π¨ CVE-2025-65681
An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks.
π@cveNotify
An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks.
π@cveNotify
π¨ CVE-2025-65276
An unauthenticated administrative access vulnerability exists in the open-source HashTech project (https://github.com/henzljw/hashtech) 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5 (2021-07-02). Due to missing authentication checks on /admin_index.php, an attacker can directly access the admin dashboard without valid credentials. This allows full administrative control including viewing/modifying user accounts, managing orders, changing payments, and editing product listings. Successful exploitation can lead to information disclosure, data manipulation, and privilege escalation.
π@cveNotify
An unauthenticated administrative access vulnerability exists in the open-source HashTech project (https://github.com/henzljw/hashtech) 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5 (2021-07-02). Due to missing authentication checks on /admin_index.php, an attacker can directly access the admin dashboard without valid credentials. This allows full administrative control including viewing/modifying user accounts, managing orders, changing payments, and editing product listings. Successful exploitation can lead to information disclosure, data manipulation, and privilege escalation.
π@cveNotify
Gist
gist:c3bfcd1adf96d80952edbd03d0310836
GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2025-13742
Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when {name} is used in an email template, it will be replaced with the buyer's name for the final email. If the name of the attendee contained HTML or Markdown formatting, this was rendered as HTML in the resulting email. This way, a user could inject links or other formatted text through a maliciously formatted name. Since pretix applies a strict allow list approach to allowed HTML tags, this could not be abused for XSS or similarly dangerous attack chains. However, it can be used to manipulate emails in a way that makes user-provided content appear in a trustworthy and credible way, which can be abused for phishing.
π@cveNotify
Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when {name} is used in an email template, it will be replaced with the buyer's name for the final email. If the name of the attendee contained HTML or Markdown formatting, this was rendered as HTML in the resulting email. This way, a user could inject links or other formatted text through a maliciously formatted name. Since pretix applies a strict allow list approach to allowed HTML tags, this could not be abused for XSS or similarly dangerous attack chains. However, it can be used to manipulate emails in a way that makes user-provided content appear in a trustworthy and credible way, which can be abused for phishing.
π@cveNotify
π¨ CVE-2024-6060
An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with access to the log files to view logged HTTP requests that contain user passwords or other sensitive information.
π@cveNotify
An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with access to the log files to view logged HTTP requests that contain user passwords or other sensitive information.
π@cveNotify
Sonatype
CVE-2024-6060 | Sonatype Security Advisory
Sonatype Research team disclosed CVE-2024-6060. Explore how Phloc Webscopes 7.0.0 allows local attackers to access sensitive data in log files.
π¨ CVE-2025-65239
Incorrect access control in the /aux1/ocussd/trace endpoint of OpenCode Systems USSD Gateway OC Release:5, version 6.13.11 allows attackers with low-level privileges to read server logs.
π@cveNotify
Incorrect access control in the /aux1/ocussd/trace endpoint of OpenCode Systems USSD Gateway OC Release:5, version 6.13.11 allows attackers with low-level privileges to read server logs.
π@cveNotify
eslam3kl.gitbook.io
Welcome! | Eslam Ali Akl @eslam3kl
β οΈ Caution: This blog is mine alone. Everything posted here reflects my personal views only. Nothing I say represents my employer or any other organization Iβm affiliated with. Donβt confuse the two.
π¨ CVE-2025-66516
Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF.
This CVE covers the same vulnerability as in CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways.
First, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2 would still be vulnerable.
Second, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the "org.apache.tika:tika-parsers" module.
π@cveNotify
Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF.
This CVE covers the same vulnerability as in CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways.
First, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2 would still be vulnerable.
Second, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the "org.apache.tika:tika-parsers" module.
π@cveNotify
π¨ CVE-2025-43402
The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.1. An app may be able to cause unexpected system termination or corrupt process memory.
π@cveNotify
The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.1. An app may be able to cause unexpected system termination or corrupt process memory.
π@cveNotify
Apple Support
About the security content of macOS Tahoe 26.1 - Apple Support
This document describes the security content of macOS Tahoe 26.1.
π¨ CVE-2025-43530
This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2, macOS Sonoma 14.8.3, macOS Sequoia 15.7.3, iOS 18.7.3 and iPadOS 18.7.3. An app may be able to access sensitive user data.
π@cveNotify
This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2, macOS Sonoma 14.8.3, macOS Sequoia 15.7.3, iOS 18.7.3 and iPadOS 18.7.3. An app may be able to access sensitive user data.
π@cveNotify
Apple Support
About the security content of iOS 18.7.3 and iPadOS 18.7.3 - Apple Support
This document describes the security content of iOS 18.7.3 and iPadOS 18.7.3.
π¨ CVE-2025-15197
A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.
π@cveNotify
A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.
π@cveNotify
GitHub
Code-projects Content Management System V1.0 editposts.php Arbitrary file upload vulnerability Β· Issue #7 Β· Limingqian123/CVE
Code-projects Content Management System V1.0 editposts.php Arbitrary file upload vulnerability NAME OF AFFECTED PRODUCT(S) Content Management System Vendor Homepage https://code-projects.org/conten...
π¨ CVE-2025-66862
A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.
π@cveNotify
A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.
π@cveNotify
GitHub
CRGF-Vul/cxxfilt/crash3.md at main Β· caozhzh/CRGF-Vul
Reproduction of crashes generated in several fuzzing experiments by CRGF method - caozhzh/CRGF-Vul
π¨ CVE-2025-66863
An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.
π@cveNotify
An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.
π@cveNotify
GitHub
CRGF-Vul/cxxfilt/crash2.md at main Β· caozhzh/CRGF-Vul
Reproduction of crashes generated in several fuzzing experiments by CRGF method - caozhzh/CRGF-Vul
π¨ CVE-2025-66865
An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.
π@cveNotify
An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.
π@cveNotify
GitHub
CRGF-Vul/cxxfilt/crash4.md at main Β· caozhzh/CRGF-Vul
Reproduction of crashes generated in several fuzzing experiments by CRGF method - caozhzh/CRGF-Vul
π¨ CVE-2025-66869
Buffer overflow vulnerability in function strcat in asan_interceptors.cpp in libming 0.4.8.
π@cveNotify
Buffer overflow vulnerability in function strcat in asan_interceptors.cpp in libming 0.4.8.
π@cveNotify
GitHub
Multiple Crashes in v0.4.8 of swftophp when fuzzing test Β· Issue #366 Β· libming/libming
Test Environment Ubuntu 20.04.6 LTS libming-v0.4.8(TAG_NAME="ming-0_4_8") Step to reproduce ./autogen.sh ./configure --disable-shared --disable-freetype make ./swftophp "PoC file&quo...
π¨ CVE-2025-66877
Buffer overflow vulnerability in function dcputchar in decompile.c in libming 0.4.8.
π@cveNotify
Buffer overflow vulnerability in function dcputchar in decompile.c in libming 0.4.8.
π@cveNotify
GitHub
Multiple Crashes in v0.4.8 of swftophp when fuzzing test Β· Issue #367 Β· libming/libming
Test Environment Ubuntu 20.04.6 LTS libming-v0.4.8(TAG_NAME="ming-0_4_8") Step to reproduce ./autogen.sh ./configure --disable-shared --disable-freetype make ./swftophp "PoC file&quo...
π¨ CVE-2024-25181
A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery (SSRF) and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "file_get_contents" function within the "save.php" file.
π@cveNotify
A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery (SSRF) and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "file_get_contents" function within the "save.php" file.
π@cveNotify
Gist
CVE-2024-25181
CVE-2024-25181. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2025-15202
A vulnerability has been found in SohuTV CacheCloud up to 3.2.0. This affects the function taskQueueList of the file src/main/java/com/sohu/cache/web/controller/TaskController.java. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
A vulnerability has been found in SohuTV CacheCloud up to 3.2.0. This affects the function taskQueueList of the file src/main/java/com/sohu/cache/web/controller/TaskController.java. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
GitHub
XSS vulnerability on /manage/task/list Β· Issue #374 Β· sohutv/cachecloud
XSS vulnerability on /manage/task/list Summary In the latest version (v3.2) of CacheCloud, the endpoint /manage/task/list does not encode user-controllable parameters when outputting them on web pa...
π¨ CVE-2025-15203
A vulnerability was found in SohuTV CacheCloud up to 3.2.0. This impacts the function index of the file src/main/java/com/sohu/cache/web/controller/ResourceController.java. Performing manipulation results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
A vulnerability was found in SohuTV CacheCloud up to 3.2.0. This impacts the function index of the file src/main/java/com/sohu/cache/web/controller/ResourceController.java. Performing manipulation results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
GitHub
XSS vulnerability on /manage/app/resource/index Β· Issue #375 Β· sohutv/cachecloud
XSS vulnerability on /manage/app/resource/index Summary In the latest version (v3.2) of CacheCloud, the endpoint /manage/app/resource/index does not encode user-controllable parameters when outputt...
π¨ CVE-2024-25183
givanz VvvebJs 1.7.2 is vulnerable to Directory Traversal via scan.php.
π@cveNotify
givanz VvvebJs 1.7.2 is vulnerable to Directory Traversal via scan.php.
π@cveNotify
Gist
CVE-2024-25183
CVE-2024-25183. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2025-15204
A vulnerability was determined in SohuTV CacheCloud up to 3.2.0. Affected is the function doQuartzList of the file src/main/java/com/sohu/cache/web/controller/QuartzManageController.java. Executing manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
A vulnerability was determined in SohuTV CacheCloud up to 3.2.0. Affected is the function doQuartzList of the file src/main/java/com/sohu/cache/web/controller/QuartzManageController.java. Executing manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
GitHub
XSS vulnerability on /manage/quartz/list Β· Issue #376 Β· sohutv/cachecloud
XSS vulnerability on /manage/quartz/list Summary In the latest version (v3.2) of CacheCloud, the endpoint /manage/quartz/list does not encode user-controllable parameters when outputting them on we...
π¨ CVE-2025-15206
A flaw has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /admin/add_area.php. Executing manipulation of the argument txtAreaCode can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used.
π@cveNotify
A flaw has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /admin/add_area.php. Executing manipulation of the argument txtAreaCode can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used.
π@cveNotify
GitHub
Campcodes Supplier Management System V1.0 /Supply_Management_System/admin/add_area.php SQL injection Β· Issue #5 Β· IMZGforever/CVEs
NAME OF AFFECTED PRODUCT(S) Supplier Management System Vendor Homepage https://www.campcodes.com/projects/php/supplier-management-system-using-php-mysql/ AFFECTED AND/OR FIXED VERSION(S) Submitter ...
π¨ CVE-2025-15207
A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/view_products.php. The manipulation of the argument chkId[] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/view_products.php. The manipulation of the argument chkId[] leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
Campcodes Supplier Management System V1.0 /Supply_Management_System/admin/view_products.php SQL injection Β· Issue #6 Β· IMZGforever/CVEs
NAME OF AFFECTED PRODUCT(S) Supplier Management System Vendor Homepage https://www.campcodes.com/projects/php/supplier-management-system-using-php-mysql/ AFFECTED AND/OR FIXED VERSION(S) Submitter ...