CVE-2024-53636 – Serosoft Academia Student Information System (SIS) EagleR File Upload Code Execution Vulnerability

April 26, 2025

CVE ID : CVE-2024-53636

Published : April 26, 2025, 3:15 p.m. | 3 hours, 47 minutes ago

Description : An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System (SIS) EagleR-1.0.118 allows attackers to execute arbitrary code via ../ in the filePath parameter.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46646 – Ghostscript UTF-8 Encoding Vulnerability

Next Article SatIntel is a OSINT tool for satellite reconnaissance

Highlights

CVE-2025-54138 – LibreNMS Remote File Inclusion Vulnerability

July 22, 2025

CVE ID : CVE-2025-54138

Published : July 22, 2025, 10:15 p.m. | 2 hours, 20 minutes ago

Description : LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. LibreNMS versions 25.6.0 and below contain an architectural vulnerability in the ajax_form.php endpoint that permits Remote File Inclusion based on user-controlled POST input. The application directly uses the type parameter to dynamically include .inc.php files from the trusted path includes/html/forms/, without validation or allowlisting. This pattern introduces a latent Remote Code Execution (RCE) vector if an attacker can stage a file in this include path — for example, via symlink, development misconfiguration, or chained vulnerabilities. This is fixed in version 25.7.0.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-42991 – SAP S/4HANA Bank Account Application Authorization Bypass

June 9, 2025

CVE-2025-34128 – X360 VideoPlayer Buffer Overflow Vulnerability

July 16, 2025

“Hey, why do I need Excel?”: Microsoft CEO Satya Nadella foresees a disruptive Agentic AI era that could “aggressively” collapse ‘Software as a Service’ apps

May 10, 2025

Stop writing tests: Automate fully with Generative AI

Opsera’s Codeglide.ai lets developers easily turn legacy APIs into MCP servers

Black Duck Security GitHub App, NuGet MCP Server preview, and more – Daily News Digest

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

This new Coros watch has 3 weeks of battery life and tracks way more – even fly fishing

5 ways automation can speed up your daily workflow – and implementation is easy

This new C-suite role is more important than ever in the AI era – here’s why

iPhone users may finally be able to send encrypted texts to Android friends with iOS 26

Creating Dynamic Real-Time Features with Laravel Broadcasting

Creating Dynamic Real-Time Features with Laravel Broadcasting

Understanding Tailwind CSS Safelist: Keep Your Dynamic Classes Safe!

Sitecore’s Content SDK: Everything You Need to Know

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Why GNOME Replaced Eye of GNOME with Loupe as the Default Image Viewer

Microsoft admits it broke “Reset this PC” in Windows 11 23H2 KB5063875, Windows 10 KB5063709

How to Fix “EA AntiCheat Has Detected an Incompatible Driver” on Windows 11?

CVE-2024-53636 – Serosoft Academia Student Information System (SIS) EagleR File Upload Code Execution Vulnerability

Investors beware: AI-powered financial scams swamp social media

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

CVE-2025-30751 – Oracle Database Server Create Procedure Privilege Escalation

How to Evaluate Jailbreak Methods: A Case Study with the StrongREJECT Benchmark

So, You’re Going to Dreamforce 2025? Here’s Everything You Need to Know

I recommend this $320 Lenovo tablet over the iPad for most people. Here’s why

CVE-2025-54138 – LibreNMS Remote File Inclusion Vulnerability

CVE-2025-42991 – SAP S/4HANA Bank Account Application Authorization Bypass

CVE-2025-34128 – X360 VideoPlayer Buffer Overflow Vulnerability

“Hey, why do I need Excel?”: Microsoft CEO Satya Nadella foresees a disruptive Agentic AI era that could “aggressively” collapse ‘Software as a Service’ apps

CVE-2024-53636 – Serosoft Academia Student Information System (SIS) EagleR File Upload Code Execution Vulnerability

Related Posts