CVE-2025-32011 – KUNBUS PiCtory Authentication Bypass Vulnerability

May 1, 2025

CVE ID : CVE-2025-32011

Published : May 1, 2025, 7:15 p.m. | 53 minutes ago

Description : KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to a path traversal.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-24522 – KUNBUS Revolution Pi Node-RED Remote Command Execution

Next Article CVE-2025-35975 – MicroDicom DICOM Viewer Out-of-Bounds Write RCE

Highlights

CVE-2025-4808 – PHPGurukul Park Ticketing Management System SQL Injection Vulnerability

May 16, 2025

CVE ID : CVE-2025-4808

Published : May 16, 2025, 8:15 p.m. | 48 minutes ago

Description : A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0 and classified as critical. This issue affects some unknown processing of the file /add-normal-ticket.php. The manipulation of the argument noadult leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2025-32011 – KUNBUS PiCtory Authentication Bypass Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Google pulls the plug on your old Nest – but you get nearly 50% off a new thermostat

CISA Warns of Chrome 0-Day Vulnerability Exploited in Attacks

CVE-2025-46254 – Visual Composer Cross-Site Scripting (XSS)

CVE-2025-48283 – Majestic Support SQL Injection Vulnerability

CVE-2025-4808 – PHPGurukul Park Ticketing Management System SQL Injection Vulnerability

I wish this version of the Microsoft Store shipped 10 years ago

CVE-2025-4963 – “WordPress WP Extended Stored Cross-Site Scripting”

GOG is delisting two of the best indie games ever — buy them now before it’s too late

CVE-2025-32011 – KUNBUS PiCtory Authentication Bypass Vulnerability

Related Posts