CVE-2025-14714 - TCC Bypass via Inherited Permissions in Bundled Interpreter
CVE ID : CVE-2025-14714
Published : Dec. 15, 2025, 11:15 a.m. | 30 minutes ago
Description : An Authentication Bypass vulnerability existed where the application bundled an interpreter (Python) that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with the application's TCC privileges In fixed versions parent-constraints are used to allow only the main application to launch interpreter with those permissions This issue affects LibreOffice on macOS: from 25.2 before < 25.2.4.
Severity: 0.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14714
Published : Dec. 15, 2025, 11:15 a.m. | 30 minutes ago
Description : An Authentication Bypass vulnerability existed where the application bundled an interpreter (Python) that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with the application's TCC privileges In fixed versions parent-constraints are used to allow only the main application to launch interpreter with those permissions This issue affects LibreOffice on macOS: from 25.2 before < 25.2.4.
Severity: 0.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-37731 - Elasticsearch Improper Authentication
CVE ID : CVE-2025-37731
Published : Dec. 15, 2025, 11:15 a.m. | 30 minutes ago
Description : Improper Authentication in Elasticsearch PKI realm can lead to user impersonation via specially crafted client certificates. A malicious actor would need to have such a crafted client certificate signed by a legitimate, trusted Certificate Authority.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-37731
Published : Dec. 15, 2025, 11:15 a.m. | 30 minutes ago
Description : Improper Authentication in Elasticsearch PKI realm can lead to user impersonation via specially crafted client certificates. A malicious actor would need to have such a crafted client certificate signed by a legitimate, trusted Certificate Authority.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-37732 - Kibana Cross-site Scripting via the Integration Package Upload Functionality
CVE ID : CVE-2025-37732
Published : Dec. 15, 2025, 11:15 a.m. | 30 minutes ago
Description : Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an authenticated user to render HTML tags within a user’s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-37732
Published : Dec. 15, 2025, 11:15 a.m. | 30 minutes ago
Description : Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an authenticated user to render HTML tags within a user’s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-66388 - Apache Airflow: Secrets in rendered templates not redacted properly and exposed in the UI
CVE ID : CVE-2025-66388
Published : Dec. 15, 2025, 11:30 a.m. | 15 minutes ago
Description : A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in rendered templates due to secrets not being properly redacted, potentially exposing secrets to users without the appropriate authorization. Users are recommended to upgrade to version 3.1.4, which fixes this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-66388
Published : Dec. 15, 2025, 11:30 a.m. | 15 minutes ago
Description : A vulnerability in Apache Airflow allowed authenticated UI users to view secret values in rendered templates due to secrets not being properly redacted, potentially exposing secrets to users without the appropriate authorization. Users are recommended to upgrade to version 3.1.4, which fixes this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65430 - Allauth Django Authentication Token Validation Bypass
CVE ID : CVE-2025-65430
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in allauth-django before 65.13.0. IdP: marking a user as is_active=False after having handed tokens for that user while the account was still active had no effect. Fixed the access/refresh tokens are now rejected.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65430
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in allauth-django before 65.13.0. IdP: marking a user as is_active=False after having handed tokens for that user while the account was still active had no effect. Fixed the access/refresh tokens are now rejected.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65431 - Okta NetIQ Allauth Vulnerability: Substitution of Identifiers
CVE ID : CVE-2025-65431
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferred_username as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65431
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferred_username as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65778 - Wekan HTML Injection Vulnerability
CVE ID : CVE-2025-65778
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Uploaded attachments can be served with attacker-controlled Content-Type (text/html), allowing execution of attacker-supplied HTML/JS in the application's origin and enabling session/token theft and CSRF actions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65778
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Uploaded attachments can be served with attacker-controlled Content-Type (text/html), allowing execution of attacker-supplied HTML/JS in the application's origin and enabling session/token theft and CSRF actions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65779 - Wekan Unauthenticated Board Reordering Vulnerability
CVE ID : CVE-2025-65779
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Unauthenticated attackers can update a board's "sort" value (Boards.allow returns true without verifying userId), allowing arbitrary reordering of boards.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65779
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Unauthenticated attackers can update a board's "sort" value (Boards.allow returns true without verifying userId), allowing arbitrary reordering of boards.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65780 - Wekan Privilege Escalation Unauthorized Access Vulnerability
CVE ID : CVE-2025-65780
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authenticated users can update their entire user document (beyond profile fields), including orgs/teams and loginDisabled, due to missing server-side authorization checks; this enables privilege escalation and unauthorized access to other teams/orgs.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65780
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authenticated users can update their entire user document (beyond profile fields), including orgs/teams and loginDisabled, due to missing server-side authorization checks; this enables privilege escalation and unauthorized access to other teams/orgs.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65781 - Wekan Open Source Kanban Board System Bearer Token Abuse
CVE ID : CVE-2025-65781
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Attachment upload API treats the Authorization bearer value as a userId and enters a non-terminating body-handling branch for any non-empty bearer token, enabling trivial application-layer DoS and latent identity-spoofing.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65781
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Attachment upload API treats the Authorization bearer value as a userId and enters a non-terminating body-handling branch for any non-empty bearer token, enabling trivial application-layer DoS and latent identity-spoofing.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65782 - Wekan Authorization Bypass Vote Forgery Vulnerability
CVE ID : CVE-2025-65782
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authorization flaw in card update handling allows board members (and potentially other authenticated users) to add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vote forgery and unauthorized voting.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65782
Published : Dec. 15, 2025, 2:15 p.m. | 1 hour, 33 minutes ago
Description : An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authorization flaw in card update handling allows board members (and potentially other authenticated users) to add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vote forgery and unauthorized voting.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-12900 - FileBird – WordPress Media Library Folders & File Manager <= 6.5.1 - Missing Authorization to Authenticated (Author+) Global Folders Tampering
CVE ID : CVE-2025-12900
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to missing authorization in all versions up to, and including, 6.5.1 via the "ConvertController::insertToNewTable" function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with author level access and above, to inject global folders and reassign arbitrary media attachments to those folders under certain circumstances.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-12900
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to missing authorization in all versions up to, and including, 6.5.1 via the "ConvertController::insertToNewTable" function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with author level access and above, to inject global folders and reassign arbitrary media attachments to those folders under certain circumstances.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13367 - User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin <= 4.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
CVE ID : CVE-2025-13367
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcode attributes in all versions up to, and including, 4.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13367
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcode attributes in all versions up to, and including, 4.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13608 - CC Child Pages <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'child_pages' Shortcode
CVE ID : CVE-2025-13608
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The CC Child Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'child_pages' shortcode in all versions up to, and including, 2.0.0. This is due to insufficient input sanitization and output escaping on four user-supplied attributes (use_custom_link, use_custom_link_target, use_custom_thumbs, and use_custom_excerpt) in the 'show_child_pages' function. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13608
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The CC Child Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'child_pages' shortcode in all versions up to, and including, 2.0.0. This is due to insufficient input sanitization and output escaping on four user-supplied attributes (use_custom_link, use_custom_link_target, use_custom_thumbs, and use_custom_excerpt) in the 'show_child_pages' function. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13610 - RegistrationMagic <= 6.0.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'RM_Forms' Shortcode
CVE ID : CVE-2025-13610
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'RM_Forms' shortcode in all versions up to, and including, 6.0.6.7 due to insufficient input sanitization and output escaping on the 'theme' attribute. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13610
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'RM_Forms' shortcode in all versions up to, and including, 6.0.6.7 due to insufficient input sanitization and output escaping on the 'theme' attribute. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13728 - FluentAuth - Auth Security Plugin <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'fluent_auth_reset_password' Shortcode
CVE ID : CVE-2025-13728
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The FluentAuth – The Ultimate Authorization & Security Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `fluent_auth_reset_password` shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13728
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The FluentAuth – The Ultimate Authorization & Security Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `fluent_auth_reset_password` shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13950 - OneSignal – Web Push Notifications <= 3.6.1 - Missing Authorization to Unauthenticated Plugin Settings Update
CVE ID : CVE-2025-13950
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The OneSignal – Web Push Notifications plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settings handling functionality in all versions up to, and including, 3.6.1. This is due to the plugin processing POST requests without verifying user capabilities or nonces. This makes it possible for unauthenticated attackers to overwrite the OneSignal App ID, REST API key, and notification behavior via direct POST requests.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13950
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The OneSignal – Web Push Notifications plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settings handling functionality in all versions up to, and including, 3.6.1. This is due to the plugin processing POST requests without verifying user capabilities or nonces. This makes it possible for unauthenticated attackers to overwrite the OneSignal App ID, REST API key, and notification behavior via direct POST requests.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14003 - Image Gallery – Photo Grid & Video Gallery <= 2.13.3 - Missing Authorization to Authenticated (Author+) Arbitrary Gallery Modification
CVE ID : CVE-2025-14003
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `add_images_to_gallery_callback()` function in all versions up to, and including, 2.13.3. This makes it possible for authenticated attackers, with Author-level access and above, to add images to arbitrary Modula galleries owned by other users.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14003
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `add_images_to_gallery_callback()` function in all versions up to, and including, 2.13.3. This makes it possible for authenticated attackers, with Author-level access and above, to add images to arbitrary Modula galleries owned by other users.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14156 - Fox LMS – WordPress LMS Plugin 1.0.4.7 - 1.0.5.1 - Unauthenticated Privilege Escalation via 'createOrder'
CVE ID : CVE-2025-14156
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The Fox LMS – WordPress LMS Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.5.1. This is due to the plugin not properly validating the 'role' parameter when creating new users via the `/fox-lms/v1/payments/create-order` REST API endpoint. This makes it possible for unauthenticated attackers to create new user accounts with arbitrary roles, including administrator, leading to complete site compromise.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14156
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The Fox LMS – WordPress LMS Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.5.1. This is due to the plugin not properly validating the 'role' parameter when creating new users via the `/fox-lms/v1/payments/create-order` REST API endpoint. This makes it possible for unauthenticated attackers to create new user accounts with arbitrary roles, including administrator, leading to complete site compromise.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14383 - Booking Calendar <= 10.14.8 - Unauthenticated SQL Injection via dates_to_check
CVE ID : CVE-2025-14383
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The Booking Calendar plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'dates_to_check' parameter in all versions up to, and including, 10.14.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14383
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : The Booking Calendar plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'dates_to_check' parameter in all versions up to, and including, 10.14.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34179 - NetSupport Manager < 14.12.0001 Unauthenticated SQLi Local File Disclosure
CVE ID : CVE-2025-34179
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : NetSupport Manager < 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL through the LinkName/URI value, a remote attacker can control the FileName field used by the server to read and return files from disk, resulting in arbitrary local file disclosure.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34179
Published : Dec. 15, 2025, 3:15 p.m. | 33 minutes ago
Description : NetSupport Manager < 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL through the LinkName/URI value, a remote attacker can control the FileName field used by the server to read and return files from disk, resulting in arbitrary local file disclosure.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...