{
"Source": "CVE FEED",
"Title": "CVE-2025-58326 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58326
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58326 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58326
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58327 - Apache HTTP Server Cross-Site Request Forgery",
"Content": "CVE ID : CVE-2025-58327
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58327 - Apache HTTP Server Cross-Site Request Forgery",
"Content": "CVE ID : CVE-2025-58327
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58328 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58328
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58328 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58328
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58329 - Oracle WebLogic Server Deserialization RCE",
"Content": "CVE ID : CVE-2025-58329
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58329 - Oracle WebLogic Server Deserialization RCE",
"Content": "CVE ID : CVE-2025-58329
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58330 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58330
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58330 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58330
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58331 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58331
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58331 - Apache HTTP Server Unvalidated User Input",
"Content": "CVE ID : CVE-2025-58331
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58332 - Apache HTTP Server Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-58332
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58332 - Apache HTTP Server Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-58332
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-39247 - HikCentral Professional Unauthenticated Privilege Escalation",
"Content": "CVE ID : CVE-2025-39247
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-39247 - HikCentral Professional Unauthenticated Privilege Escalation",
"Content": "CVE ID : CVE-2025-39247
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-58323 - NAVER MYBOX Explorer Windows Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-58323
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-58323 - NAVER MYBOX Explorer Windows Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-58323
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-39245 - HikCentral Master Lite CSV Injection Vulnerability",
"Content": "CVE ID : CVE-2025-39245
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-39245 - HikCentral Master Lite CSV Injection Vulnerability",
"Content": "CVE ID : CVE-2025-39245
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-39246 - HikCentral FocSign Unquoted Service Path Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-39246
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-39246 - HikCentral FocSign Unquoted Service Path Privilege Escalation Vulnerability",
"Content": "CVE ID : CVE-2025-39246
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 3 minutes ago
Description : There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9602 - Xinhu RockOA Remote Authorization Bypass",
"Content": "CVE ID : CVE-2025-9602
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9602 - Xinhu RockOA Remote Authorization Bypass",
"Content": "CVE ID : CVE-2025-9602
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9603 - Telesquare TLR-2005KSH Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-9603
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9603 - Telesquare TLR-2005KSH Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-9603
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9604 - Coze-Studio Hardcoded Cryptographic Key Vulnerability",
"Content": "CVE ID : CVE-2025-9604
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was identified in coze-studio up to 0.2.4. The impacted element is an unknown function of the file backend/domain/plugin/encrypt/aes.go. The manipulation of the argument AuthSecretKey/StateSecretKey/OAuthTokenSecretKey leads to use of hard-coded cryptographic key
. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is regarded as difficult. To fix this issue, it is recommended to deploy a patch. The vendor replied to the GitHub issue (translated from simplified Chinese): "For scenarios requiring encryption, we will implement user-defined key management through configuration and optimize the use of encryption tools, such as random salt."
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9604 - Coze-Studio Hardcoded Cryptographic Key Vulnerability",
"Content": "CVE ID : CVE-2025-9604
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was identified in coze-studio up to 0.2.4. The impacted element is an unknown function of the file backend/domain/plugin/encrypt/aes.go. The manipulation of the argument AuthSecretKey/StateSecretKey/OAuthTokenSecretKey leads to use of hard-coded cryptographic key
. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is regarded as difficult. To fix this issue, it is recommended to deploy a patch. The vendor replied to the GitHub issue (translated from simplified Chinese): "For scenarios requiring encryption, we will implement user-defined key management through configuration and optimize the use of encryption tools, such as random salt."
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9601 - iSourcecode Apartment Management System SQL Injection",
"Content": "CVE ID : CVE-2025-9601
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /setting/employee_salary_setup.php. The manipulation of the argument ddlEmpName results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9601 - iSourcecode Apartment Management System SQL Injection",
"Content": "CVE ID : CVE-2025-9601
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 3 minutes ago
Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /setting/employee_salary_setup.php. The manipulation of the argument ddlEmpName results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9374 - "Ultimate Tag Warrior Importer CSRF"",
"Content": "CVE ID : CVE-2025-9374
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : The Ultimate Tag Warrior Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to import tags granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9374 - "Ultimate Tag Warrior Importer CSRF"",
"Content": "CVE ID : CVE-2025-9374
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : The Ultimate Tag Warrior Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to import tags granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-9441 - WordPress iATS Online Forms SQL Injection",
"Content": "CVE ID : CVE-2025-9441
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : The iATS Online Forms plugin for WordPress is vulnerable to time-based SQL Injection via the โorder' parameter in all versions up to, and including, 1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-9441 - WordPress iATS Online Forms SQL Injection",
"Content": "CVE ID : CVE-2025-9441
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : The iATS Online Forms plugin for WordPress is vulnerable to time-based SQL Injection via the โorder' parameter in all versions up to, and including, 1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-53507 - iND Co.,Ltd iND Product Sensitive Information Disclosure",
"Content": "CVE ID : CVE-2025-53507
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration information, such as admin password, may be disclosed. As for the details of affected product names and versions, refer to the information under [Product Status].
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-53507 - iND Co.,Ltd iND Product Sensitive Information Disclosure",
"Content": "CVE ID : CVE-2025-53507
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration information, such as admin password, may be disclosed. As for the details of affected product names and versions, refer to the information under [Product Status].
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-53508 - iND Co.,Ltd iND Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-53508
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed and sensitive information may be obtained. As for the details of affected product names and versions, refer to the information under [Product Status].
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-53508 - iND Co.,Ltd iND Command Injection Vulnerability",
"Content": "CVE ID : CVE-2025-53508
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed and sensitive information may be obtained. As for the details of affected product names and versions, refer to the information under [Product Status].
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-8147 - WordPress LWSCache Plugin Authorization Bypass",
"Content": "CVE ID : CVE-2025-8147
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : The LWSCache plugin for WordPress is vulnerable to unauthorized modification of data due to improper authorization on the lwscache_activatePlugin() function in all versions up to, and including, 2.8.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate arbitrary whitelisted LWS plugins.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-8147 - WordPress LWSCache Plugin Authorization Bypass",
"Content": "CVE ID : CVE-2025-8147
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : The LWSCache plugin for WordPress is vulnerable to unauthorized modification of data due to improper authorization on the lwscache_activatePlugin() function in all versions up to, and including, 2.8.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate arbitrary whitelisted LWS plugins.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-8290 - WordPress List Subpages Stored Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-8290
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : The List Subpages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the โtitleโ parameter in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-8290 - WordPress List Subpages Stored Cross-Site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-8290
Published : Aug. 29, 2025, 5:15 a.m. | 1 hour, 12 minutes ago
Description : The List Subpages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the โtitleโ parameter in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "29 Aug 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น