CVE-2025-43949 – MuM MapEdit SQL Injection Vulnerability

April 22, 2025

CVE ID : CVE-2025-43949

Published : April 22, 2025, 6:16 p.m. | 31 minutes ago

Description : MuM (aka Mensch und Maschine) MapEdit (aka mapedit-web) 24.2.3 is vulnerable to SQL Injection that allows an attacker to execute malicious SQL statements that control a web application’s database server.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-43950 – “Microsoft DPMAdirektPro DLL Hijacking Privilege Escalation Vulnerability”

Next Article CVE-2025-43948 – Codemers KLIMS Python Code Injection Vulnerability

Highlights

CVE-2025-47942 – Open edX Platform Python Lib Zip File Download Unauthorized Access Vulnerability

May 21, 2025

CVE ID : CVE-2025-47942

Published : May 21, 2025, 10:15 p.m. | 35 minutes ago

Description : The Open edX Platform is a learning management platform. Prior to commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, edxapp has no built-in protection against downloading the python_lib.zip asset from courses, which is a concern since it often contains custom grading code or answers to course problems. This potentially affects any course using custom Python-graded problem blocks. The openedx/configuration repo has had a patch since 2016 in the form of an nginx rule, but this was only intended as a temporary mitigation. As the configuration repo has been deprecated and we have not been able to locate any similar protection in Tutor, it is likely that most deployments have no protection against python_lib.zip being downloaded. The recommended mitigation, implemented in commit 6740e75c0fdc7ba095baf88e9f5e4f3e15cfd8ba, restricts python_lib.zip downloads to just the course team and site staff/superusers.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

AI-enabled software development: Risk of skill erosion or catalyst for growth?

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Power bank slapped with a recall? Stop using it now – here’s why

I recommend these budget earbuds over pricier Bose and Sony models – here’s why

Microsoft’s big AI update for Windows 11 is here – what’s new

Slow internet speed on Linux? This 30-second fix makes all the difference

Singleton and Scoped Container Attributes in Laravel 12.21

Singleton and Scoped Container Attributes in Laravel 12.21

wulfheart/laravel-actions-ide-helper

lanos/laravel-cashier-stripe-connect

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

Sam Altman is “terrified” of voice ID fraudsters embracing AI — and threats of US bioweapon attacks keep him up at night

NVIDIA boasts a staggering $111 million in market value per employee — since it became the world’s first $4 trillion company

CVE-2025-43949 – MuM MapEdit SQL Injection Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Why is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)

CVE-2025-48743 – SIGB PMB SQL Injection Vulnerability

CVE-2025-43954 – QMarkdown Quasar-ui-QMarkdown Cross-Site Scripting (XSS)

Error’d: Squaring the Circle

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

CVE-2025-47942 – Open edX Platform Python Lib Zip File Download Unauthorized Access Vulnerability

CVE-2025-53633 – Chall-Manager Zip Bomb Vulnerability

NVIDIA Researchers Introduce Dynamic Memory Sparsification (DMS) for 8× KV Cache Compression in Transformer LLMs

CVE-2025-5034 – WordPress wp-file-download Reflected Cross-Site Scripting

CVE-2025-43949 – MuM MapEdit SQL Injection Vulnerability

Related Posts