CVE-2025-3846 – Markparticle WebServer SQL Injection Vulnerability

April 21, 2025

CVE ID : CVE-2025-3846

Published : April 21, 2025, 11:15 p.m. | 3 hours, 21 minutes ago

Description : A vulnerability was found in markparticle WebServer up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file code/http/httprequest.cpp of the component Registration. The manipulation of the argument username/password leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3847 – Markparticle WebServer SQL Injection Vulnerability

Next Article CVE-2025-39470 – ThimPress Ivy School PHP Local File Inclusion Vulnerability

Highlights

CVE-2025-7086 – Belkin F9K1122 Web PPTPSetup Stack-Based Buffer Overflow Vulnerability

July 7, 2025

CVE ID : CVE-2025-7086

Published : July 6, 2025, 5:15 p.m. | 11 hours, 44 minutes ago

Description : A vulnerability classified as critical has been found in Belkin F9K1122 1.00.33. Affected is the function formPPTPSetup of the file /goform/formPPTPSetup of the component webs. The manipulation of the argument pptpUserName leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

I finally gave NotebookLM my full attention – and it really is a total game changer

Google Chrome for iOS now lets you switch between personal and work accounts

How the Trump administration changed AI: A timeline

Download your photos before AT&T shuts down its cloud storage service permanently

Laravel Live Denmark

Laravel Live Denmark

The July 2025 Laravel Worldwide Meetup is Today

Livewire Security Vulnerability

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Halo and Half-Life combine in wild new mod, bringing two of my favorite games together in one — here’s how to play, and how it works

Surprise! The iconic Roblox ‘oof’ sound is back — the beloved meme makes “a comeback so good it hurts” after three years of licensing issues

CVE-2025-3846 – Markparticle WebServer SQL Injection Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

Microsoft admits issues in Windows 11 June 2025 Update with Print to PDF

Il direttore finanziario di Mozilla testimonia nel caso U.S.A. vs Google e il CEO va a favore di Google

CVE-2025-5888 – jsnjfz WebStack-Guns Cross-Site Request Forgery Vulnerability

CVE-2025-4827 – TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow

CVE-2025-7086 – Belkin F9K1122 Web PPTPSetup Stack-Based Buffer Overflow Vulnerability

CVE-2025-24338 – CtrlX OS Cross-Site Scripting (XSS)

CVE-2025-47280 – Umbraco Forms Email Injection Vulnerability

CVE-2025-3396 – GitLab EE API Request Forgery Vulnerability

CVE-2025-3846 – Markparticle WebServer SQL Injection Vulnerability

Related Posts