CVE-2025-46816 – “goshs Command Injection Vulnerability”

May 6, 2025

CVE ID : CVE-2025-46816

Published : May 6, 2025, 7:16 p.m. | 19 minutes ago

Description : goshs is a SimpleHTTPServer written in Go. Starting in version 0.3.4 and prior to version 1.0.5, running goshs without arguments makes it possible for anyone to execute commands on the server. The function `dispatchReadPump` does not checks the option cli `-c`, thus allowing anyone to execute arbitrary command through the use of websockets. Version 1.0.5 fixes the issue.

Severity: 9.4 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46820 – GitHub phpgt/Dom GitHub Token Disclosure

Next Article CVE-2025-4388 – Liferay Portal/DXP Reflected Cross-Site Scripting (XSS) Vulnerability

Highlights

CVE-2025-4916 – PHPGurukul Auto Taxi Stand Management System SQL Injection Vulnerability

May 19, 2025

CVE ID : CVE-2025-4916

Published : May 19, 2025, 7:15 a.m. | 4 hours, 1 minute ago

Description : A vulnerability was found in PHPGurukul Auto Taxi Stand Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2025-46816 – “goshs Command Injection Vulnerability”

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2024-11185 – Arista EOS VLAN Isolation Bypass

STARFlow: Scaling Latent Normalizing Flows for High-resolution Image Synthesis

NVIDIA’s GeForce NOW just leveled up to RTX 5080 — here’s what that means for gamers

CVE-2025-7384 – “Elementor Forms PHP Object Injection Vulnerability”

CVE-2025-4916 – PHPGurukul Auto Taxi Stand Management System SQL Injection Vulnerability

KDE Plasma 6.4 Released, This is What’s New

The Complete Beginner’s Guide to Terminal/Command Prompt

Managing Providers in Terraform: AWS, Azure, and GCP

CVE-2025-46816 – “goshs Command Injection Vulnerability”

Related Posts