{
"Source": "CVE FEED",
"Title": "CVE-2025-49134 - Weblate IP Address Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-49134
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : Weblate is a web based localization tool. Prior to version 5.12, the audit log notifications included the full IP address of the acting user. This could be obtained by third-party servers such as SMTP relays, or spam filters. This issue has been patched in version 5.12.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-49134 - Weblate IP Address Disclosure Vulnerability",
"Content": "CVE ID : CVE-2025-49134
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : Weblate is a web based localization tool. Prior to version 5.12, the audit log notifications included the full IP address of the acting user. This could be obtained by third-party servers such as SMTP relays, or spam filters. This issue has been patched in version 5.12.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6138 - TOTOLINK T10 HTTP POST Request Handler Buffer Overflow",
"Content": "CVE ID : CVE-2025-6138
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vulnerability is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ssid5g leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6138 - TOTOLINK T10 HTTP POST Request Handler Buffer Overflow",
"Content": "CVE ID : CVE-2025-6138
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vulnerability is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ssid5g leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6139 - TOTOLINK T10 Hard-Coded Password Vulnerability",
"Content": "CVE ID : CVE-2025-6139
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207. Affected by this issue is some unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can only be initiated within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6139 - TOTOLINK T10 Hard-Coded Password Vulnerability",
"Content": "CVE ID : CVE-2025-6139
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207. Affected by this issue is some unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can only be initiated within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-47951 - Weblate Second Factor OTP Guessing Vulnerability",
"Content": "CVE ID : CVE-2025-47951
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : Weblate is a web based localization tool. Prior to version 5.12, the verification of the second factor was not subject to rate limiting. The absence of rate limiting on the second factor endpoint allows an attacker with valid credentials to automate OTP guessing. This issue has been patched in version 5.12.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-47951 - Weblate Second Factor OTP Guessing Vulnerability",
"Content": "CVE ID : CVE-2025-47951
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : Weblate is a web based localization tool. Prior to version 5.12, the verification of the second factor was not subject to rate limiting. The absence of rate limiting on the second factor endpoint allows an attacker with valid credentials to automate OTP guessing. This issue has been patched in version 5.12.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-32799 - Conda-build Tar Slip Vulnerability",
"Content": "CVE ID : CVE-2025-32799
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : Conda-build contains commands and tools to build conda packages. Prior to version 25.4.0, the conda-build processing logic is vulnerable to path traversal (Tarslip) attacks due to improper sanitization of tar entry paths. Attackers can craft tar archives containing entries with directory traversal sequences to write files outside the intended extraction directory. This could lead to arbitrary file overwrites, privilege escalation, or code execution if sensitive locations are targeted. This issue has been patched in version 25.4.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-32799 - Conda-build Tar Slip Vulnerability",
"Content": "CVE ID : CVE-2025-32799
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : Conda-build contains commands and tools to build conda packages. Prior to version 25.4.0, the conda-build processing logic is vulnerable to path traversal (Tarslip) attacks due to improper sanitization of tar entry paths. Attackers can craft tar archives containing entries with directory traversal sequences to write files outside the intended extraction directory. This could lead to arbitrary file overwrites, privilege escalation, or code execution if sensitive locations are targeted. This issue has been patched in version 25.4.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-32800 - "Conda-build Conduit for Malicious Package Injection"",
"Content": "CVE ID : CVE-2025-32800
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : Conda-build contains commands and tools to build conda packages. Prior to version 25.3.0, the pyproject.toml lists conda-index as a Python dependency. This package is not published in PyPI. An attacker could claim this namespace and upload arbitrary (malicious) code to the package, and then exploit pip install commands by injecting the malicious dependency in the solve. This issue has been fixed in version 25.3.0. A workaround involves using --no-deps for pip install-ing the project from the repository.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-32800 - "Conda-build Conduit for Malicious Package Injection"",
"Content": "CVE ID : CVE-2025-32800
Published : June 16, 2025, 9:15 p.m. | 2 hours, 15 minutes ago
Description : Conda-build contains commands and tools to build conda packages. Prior to version 25.3.0, the pyproject.toml lists conda-index as a Python dependency. This package is not published in PyPI. An attacker could claim this namespace and upload arbitrary (malicious) code to the package, and then exploit pip install commands by injecting the malicious dependency in the solve. This issue has been fixed in version 25.3.0. A workaround involves using --no-deps for pip install-ing the project from the repository.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6151 - TP-Link TL-WR940N Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6151
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : A vulnerability, which was classified as critical, has been found in TP-Link TL-WR940N V4. Affected by this issue is some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm. The manipulation of the argument dnsserver1 leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6151 - TP-Link TL-WR940N Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6151
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : A vulnerability, which was classified as critical, has been found in TP-Link TL-WR940N V4. Affected by this issue is some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm. The manipulation of the argument dnsserver1 leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6150 - TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6150
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : A vulnerability classified as critical was found in TOTOLINK X15 1.0.0-B20230714.1105. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6150 - TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6150
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : A vulnerability classified as critical was found in TOTOLINK X15 1.0.0-B20230714.1105. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-48993 - Group-Office Reflected Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-48993
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.123 and 25.0.27, a malicious JavaScript payload can be executed via the Look and Feel formatting fields. Any user can update their Look and Feel Formatting input fields, but the web application does not sanitize their input. This could result in a reflected cross-site scripting (XSS) attack. This issue has been patched in versions 6.8.123 and 25.0.27.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-48993 - Group-Office Reflected Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-48993
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.123 and 25.0.27, a malicious JavaScript payload can be executed via the Look and Feel formatting fields. Any user can update their Look and Feel Formatting input fields, but the web application does not sanitize their input. This could result in a reflected cross-site scripting (XSS) attack. This issue has been patched in versions 6.8.123 and 25.0.27.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6147 - TOTOLINK A702R HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6147
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6147 - TOTOLINK A702R HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6147
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6148 - TOTOLINK A3002RU HTTP POST Request Handler Buffer Overflow",
"Content": "CVE ID : CVE-2025-6148
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. It has been rated as critical. This issue affects some unknown processing of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6148 - TOTOLINK A3002RU HTTP POST Request Handler Buffer Overflow",
"Content": "CVE ID : CVE-2025-6148
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. It has been rated as critical. This issue affects some unknown processing of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6149 - TOTOLINK A3002R HTTP POST Request Handler Buffer Overflow",
"Content": "CVE ID : CVE-2025-6149
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : A vulnerability classified as critical has been found in TOTOLINK A3002R 4.0.0-B20230531.1404. Affected is an unknown function of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6149 - TOTOLINK A3002R HTTP POST Request Handler Buffer Overflow",
"Content": "CVE ID : CVE-2025-6149
Published : June 17, 2025, 1:15 a.m. | 18 minutes ago
Description : A vulnerability classified as critical has been found in TOTOLINK A3002R 4.0.0-B20230531.1404. Affected is an unknown function of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6146 - TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6146
Published : June 17, 2025, 12:15 a.m. | 1 hour, 18 minutes ago
Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. This affects an unknown part of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6146 - TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-6146
Published : June 17, 2025, 12:15 a.m. | 1 hour, 18 minutes ago
Description : A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. This affects an unknown part of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6155 - "PHPGurukul Hostel Management System SQL Injection Vulnerability"",
"Content": "CVE ID : CVE-2025-6155
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : A vulnerability was found in PHPGurukul Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /includes/login-hm.inc.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6155 - "PHPGurukul Hostel Management System SQL Injection Vulnerability"",
"Content": "CVE ID : CVE-2025-6155
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : A vulnerability was found in PHPGurukul Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /includes/login-hm.inc.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6156 - PHPGurukul Nipah Virus Testing Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-6156
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-report-ds.php. The manipulation of the argument testtype leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6156 - PHPGurukul Nipah Virus Testing Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-6156
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-report-ds.php. The manipulation of the argument testtype leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-6157 - PHPGurukul Nipah Virus SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-6157
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registered-user-testing.php. The manipulation of the argument testtype leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-6157 - PHPGurukul Nipah Virus SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-6157
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registered-user-testing.php. The manipulation of the argument testtype leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-52439 - Cisco WebEx Meeting Center Unvalidated Redirect",
"Content": "CVE ID : CVE-2025-52439
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-52439 - Cisco WebEx Meeting Center Unvalidated Redirect",
"Content": "CVE ID : CVE-2025-52439
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-52440 - Cisco Webex Meeting Server Authentication Bypass",
"Content": "CVE ID : CVE-2025-52440
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-52440 - Cisco Webex Meeting Server Authentication Bypass",
"Content": "CVE ID : CVE-2025-52440
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-52441 - Apache HTTP Server Cross-Site Request Forgery",
"Content": "CVE ID : CVE-2025-52441
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-52441 - Apache HTTP Server Cross-Site Request Forgery",
"Content": "CVE ID : CVE-2025-52441
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-52442 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-52442
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-52442 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-52442
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-52443 - Apache HTTP Server Authentication Bypass",
"Content": "CVE ID : CVE-2025-52443
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-52443 - Apache HTTP Server Authentication Bypass",
"Content": "CVE ID : CVE-2025-52443
Published : June 17, 2025, 3:15 a.m. | 21 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "17 Jun 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹