version
  • [change all default and hardcoded passwords to unique and strong passwords]
  • restrict access to the web interface to only trusted users and networks
  • implement additional security measures such as two-factor authentication and intrusion detection systems
  • monitor device logs for suspicious activity.
CVE-2025-1235 4.3
Published: 2025-06-02T07:15:21.450

What it does:

This vulnerability allows a low-privileged attacker to set the device's date to January 19th, 2038, which exceeds the 32-bit time limit, causing the device's date to revert to January 1st, 1970.

Why it's a problem:

This vulnerability is a problem because it can disrupt the device's functionality and potentially cause issues with time-sensitive operations, such as scheduling, logging, and authentication, which can lead to system instability and security risks.

Steps to mitigate:

  • Update device firmware to a version that uses 64-bit timekeeping
  • [Patch the vulnerability with a vendor-provided fix]
  • [Implement restrictions on date changes to prevent unauthorized modifications
  • [Monitor device logs for suspicious date changes and take corrective action if necessary]
CVE-2025-5432 6.3
Published: 2025-06-02T06:15:21.023

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the AssamLook CMS 1.0 system by manipulating the "ID" argument in the /view_tender.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it gives attackers the ability to access and manipulate sensitive data in the database, potentially leading to data breaches, unauthorized access, and other malicious activities, and since the exploit is publicly available, it can be easily used by malicious actors.

Steps to mitigate:

  • Update AssamLook CMS to a patched version if available
  • [Apply input validation and sanitization to the "ID" argument in the /view_tender.php file
  • [Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Use a database access control system to limit the damage in case of a successful attack
  • [Monitor the system for suspicious activity and keep backups of important data].
CVE-2025-5431 6.3
Published: 2025-06-02T06:15:20.740

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the AssamLook CMS 1.0 system by manipulating the "ID" argument in the /department-profile.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive data without needing physical access to the system, and the fact that the exploit has been publicly disclosed means that attackers may already be using it.

Steps to mitigate:

  • Update to a patched version of AssamLook CMS if available
  • Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • Use input validation and sanitization to ensure that user-provided data is safe
  • Limit access to the /department-profile.php file and related functions to authorized personnel only
  • Monitor system logs for signs of suspicious activity and potential exploitation.
CVE-2025-3951 0
Published: 2025-06-02T06:15:20.620

What it does:

The WP-Optimize WordPress plugin, prior to version 4.2.0, fails to properly secure user input when checking image compression statuses, allowing administrators to potentially inject malicious SQL code in Multi-Site WordPress configurations.

Why it's a problem:

This vulnerability is a problem because it enables SQL Injection attacks, which can lead to unauthorized access, modification, or deletion of sensitive data within the database, compromising the security and integrity of the WordPress site.

Steps to mitigate:

  • Update the WP-Optimize plugin to version 4.2.0 or later
  • Limit administrator access to trusted users
  • Regularly monitor database activity for suspicious behavior
  • Consider implementing a Web Application Firewall (WAF) to detect and prevent SQL Injection attacks.
CVE-2025-1485 0
Published: 2025-06-02T06:15:20.267

What it does:

The Real Cookie Banner WordPress plugin has a vulnerability that allows high-privilege users, such as administrators, to inject malicious code into the plugin's settings, which can lead to Stored Cross-Site Scripting (XSS) attacks.

Why it's a problem:

This vulnerability is a problem because it enables attackers to inject malicious code into a website, potentially stealing user data, taking control of user sessions, or performing other malicious actions, even in environments where such capabilities are supposed to be restricted.

Steps to mitigate:

  • Update the Real Cookie Banner WordPress plugin to version 5.1.6 or later
  • Update the real-cookie-banner-pro WordPress plugin to version 5.1.6 or later
  • Restrict administrative access to trusted users only
  • Monitor website activity for signs of XSS attacks
  • Consider implementing a Web Application Firewall (WAF) to detect and prevent XSS attacks.
CVE-2025-5430 6.3
Published: 2025-06-02T05:16:09.920

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the AssamLook CMS 1.0 system by manipulating the "ID" argument in the /product.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and manipulate sensitive data in the database, potentially leading to data breaches, unauthorized access, and other malicious activities, which can compromise the security and integrity of the system.

Steps to mitigate:

  • Update to a patched version of AssamLook CMS if available
  • Implement a web application firewall (WAF) to detect and prevent SQL injection attacks
  • Use input validation and parameterized queries to prevent user-input data from being executed as SQL code
  • Limit database privileges to the minimum required for the application
  • Monitor system logs for suspicious activity and signs of potential exploitation.
CVE-2025-5429 6.3
Published: 2025-06-02T05:16:08.447

What it does:

The CVE-2025-5429 vulnerability allows an attacker to exploit improper access controls in the juzaweb CMS Plugins Page, specifically in the /admin-cp/plugin/install file, which can be initiated remotely.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to the system, potentially leading to malicious activities such as data breaches, system compromise, or other security threats, and the fact that the exploit has been publicly disclosed increases the risk of attack.

Steps to mitigate:

  • Update juzaweb CMS to a version later than 3.4.2 if available
  • [apply security patches or workaround provided by the community or security experts]
  • restrict access to the /admin-cp/plugin/install file and Plugins Page
  • [monitor system logs and network traffic for suspicious activity]
  • consider implementing additional access control measures such as two-factor authentication or IP blocking.
CVE-2025-49113 9.9
Published: 2025-06-02T05:15:53.420

What it does:

The CVE-2025-49113 vulnerability allows remote code execution by authenticated users in Roundcube Webmail versions before 1.5.10 and 1.6.x before 1.6.11, due to a lack of validation of the _from parameter in a specific URL, leading to PHP Object Deserialization.

Why it's a problem:

This vulnerability is a problem because it enables malicious users who have already gained authentication to execute arbitrary code on the server, potentially leading to unauthorized access, data theft, or complete system compromise, given its high severity score of 9.9.

Steps to mitigate:

  • Update Roundcube Webmail to version 1.5.10 or later for the 1.5.x branch
  • Update Roundcube Webmail to version 1.6.11 or later for the 1.6.x branch
  • Restrict access to the settings/upload.php page until the update can be applied
  • Monitor server logs for suspicious activity related to the vulnerability.
CVE-2025-49112 3.1
Published: 2025-06-02T05:15:21.277

What it does:

The CVE-2025-49112 vulnerability is an integer underflow issue in the setDeferredReply function of the networking.c component in Valkey versions up to 8.1.1, which occurs when calculating the size of a reply.

Why it's a problem:

This vulnerability is a problem because an integer underflow can cause the program to access or write to memory incorrectly, potentially leading to a crash, data corruption, or even allowing an attacker to execute arbitrary code, which could compromise the security and stability of the system.

Steps to mitigate:

  • Update Valkey to a version later than 8.1.1
  • [Apply a patch if available from the vendor]
  • Implement memory access controls and monitoring to detect potential exploitation attempts.
CVE-2025-25179 0
Published: 2025-06-02T05:15:20.160

What it does:

This vulnerability allows software running with limited privileges to make unauthorized requests to the computer's graphics processing unit (GPU), which can then be used to write data to any part of the computer's memory.

Why it's a problem:

This is a problem because it could allow an attacker to gain control over the computer by writing malicious data to sensitive areas of memory, potentially leading to a complete system compromise.

Steps to mitigate:

  • Update GPU drivers to the latest version
  • Implement memory protection mechanisms to restrict access to sensitive memory areas
  • Run software with limited privileges in a sandboxed environment to prevent potential damage
  • Monitor system logs for suspicious GPU activity
  • Apply operating system updates and patches as soon as they become available
CVE-2025-5428 6.3
Published: 2025-06-02T04:15:44.977

What it does:

The CVE-2025-5428 vulnerability allows an attacker to exploit improper access controls in the Error Logs Page of juzaweb CMS versions up to 3.4.2, potentially granting unauthorized access to sensitive information.

Why it's a problem:

This vulnerability is a problem because it enables remote attacks, allowing hackers to access restricted areas of the CMS without permission, which could lead to data breaches, system compromises, or other malicious activities.

Steps to mitigate:

  • Update juzaweb CMS to a version later than 3.4.2 if available
  • [apply security patches or workarounds provided by the community or third-party vendors if an official update is not available]
  • implement additional access controls and monitoring for the Error Logs Page to detect and prevent potential exploits
  • restrict remote access to the CMS administration panel to trusted IP addresses or users
  • regularly review and update security configurations to prevent similar vulnerabilities.
CVE-2025-5427 6.3
Published: 2025-06-02T04:15:44.000

What it does:

The CVE-2025-5427 vulnerability allows improper access controls in the juzaweb CMS, specifically in the Permalinks Page component, which can be exploited remotely to manipulate the system.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to the system, potentially allowing attackers to modify or exploit sensitive data, which can lead to security breaches and data compromisation.

Steps to mitigate:

  • Update juzaweb CMS to a version later than 3.4.2
  • [Apply security patches to the Permalinks Page component
  • [Implement additional access controls and restrictions to the /admin-cp/permalinks file
  • [Monitor system logs for suspicious activity and potential exploitation attempts
  • [Consider reaching out to a security expert or the juzaweb community for further guidance and support].
CVE-2024-11857 7.8
Published: 2025-06-02T04:15:26.000

What it does:

The Bluetooth HCI Adaptor from Realtek has a vulnerability that allows a local attacker to create a symbolic link, tricking the system into deleting arbitrary files, potentially leading to privilege escalation.

Why it's a problem:

This vulnerability is a problem because it enables attackers with regular privileges to gain elevated access and control over the system by deleting critical files, which can compromise the security and integrity of the system.

Steps to mitigate:

  • Update the Bluetooth HCI Adaptor software to the latest version
  • Implement strict file system permissions to limit the ability to create symbolic links
  • Monitor system logs for suspicious file deletion activity
  • Restrict local access to the system to trusted users only
  • Apply the vendor's recommended patch or workaround as soon as possible.
CVE-2025-5426 6.3
Published: 2025-06-02T03:15:25.717

What it does:

The CVE-2025-5426 vulnerability allows attackers to exploit improper access controls in the juzaweb CMS, specifically in the Menu Page component, by manipulating the /admin-cp/menus file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to the system, potentially allowing attackers to perform malicious actions, such as modifying or deleting sensitive data, or taking control of the affected system, which can lead to serious security breaches and data compromises.

Steps to mitigate:

  • Update juzaweb CMS to a version later than 3.4.2
  • [Apply security patches and fixes provided by the vendor or community]
  • [Implement additional access controls and authentication mechanisms to restrict remote access to the /admin-cp/menus file
  • [Monitor system logs and network activity for suspicious behavior
  • [Consider temporarily disabling remote access to the affected component until a patch is applied]
CVE-2025-5425 6.3
Published: 2025-06-02T03:15:25.537

What it does:

The CVE-2025-5425 vulnerability allows for improper access controls in the juzaweb CMS, specifically in the Theme Editor Page, which can be exploited remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to gain unauthorized access to the system, potentially leading to data breaches, modifications, or other malicious activities, and the fact that the exploit has been publicly disclosed increases the risk of attack.

Steps to mitigate:

  • Update juzaweb CMS to a version later than 3.4.2 if available
  • [Apply security patches or workarounds provided by the community or third-party vendors]
  • Limit remote access to the Theme Editor Page and related components
  • Monitor system logs for suspicious activity
  • Consider alternative CMS options if the vendor does not respond with a security fix.
CVE-2025-5424 6.3
Published: 2025-06-02T03:15:25.360

What it does:

This vulnerability, found in juzaweb CMS versions up to 3.4.2, allows remote attackers to manipulate the Media Page component, specifically the /admin-cp/media file, leading to improper access controls.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to sensitive areas of the CMS, potentially allowing attackers to modify or exploit the system, which can lead to data breaches, system compromise, or other malicious activities.

Steps to mitigate:

  • Update juzaweb CMS to a version later than 3.4.2 if available
  • [apply security patches or workarounds provided by trusted sources]
  • limit remote access to the CMS and Media Page component
  • [monitor system logs for suspicious activity]
  • contact a security expert or the CMS community for further guidance and support.
CVE-2025-20678 0
Published: 2025-06-02T03:15:25.230

What it does:

The CVE-2025-20678 vulnerability causes a system crash in the ims service due to incorrect error handling, potentially leading to a remote denial of service when a device connects to a rogue base station.

Why it's a problem:

This vulnerability is a problem because it allows an attacker to disrupt service and cause a system crash without needing any additional execution privileges, and it can be exploited without requiring any user interaction.

Steps to mitigate:

  • Apply patch MOLY01394606
  • Update the ims service to the latest version
  • Avoid connecting to unknown or untrusted base stations
  • Use network security measures to detect and prevent connections to rogue base stations.
CVE-2025-20677 0
Published: 2025-06-02T03:15:25.103

What it does:

The CVE-2025-20677 vulnerability causes a system crash in the Bluetooth driver due to an uncaught exception, potentially leading to a local denial of service.

Why it's a problem:

This vulnerability is a problem because it allows an attacker with user execution privileges to crash the system, disrupting its functionality and causing a denial of service, all without requiring any user interaction.

Steps to mitigate:

  • Apply the patch WCNCR00412256
  • Update the Bluetooth driver to the latest version
  • Monitor system logs for signs of exploitation and take corrective action if necessary
CVE-2025-20676 0
Published: 2025-06-02T03:15:24.987

What it does:

The CVE-2025-20676 vulnerability causes a system crash in the WLAN STA driver due to an uncaught exception, leading to a local denial of service.

Why it's a problem:

This vulnerability is a problem because it allows an attacker with user execution privileges to crash the system, disrupting its functionality and causing potential data loss or other issues, all without requiring any user interaction.

Steps to mitigate:

  • Apply the patch ID WCNCR00412240
  • Update the WLAN STA driver to the latest version
  • Contact the manufacturer or vendor for further assistance and guidance on implementing the patch ID: WCNCR00412240
CVE-2025-20675 0
Published: 2025-06-02T03:15:24.863

What it does:

The CVE-2025-20675 vulnerability causes a system crash in the wlan STA driver due to an uncaught exception, potentially leading to a local denial of service.

Why it's a problem:

This vulnerability is a problem because it allows an attacker with User execution privileges to disrupt the system, causing it to crash and become unavailable, without requiring any user interaction.

Steps to mitigate:

  • Apply patch WCNCR00413201
  • Update the wlan STA driver to the latest version
  • Monitor system stability and performance for any signs of denial of service attacks.
CVE-2025-20674 0
Published: 2025-06-02T03:15:24.737

What it does:

The CVE-2025-20674 vulnerability allows an attacker to inject arbitrary packets into a wireless access point (AP) driver due to a missing permission check, potentially leading to remote escalation of privilege.

Why it's a problem:

This vulnerability is a problem because it enables attackers to gain elevated privileges on a system without requiring any additional execution privileges or user interaction, which could result in unauthorized access and control.

Steps to mitigate:

  • Apply the patch ID WCNCR00413202
  • [check for and install any available updates for the wlan AP driver]
  • [ensure network segmentation and isolation to limit the potential damage from a compromised access point]
CVE-2025-20673 0
Published: 2025-06-02T03:15:24.613

What it does:

The CVE-2025-20673 vulnerability causes a system crash in the wlan STA driver due to an uncaught exception, leading to a local denial of service.

Why it's a problem:

This vulnerability is a problem because it allows an attacker with user execution privileges to crash the system, disrupting its functionality and causing potential data loss or other issues, all without requiring any user interaction.

Steps to mitigate:

  • Apply the patch ID WCNCR00413200
  • Update the wlan STA driver to the latest version
  • Refer to Issue ID MSV-3304 for additional guidance and support
CVE-2025-20672 0
Published: 2025-06-02T03:15:24.443

What it does:

The CVE-2025-20672 vulnerability is a flaw in the Bluetooth driver that allows an out of bounds write due to an incorrect bounds check, potentially leading to a local escalation of privilege.

Why it's a problem:

This vulnerability is a problem because it could allow an attacker to gain elevated privileges on a system, potentially giving them access to sensitive data and allowing them to perform malicious actions, all without requiring any user interaction.

Steps to mitigate:

  • Apply the patch WCNCR00412257
  • Update the Bluetooth driver to the latest version
  • Monitor system logs for suspicious activity
  • Restrict user execution privileges to necessary levels only.
CVE-2025-5423 6.3
Published: 2025-06-02T02:15:19.760

What it does:

This vulnerability allows an attacker to exploit improper access controls in the General Setting Page of the juzaweb CMS, specifically in the /admin-cp/setting/system/general file, which can be initiated remotely.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to sensitive areas of the CMS, potentially allowing attackers to modify system settings, extract confidential data, or perform other malicious actions, which can compromise the security and integrity of the system.

Steps to mitigate:

  • Update juzaweb CMS to a version later than 3.4.2 if available
  • Implement additional access controls and security measures to restrict remote access to the General Setting Page
  • Monitor the system for suspicious activity and signs of exploitation
  • Consider contacting a security expert or the vendor for further guidance and support.
CVE-2025-5422 4.3
Published: 2025-06-02T01:15:20.437

What it does:

The CVE-2025-5422 vulnerability allows attackers to exploit improper access controls in the Email Logs Page of juzaweb CMS versions up to 3.4.2, potentially granting unauthorized access to sensitive information.

Why it's a problem:

This vulnerability is a problem because it enables remote attacks, allowing hackers to access restricted areas of the system without permission, which can lead to data breaches, unauthorized data modification, or other malicious activities.

Steps to mitigate:

  • Update juzaweb CMS to a version later than 3.4.2 if available
  • [Implement additional access controls and security measures to restrict access to the Email Logs Page]
  • Monitor system logs for suspicious activity and potential exploit attempts
  • Consider reaching out to the vendor or a security expert for further guidance and support.
CVE-2025-5421 6.3
Published: 2025-06-02T01:15:20.227

What it does:

The CVE-2025-5421 vulnerability allows attackers to exploit improper access controls in the juzaweb CMS Plugin Editor Page, potentially granting unauthorized access to sensitive areas of the system.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to bypass security measures and gain access to the system without authorization, which could lead to data breaches, system compromises, or other malicious activities.

Steps to mitigate:

  • Update juzaweb CMS to a version later than 3.4.2]
  • [Apply security patches to the Plugin Editor Page]
  • [Implement additional access controls and security measures to prevent unauthorized access]
  • [Monitor system activity for suspicious behavior and signs of exploitation.
CVE-2025-5420 3.5
Published: 2025-06-02T00:15:20.760

What it does:

This vulnerability allows an attacker to perform a cross-site scripting (XSS) attack by manipulating the "Upload" argument in the file manager of the Profile Page in juzaweb CMS versions up to 3.4.2, potentially injecting malicious code into the website.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to inject malicious code into the website, which can lead to unauthorized access, data theft, or other malicious activities, compromising the security and integrity of the website and its users.

Steps to mitigate:

  • Update juzaweb CMS to a version later than 3.4.2 if available
  • Implement web application firewall (WAF) rules to detect and prevent XSS attacks
  • Limit access to the file manager and Profile Page to authorized personnel only
  • Monitor website logs for suspicious activity and signs of XSS attacks.
CVE-2025-5412 3.5
Published: 2025-06-02T00:15:20.550

What it does:

This vulnerability allows an attacker to perform a cross-site scripting (XSS) attack by manipulating the "return_to" argument in the login function of Mist Community Edition, affecting versions up to 4.7.1.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to inject malicious code into the website, potentially stealing user data, taking control of user sessions, or performing other malicious actions, which can compromise the security and integrity of the system.

Steps to mitigate:

  • Upgrade to version 4.7.2 or later
  • Apply the patch db10ecb62ac832c1ed4924556d167efb9bc07fad
  • Regularly monitor for and install updates to ensure the system remains secure.
CVE-2025-5411 3.5
Published: 2025-06-01T23:15:20.463

What it does:

The CVE-2025-5411 vulnerability allows an attacker to perform a cross-site scripting (XSS) attack by manipulating the "tag" argument in the Mist Community Edition software, specifically in the tag_resources function of the src/mist/api/tag/views.py file, which can be initiated remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to inject malicious scripts into the software, potentially leading to unauthorized access, data theft, or other malicious activities, and since the exploit has been publicly disclosed, attackers may use it to target vulnerable systems.

Steps to mitigate:

  • Upgrade to Mist Community Edition version 4.7.2
  • Apply the patch db10ecb62ac832c1ed4924556d167efb9bc07fad
  • Regularly monitor the system for any suspicious activity to ensure the vulnerability has been successfully addressed.
CVE-2025-5410 4.3
Published: 2025-06-01T23:15:20.257

What it does:

This vulnerability allows an attacker to manipulate the session_start_response function in Mist Community Edition, leading to cross-site request forgery (CSRF) attacks, which can be initiated remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to trick users into performing unintended actions on a web application, potentially leading to unauthorized access, data theft, or other malicious activities, and since the exploit has been publicly disclosed, attackers may actively use it to target vulnerable systems.

Steps to mitigate:

  • Upgrade to Mist Community Edition version 4.7.2
  • Apply the patch identified as db10ecb62ac832c1ed4924556d167efb9bc07fad
  • Ensure all affected components are updated to prevent exploitation.
CVE-2025-5409 7.3
Published: 2025-06-01T22:15:21.627

What it does:

This vulnerability allows for improper access controls in the Mist Community Edition, specifically in the API Token Handler, by manipulating the create_token function, which can be initiated remotely.

Why it's a problem:

This is a problem because it enables unauthorized access to the system, potentially allowing attackers to exploit the vulnerability and gain control, which can lead to data breaches, system compromise, and other security threats.

Steps to mitigate:

  • Upgrade to version 4.7.2 of Mist Community Edition
  • Apply the patch with identifier db10ecb62ac832c1ed4924556d167efb9bc07fad
  • Monitor the system for any signs of exploitation and take immediate action if suspicious activity is detected
CVE-2025-5408 9.8
Published: 2025-06-01T22:15:20.933

What it does:

This vulnerability allows an attacker to overflow a buffer by manipulating the "login_page" argument in the login function of certain WAVLINK wireless router models, potentially enabling remote code execution.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to gain unauthorized access to the affected routers, compromise their security, and potentially use them as a launching point for further attacks on the network.

Steps to mitigate:

  • Update router firmware to a version later than V1410_240222 if available
  • [Disallow remote access to the router's login page until a patch is available]
  • Change default login credentials and enable WPA3 encryption or the latest available security protocol
  • [Monitor network traffic for suspicious activity and keep an eye out for future security updates from the vendor]
CVE-2025-5407 2.4
Published: 2025-06-01T21:15:20.237

What it does:

This vulnerability allows an attacker to perform a cross-site scripting (XSS) attack by manipulating the "fullname" argument in the /register_script.php file of the chaitak-gorai Blogbook, potentially leading to the execution of malicious code on a user's browser.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to inject malicious code into a user's browser, which can lead to unauthorized access to sensitive information, session hijacking, or other malicious activities.

Steps to mitigate:

  • Upgrade the affected component to a version that has patched this vulnerability if available;
  • Contact the vendor for a patch or workaround since they have been notified of the issue;
  • Implement additional security measures such as input validation and sanitization to prevent XSS attacks in the /register_script.php file.
CVE-2025-5406 6.3
Published: 2025-06-01T19:15:20.313

What it does:

This vulnerability allows an attacker to upload files without restrictions to the chaitak-gorai Blogbook platform by manipulating the "image" argument in the /admin/posts.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to upload malicious files, such as malware or backdoors, to the platform, potentially leading to unauthorized access, data breaches, or disruption of service.

Steps to mitigate:

  • Update to a patched version of the platform if available
  • [Avoid using the /admin/posts.php file until a patch is released]
  • Implement strict file upload validation and sanitization to restrict uploaded file types
  • [Monitor the platform for suspicious activity and signs of exploitation]
  • Consider implementing a web application firewall (WAF) to detect and prevent malicious uploads.
CVE-2025-5405 3.5
Published: 2025-06-01T18:15:20.723

What it does:

This vulnerability allows an attacker to perform a cross-site scripting (XSS) attack by manipulating the comment author, email, or content fields in the /post.php file of the chaitak-gorai Blogbook application, potentially leading to the execution of malicious code on a user's browser.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to inject malicious code into the application, which can then be executed on the browsers of unsuspecting users, potentially leading to unauthorized access, data theft, or other malicious activities.

Steps to mitigate:

  • Update to a version of chaitak-gorai Blogbook that is not affected by this vulnerability if available
  • [contact the vendor or developer for a patch or workaround]
  • implement input validation and sanitization for user-provided comment data to prevent XSS attacks
  • monitor user activity and application logs for signs of malicious behavior
  • consider using a web application firewall (WAF) to detect and prevent XSS attacks.
CVE-2025-5404 4.3
Published: 2025-06-01T17:15:20.377

What it does:

The CVE-2025-5404 vulnerability allows an attacker to manipulate the "Search" argument in the GET Parameter Handler of the /search.php file in chaitak-gorai Blogbook, leading to a denial of service.

Why it's a problem:

This vulnerability is a problem because it can be exploited to disrupt the service, making it unavailable to users, which can lead to loss of productivity, reputation damage, and potential financial losses.

Steps to mitigate:

  • Update to the latest version of chaitak-gorai Blogbook if available
  • [Implement a web application firewall (WAF) to filter incoming traffic and prevent malicious requests]
  • [Monitor server logs for suspicious activity and deny of service attempts
  • [Consider implementing rate limiting on the /search.php file to prevent abuse]
CVE-2025-5403 6.3
Published: 2025-06-01T16:15:20.210

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Blogbook application by manipulating the "post_id" argument in the GET parameter of the /admin/view_all_posts.php file, potentially leading to unauthorized access and data manipulation.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the SQL injection flaw, potentially allowing them to extract or modify sensitive data, disrupt the application's functionality, or even gain administrative access to the system.

Steps to mitigate:

  • Update the Blogbook application to a version that fixes the SQL injection vulnerability if available
  • [contact the vendor or developer for a patch or workaround]
  • implement web application firewall (WAF) rules to detect and prevent SQL injection attacks
  • restrict access to the /admin/view_all_posts.php file and ensure proper input validation and sanitization of the "post_id" argument.
CVE-2025-5402 7.3
Published: 2025-06-01T14:15:21.250

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Blogbook application by manipulating the "edit_post_id" argument in the GET Parameter Handler of the /admin/includes/edit_post.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive data without needing direct access to the system, and the fact that the exploit has been publicly disclosed means that attackers can easily use it to launch attacks.

Steps to mitigate:

  • Update to a patched version of Blogbook if available
  • [apply input validation and sanitization to the "edit_post_id" argument]
  • [implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [use a database intrusion detection system to monitor for suspicious activity
  • [restrict access to the /admin/includes/edit_post.php file to authorized personnel only]
CVE-2025-40908 0
Published: 2025-06-01T14:15:21.113

What it does:

The YAML-LibYAML library for Perl, versions prior to 0.903.0, uses a 2-argument open function, which allows an attacker to modify existing files.

Why it's a problem:

This vulnerability is a problem because it enables an attacker to overwrite or alter the contents of files on a system, potentially leading to data corruption, loss, or even execution of malicious code.

Steps to mitigate:

  • Update YAML-LibYAML to version 0.903.0 or later
  • Use alternative YAML parsing libraries that do not have this vulnerability
  • Implement secure coding practices to avoid using 2-argument open functions in Perl scripts.
CVE-2025-5401 7.3
Published: 2025-06-01T13:15:19.893

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Blogbook application by manipulating the "p_id" argument in the GET parameter of the /post.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the SQL injection weakness, potentially leading to data breaches, unauthorized data modification, or even full control of the affected system, which can have severe consequences for the security and integrity of the application and its data.

Steps to mitigate:

  • Update to a version of Blogbook that fixes this vulnerability if available
  • [apply a web application firewall (WAF) to detect and prevent SQL injection attacks]
  • [implement input validation and sanitization for the "p_id" argument in the /post.php file
  • [use a parameterized query or prepared statement to prevent SQL injection]
  • [monitor the application for suspicious activity and signs of exploitation.
CVE-2025-33005 6.3
Published: 2025-06-01T12:15:25.807

What it does:

The IBM Planning Analytics Local versions 2.0 and 2.1 fail to properly end a user's session after they log out, allowing an authenticated user to potentially access and impersonate another user's account on the system.

Why it's a problem:

This vulnerability is a problem because it could allow unauthorized access to sensitive information and enable malicious activities, such as data tampering or theft, by permitting an attacker to assume the identity of a legitimate user without their knowledge or consent.

Steps to mitigate:

  • Update to the latest version of IBM Planning Analytics Local
  • [Apply the patch provided by IBM to fix the session invalidation issue]
  • Implement additional security measures, such as monitoring user activity and enforcing strict access controls to detect and prevent potential impersonation attempts
  • Regularly review and update user permissions to minimize the risk of unauthorized access.
CVE-2025-33004 6.5
Published: 2025-06-01T12:15:25.643

What it does:

The CVE-2025-33004 vulnerability in IBM Planning Analytics Local 2.0 and 2.1 allows a user with privileged access to delete files from directories, due to the system's failure to properly restrict pathname access.

Why it's a problem:

This vulnerability is a problem because it can lead to unauthorized data deletion, potentially causing loss of important information, disrupting business operations, and compromising the integrity of the system.

Steps to mitigate:

  • Update to a patched version of IBM Planning Analytics Local
  • [Restrict privileged user access to sensitive directories]
  • [Monitor system logs for suspicious file deletion activity]
  • [Implement backup and recovery procedures to minimize data loss]
CVE-2025-2896 4.8
Published: 2025-06-01T12:15:25.483

What it does:

This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the IBM Planning Analytics Local Web UI, potentially altering its intended functionality and executing unwanted actions.

Why it's a problem:

This vulnerability is a problem because it can lead to the disclosure of sensitive credentials, such as usernames and passwords, within a trusted session, which could be used by attackers to gain unauthorized access to the system.

Steps to mitigate:

  • Update IBM Planning Analytics Local to the latest version
  • [Apply security patches provided by IBM]
  • Implement strict input validation and sanitization to prevent malicious code injection
  • Use web application firewalls to detect and block suspicious traffic
  • Limit user privileges to minimize potential damage.
CVE-2025-25044 5.4
Published: 2025-06-01T12:15:25.317

What it does:

This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the IBM Planning Analytics Local Web UI, altering its intended functionality and potentially leading to the disclosure of sensitive credentials within a trusted session.

Why it's a problem:

This vulnerability is a problem because it enables an attacker to inject malicious code into the system, potentially exposing user credentials and allowing unauthorized access to sensitive information, which could lead to data breaches or other security incidents.

Steps to mitigate:

  • Update IBM Planning Analytics Local to the latest version
  • [Apply security patches from IBM]
  • Implement Web UI input validation and sanitization
  • Restrict user privileges to minimize potential damage
  • Monitor system logs for suspicious activity
CVE-2025-1499 6.5
Published: 2025-06-01T12:15:24.230

What it does:

The IBM InfoSphere Information Server 11.7 stores database authentication credentials in plain text within a parameter file, making it accessible to authenticated users.

Why it's a problem:

This vulnerability is a problem because it allows authenticated users to view sensitive credential information, potentially leading to unauthorized access to databases and compromising the security of the system.

Steps to mitigate:

  • Update IBM InfoSphere Information Server to a patched version
  • [Apply secure configuration settings to encrypt credential storage]
  • Limit access to the parameter file to only necessary personnel
  • Use alternative secure authentication methods
  • Regularly review and rotate database credentials.
CVE-2025-5400 7.3
Published: 2025-06-01T09:15:20.557

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Blogbook application through the "u_id" argument in the /user.php file, which can be manipulated remotely.

Why it's a problem:

This is a problem because SQL injection attacks can give an attacker unauthorized access to sensitive data, allowing them to modify, delete, or steal information from the database, potentially leading to data breaches, financial losses, and reputational damage.

Steps to mitigate:

  • Update to a patched version of Blogbook if available
  • [apply input validation and sanitization to the "u_id" argument in the /user.php file]
  • [implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks]
  • [limit remote access to the /user.php file and restrict user input]
  • [monitor database activity for suspicious behavior and implement incident response plans]
CVE-2025-5390 6.3
Published: 2025-05-31T19:15:20.920

What it does:

The CVE-2025-5390 vulnerability allows improper access controls in the JeeWMS File Handler component, specifically in the filedeal function of the /systemController/filedeal.do file, which can be exploited remotely.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to sensitive files and data, potentially leading to data breaches, theft, or other malicious activities, which can have serious consequences for individuals and organizations.

Steps to mitigate:

  • Update JeeWMS to the latest version if available
  • [contact the vendor for a patch or workaround]
  • Implement additional access controls and security measures to restrict remote access to the File Handler component
  • Monitor system logs for suspicious activity
  • Consider disabling remote access to the File Handler until a patch is available.
CVE-2025-5389 6.3
Published: 2025-05-31T19:15:20.730

What it does:

The CVE-2025-5389 vulnerability allows attackers to exploit improper access controls in the JeeWMS system, specifically in the dogenerateOne2Many function of the File Handler component, which can be manipulated remotely.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to bypass access controls, potentially leading to unauthorized access to sensitive data or systems, which can result in data breaches, system compromise, or other malicious activities.

Steps to mitigate:

  • Update JeeWMS to the latest version available'
  • Implement additional access controls and security measures to restrict remote access'
  • Monitor system logs for suspicious activity and signs of exploitation'
  • Consider implementing a web application firewall (WAF) to detect and prevent malicious requests.
CVE-2025-5388 6.3
Published: 2025-05-31T18:15:21.567

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the JeeWMS system through the "dogenerate" function in the /generateController.do?dogenerate file, which can be exploited remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and manipulate sensitive data in the database, potentially leading to unauthorized data disclosure, modification, or deletion, which can have serious consequences for the security and integrity of the system.

Steps to mitigate:

  • Update JeeWMS to the latest version available
  • [apply security patches or hotfixes if provided by the vendor]
  • implement web application firewall (WAF) rules to detect and prevent SQL injection attacks
  • limit remote access to the system and restrict user privileges to minimize potential damage.
CVE-2025-5387 6.3
Published: 2025-05-31T18:15:20.503

What it does:

The CVE-2025-5387 vulnerability allows attackers to exploit improper access controls in the JeeWMS File Handler component, specifically in the dogenerate function of the /generateController.do?dogenerate file, which can be launched remotely.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to bypass access controls, potentially leading to unauthorized access to sensitive data or systems, which can result in data breaches, system compromise, or other malicious activities.

Steps to mitigate:

  • Update JeeWMS to the latest version available]
  • [Monitor system logs for suspicious activity]
  • [Implement additional access controls and security measures to restrict unauthorized access to the File Handler component]
  • [Consider implementing a web application firewall (WAF) to detect and prevent exploitation attempts.
CVE-2025-5386 6.3
Published: 2025-05-31T17:15:21.097

What it does:

The CVE-2025-5386 vulnerability allows an attacker to inject malicious SQL code into the JeeWMS system through the transEditor function, which can be accessed remotely.

Why it's a problem:

This vulnerability is a problem because it enables an attacker to potentially extract, modify, or delete sensitive data from the database, compromising the security and integrity of the system.

Steps to mitigate:

  • Update JeeWMS to a version that fixes the vulnerability if available
  • [contact the vendor for a patch or workaround]
  • Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • Limit remote access to the transEditor function
  • Monitor database activity for suspicious transactions.
CVE-2025-5385 6.3
Published: 2025-05-31T17:15:20.230

What it does:

The CVE-2025-5385 vulnerability allows an attacker to manipulate the "doAdd" function in the JeeWMS system, specifically in the /cgformTemplateController.do?doAdd file, leading to a path traversal attack that can be initiated remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and potentially modify sensitive files and directories on the system by traversing the file path, which could lead to unauthorized data access, modification, or even system compromise.

Steps to mitigate:

  • Update JeeWMS to the latest version available'
  • Restrict remote access to the /cgformTemplateController.do?doAdd file'
  • Implement security measures to detect and prevent path traversal attacks'
  • Monitor system logs for suspicious activity related to the vulnerable file'
  • Consider applying additional security patches or configurations as recommended by the vendor.
CVE-2025-5384 6.3
Published: 2025-05-31T16:15:19.950

What it does:

This vulnerability allows an attacker to perform a SQL injection attack on the JeeWMS system by manipulating the CgAutoListController function, which can be initiated remotely.

Why it's a problem:

This is a problem because SQL injection attacks can give an attacker access to sensitive data, allow them to modify database records, or even take control of the entire system, leading to potential data breaches or system compromises.

Steps to mitigate:

  • Update JeeWMS to the latest version available
  • .
CVE-2025-5383 2.4
Published: 2025-05-31T15:15:20.833

What it does:

This vulnerability allows an attacker to perform a cross-site scripting (XSS) attack on Yifang CMS versions up to 2.0.2 by manipulating the "Default Value" argument in the Article Management Module, potentially leading to the execution of malicious code on a user's browser.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to inject malicious scripts into a website, potentially stealing user data, taking control of user sessions, or performing other malicious activities, which can compromise the security and integrity of the website and its users.

Steps to mitigate:

  • Update Yifang CMS to a version later than 2.0.2
  • [Validate and sanitize user input to prevent XSS attacks]
  • Implement a Web Application Firewall (WAF) to detect and block malicious traffic
  • Use a content security policy to define which sources of content are allowed to be executed within a web page.
CVE-2025-5381 2.7
Published: 2025-05-31T15:15:20.017

What it does:

The CVE-2025-5381 vulnerability allows an attacker to manipulate the "File" argument in the downloadFile function of the Yifang CMS Admin Panel, enabling them to access files outside of the intended directory through path traversal.

Why it's a problem:

This vulnerability is a problem because it allows remote attackers to potentially access sensitive files and data on the affected system, which could lead to unauthorized data disclosure, system compromise, or other malicious activities.

Steps to mitigate:

  • Update Yifang CMS to a version later than 2.0.2
  • [Apply security patches to the Admin Panel]
  • Restrict access to the downloadFile function
  • [Monitor system logs for suspicious activity]
  • Implement additional security measures to prevent path traversal attacks.
CVE-2025-5380 6.3
Published: 2025-05-31T14:15:19.920

What it does:

This vulnerability allows an attacker to manipulate the file upload process in the XueShengZhuSu 学生住宿管理系统, specifically in the Image File Upload component, by exploiting a path traversal weakness, potentially leading to unauthorized access to sensitive files and directories.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and potentially modify sensitive data without being physically present. This can lead to data breaches, malware distribution, and other malicious activities, compromising the security and integrity of the system.

Steps to mitigate:

  • Update to the latest version of the XueShengZhuSu 学生住宿管理系统
  • [Implement strict file upload validation and sanitization]
  • [Restrict access to the /upload/ directory]
  • [Monitor system logs for suspicious activity]
  • [Apply security patches and updates as soon as they become available]
CVE-2025-5379 4.3
Published: 2025-05-31T14:15:19.703

What it does:

This vulnerability allows an attacker to access the Console Application of NuCom NC-WR744G devices using hard-coded credentials by manipulating a specific argument, potentially giving them unauthorized control over the device.

Why it's a problem:

This is a problem because it enables remote attacks, allowing hackers to gain access to the device without needing a legitimate password, which can lead to data theft, device takeover, and other malicious activities.

Steps to mitigate:

  • Change default credentials immediately if the device is already in use
  • [Avoid using NuCom NC-WR744G devices with the affected firmware version (8.5.5 Build 20200530.307)]
  • [Contact the vendor or manufacturer for a patch or update if available]
  • [Implement network segmentation to limit access to the device]
  • [Monitor device activity for signs of unauthorized access]
CVE-2025-5378 4.3
Published: 2025-05-31T13:15:20.457

What it does:

This vulnerability allows an attacker to perform a cross-site scripting (XSS) attack by manipulating the "atTxtStreet" argument in the "mycouncil2.aspx" file of Astun Technology iShare Maps 5.4.0, which can be initiated remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to inject malicious code into the website, potentially leading to unauthorized access to user data, session hijacking, or other malicious activities, and since the exploit has been publicly disclosed, attackers may actively use it to target vulnerable systems.

Steps to mitigate:

  • Update to a patched version of Astun Technology iShare Maps if available
  • Implement input validation and sanitization for the "atTxtStreet" argument
  • Use web application firewalls (WAFs) to detect and prevent XSS attacks
  • Monitor website traffic for suspicious activity
  • Contact the vendor or a security expert for further guidance and support.
CVE-2025-5377 4.3
Published: 2025-05-31T13:15:19.683

What it does:

The CVE-2025-5377 vulnerability allows an attacker to perform a cross-site scripting (XSS) attack by manipulating the "Zoom" argument in the historic1.asp file of Astun Technology iShare Maps 5.4.0, potentially allowing malicious code to be executed on a user's browser.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing an attacker to inject malicious code into a user's browser, potentially leading to theft of sensitive information, session hijacking, or other malicious activities.

Steps to mitigate:

  • Update to a patched version of iShare Maps if available
  • Implement input validation and sanitization for the "Zoom" argument in the historic1.asp file
  • Restrict access to the historic1.asp file to authorized users only
  • Monitor user activity for signs of XSS attacks
  • Consider implementing a Web Application Firewall (WAF) to detect and prevent XSS attacks.
CVE-2025-5376 7.3
Published: 2025-05-31T12:15:21.157

What it does:

The CVE-2025-5376 vulnerability allows an attacker to inject malicious SQL code into the Health Center Patient Record Management System by manipulating the "itr_no" argument in the /patient.php file, potentially giving them unauthorized access to sensitive patient data.

Why it's a problem:

This vulnerability is a problem because it can be exploited remotely, allowing attackers to access and manipulate sensitive patient information without needing physical access to the system, which can lead to data breaches, identity theft, and other serious security issues.

Steps to mitigate:

  • Update the Health Center Patient Record Management System to a patched version
  • [Implement input validation and sanitization for the "itr_no" argument]
  • [Use a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit remote access to the /patient.php file
  • [Monitor system logs for suspicious activity and signs of exploitation.
CVE-2025-4857 7.2
Published: 2025-05-31T12:15:20.997

What it does:

The Newsletters plugin for WordPress has a vulnerability that allows attackers with Administrator-level access to include and execute arbitrary files on the server, potentially executing any PHP code in those files.

Why it's a problem:

This vulnerability is a problem because it can be used to bypass access controls, obtain sensitive data, or achieve code execution, which can lead to unauthorized access and malicious activities on the server.

Steps to mitigate:

  • Update the Newsletters plugin to a version above 4.9.9.9;
  • Restrict Administrator-level access to trusted users only;
  • Monitor server logs for suspicious activity and implement additional security measures to prevent code execution from uploaded files.
CVE-2025-4691 5.3
Published: 2025-05-31T12:15:20.133

What it does:

The Free Booking Plugin for WordPress has a vulnerability that allows unauthorized users to view the details of any booking request due to a lack of validation on a user-controlled key, specifically through the 'view_request_details' feature.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access sensitive information about bookings, potentially compromising the privacy and security of customers who have made bookings through the plugin, and could be used for malicious purposes such as identity theft or phishing attacks.

Steps to mitigate:

  • Update the plugin to the latest version available
  • [check the WordPress site for any additional security patches or updates]
  • [limit access to the booking request details to authenticated and authorized users only]
  • [monitor the website and plugin for any suspicious activity or potential exploits].
CVE-2025-5375 6.3
Published: 2025-05-31T11:15:31.873

What it does:

The CVE-2025-5375 vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul HPGurukul Online Birth Certificate System 2.0 by manipulating the "del" argument in the /admin/registered-users.php file, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to launch SQL injection attacks, which can lead to data breaches, unauthorized data modification, or even complete system compromise, ultimately putting sensitive user information at risk.

Steps to mitigate:

  • Update to a patched version of the PHPGurukul HPGurukul Online Birth Certificate System
  • [Implement input validation and sanitization for the "del" argument in the /admin/registered-users.php file
  • [Use a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit remote access to the system and restrict user privileges to minimize potential damage]
CVE-2025-5374 6.3
Published: 2025-05-31T10:15:19.940

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul Online Birth Certificate System 2.0 by manipulating the "del" argument in the /admin/all-applications.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and manipulate sensitive data in the system's database, potentially leading to unauthorized data disclosure, modification, or deletion, which can have serious consequences for the security and integrity of the system and its users.

Steps to mitigate:

  • Update PHPGurukul Online Birth Certificate System to a patched version
  • [Apply input validation and sanitization to prevent SQL injection
  • [Implement a Web Application Firewall (WAF) to detect and block malicious traffic
  • [Limit remote access to the system and restrict user privileges
  • [Regularly monitor system logs for suspicious activity]
CVE-2025-5373 6.3
Published: 2025-05-31T09:15:20.753

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the PHPGurukul Online Birth Certificate System 2.0 by manipulating the "userid" argument in the /admin/users-applications.php file, which can be done remotely.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access, modify, or extract sensitive data from the system's database, potentially leading to unauthorized access, data breaches, or disruption of services.

Steps to mitigate:

  • Update PHPGurukul Online Birth Certificate System to a patched version
  • [Implement input validation and sanitization for the "userid" argument]
  • [Use prepared statements to prevent SQL injection]
  • [Limit remote access to the /admin/users-applications.php file
  • [Monitor system logs for suspicious activity]
CVE-2025-5371 7.3
Published: 2025-05-31T08:15:21.297

What it does:

This vulnerability allows an attacker to inject malicious SQL code into the Health Center Patient Record Management System by manipulating the "Username" argument in the /admin/admin.php file, potentially giving them unauthorized access to sensitive patient data.

Why it's a problem:

This vulnerability is a problem because it enables remote attackers to exploit the system, potentially leading to unauthorized data access, modification, or deletion, which can compromise patient confidentiality and the integrity of the healthcare system.

Steps to mitigate:

  • Update the Health Center Patient Record Management System to a patched version
  • [Implement input validation and sanitization for the "Username" field]
  • [Use prepared statements to prevent SQL injection]
  • [Limit access to the /admin/admin.php file to authorized personnel only]
  • [Monitor system logs for suspicious activity and signs of exploitation.