{
"Source": "CVE FEED",
"Title": "CVE-2025-48979 - "UISP Command Injection Vulnerability"",
"Content": "CVE ID : CVE-2025-48979
Published : Aug. 29, 2025, 12:15 a.m. | 1 hour, 55 minutes ago
Description : An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-48979 - "UISP Command Injection Vulnerability"",
"Content": "CVE ID : CVE-2025-48979
Published : Aug. 29, 2025, 12:15 a.m. | 1 hour, 55 minutes ago
Description : An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9595 - Code-projects Student Information Management System Cross Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-9595
Published : Aug. 29, 2025, 12:15 a.m. | 1 hour, 55 minutes ago
Description : A vulnerability was found in code-projects Student Information Management System 1.0. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. The attack may be performed from a remote location. The exploit has been made public and could be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9595 - Code-projects Student Information Management System Cross Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-9595
Published : Aug. 29, 2025, 12:15 a.m. | 1 hour, 55 minutes ago
Description : A vulnerability was found in code-projects Student Information Management System 1.0. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. The attack may be performed from a remote location. The exploit has been made public and could be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9596 - iSourcecode Sports Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-9596
Published : Aug. 29, 2025, 12:15 a.m. | 1 hour, 55 minutes ago
Description : A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /login.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9596 - iSourcecode Sports Management System SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-9596
Published : Aug. 29, 2025, 12:15 a.m. | 1 hour, 55 minutes ago
Description : A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /login.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58333 - Apache HTTPD Cross-Site Request Forgery",
"Content": "CVE ID : CVE-2025-58333
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58333 - Apache HTTPD Cross-Site Request Forgery",
"Content": "CVE ID : CVE-2025-58333
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9607 - Portabilis i-Educar SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-9607
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : A flaw has been found in Portabilis i-Educar up to 2.10. Affected by this issue is some unknown functionality of the file /module/TabelaArredondamento/view of the component Tabelas de Arredondamento Page. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9607 - Portabilis i-Educar SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-9607
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : A flaw has been found in Portabilis i-Educar up to 2.10. Affected by this issue is some unknown functionality of the file /module/TabelaArredondamento/view of the component Tabelas de Arredondamento Page. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9605 - Tenda AC21/AC23 Stack-Based Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-9605
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Severity: 10.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9605 - Tenda AC21/AC23 Stack-Based Buffer Overflow Vulnerability",
"Content": "CVE ID : CVE-2025-9605
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Severity: 10.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9606 - Portabilis i-Educar SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-9606
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : A vulnerability was detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/agenda_preferencias.php. Performing manipulation of the argument cod_agenda results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9606 - Portabilis i-Educar SQL Injection Vulnerability",
"Content": "CVE ID : CVE-2025-9606
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : A vulnerability was detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/agenda_preferencias.php. Performing manipulation of the argument cod_agenda results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9608 - Portabilis i-Educar Formula de Cรกlculo de Mรฉdia Page SQL Injection",
"Content": "CVE ID : CVE-2025-9608
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : A vulnerability has been found in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/FormulaMedia/view of the component Formula de Cรกlculo de Mรฉdia Page. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9608 - Portabilis i-Educar Formula de Cรกlculo de Mรฉdia Page SQL Injection",
"Content": "CVE ID : CVE-2025-9608
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : A vulnerability has been found in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/FormulaMedia/view of the component Formula de Cรกlculo de Mรฉdia Page. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58326 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58326
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58326 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58326
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58327 - Apache HTTP Server Cross-Site Request Forgery",
"Content": "CVE ID : CVE-2025-58327
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58327 - Apache HTTP Server Cross-Site Request Forgery",
"Content": "CVE ID : CVE-2025-58327
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58328 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58328
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58328 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58328
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58329 - Oracle WebLogic Server Deserialization RCE",
"Content": "CVE ID : CVE-2025-58329
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58329 - Oracle WebLogic Server Deserialization RCE",
"Content": "CVE ID : CVE-2025-58329
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58330 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58330
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58330 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58330
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58331 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58331
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58331 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58331
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58332 - Apache HTTP Server Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-58332
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58332 - Apache HTTP Server Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-58332
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-39247 - HikCentral Professional Unauthenticated Privilege Escalation",
"Content": "CVE ID : CVE-2025-39247
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-39247 - HikCentral Professional Unauthenticated Privilege Escalation",
"Content": "CVE ID : CVE-2025-39247
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58323 - NAVER MYBOX Explorer Windows Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-58323
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58323 - NAVER MYBOX Explorer Windows Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-58323
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-39245 - HikCentral Master Lite CSV Injection Vulnerability",
"Content": "CVE ID : CVE-2025-39245
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-39245 - HikCentral Master Lite CSV Injection Vulnerability",
"Content": "CVE ID : CVE-2025-39245
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-39246 - HikCentral FocSign Unquoted Service Path Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-39246
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-39246 - HikCentral FocSign Unquoted Service Path Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-39246
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9602 - Xinhu RockOA Remote Authorization Bypass",
"Content": "CVE ID : CVE-2025-9602
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9602 - Xinhu RockOA Remote Authorization Bypass",
"Content": "CVE ID : CVE-2025-9602
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9603 - Telesquare TLR-2005KSH Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-9603
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9603 - Telesquare TLR-2005KSH Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-9603
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น