CVE-2025-3847 – Markparticle WebServer SQL Injection Vulnerability

April 21, 2025

CVE ID : CVE-2025-3847

Published : April 21, 2025, 11:15 p.m. | 3 hours, 21 minutes ago

Description : A vulnerability classified as critical has been found in markparticle WebServer up to 1.0. This affects an unknown part of the file code/http/httprequest.cpp of the component Login. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3849 – YXJ2018 SpringBoot-Vue-OnlineExam Remote Unverified Password Change Vulnerability

Next Article CVE-2025-3846 – Markparticle WebServer SQL Injection Vulnerability

Highlights

CVE-2025-5334 – Devolutions Remote Desktop Manager Private Data Exposure and Unauthorized Access

May 29, 2025

CVE ID : CVE-2025-5334

Published : May 29, 2025, 3:15 p.m. | 1 hour, 47 minutes ago

Description : Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager
allows an authenticated user to gain unauthorized access to private personal information.

Under specific circumstances, entries may be unintentionally moved from user vaults to shared vaults when edited by their owners, making them accessible to other users.

This issue affects the following versions :

* Remote Desktop Manager Windows 2025.1.34.0 and earlier

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

AI is currently in its teenage years, battling raging hormones

4 ways your organization can adapt and thrive in the age of AI

Google’s new Search tool turns financial info into interactive charts – how to try it

This rugged Android phone has something I’ve never seen on competing models

Anthropic’s new AI models for classified info are already in use by US gov

Handling PostgreSQL Migrations in Node.js

Handling PostgreSQL Migrations in Node.js

How to Add Product Badges in Optimizely Configured Commerce Spire

Salesforce Health Check Assessment Unlocks ROI

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Spf Permerror Troubleshooting Guide For Better Email Deliverability Today

Amap – Gather Info in Easy Way

CVE-2025-3847 – Markparticle WebServer SQL Injection Vulnerability

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

Apple’s App Store shaken: Court ends ‘Apple tax’ on external purchases

10 Things You Should Know about Researching a Company (Free Download)

Graph Structure Learning Framework (GSLI): Advancing Spatial-Temporal Data Imputation through Multi-Scale Graph Learning

Accessibility essentials every front-end developer should know

How to Use a PHP Excel Spreadsheet Manipulation Class to Convert the Spreadsheet Position Letters to the Column Number

CVE-2025-5334 – Devolutions Remote Desktop Manager Private Data Exposure and Unauthorized Access

Microsoft 365 is dumping its VPN – try these alternatives instead

CVE-2025-4191 – PHPGurukul Employee Record Management System SQL Injection

Honey, the Amazon humanoid delivery robot is here! (well, almost)

CVE-2025-3847 – Markparticle WebServer SQL Injection Vulnerability

Related Posts