CVE-2025-26844 – Znuny Cookie Without HttpOnly Flag Vulnerability

May 8, 2025

CVE ID : CVE-2025-26844

Published : May 8, 2025, 4:15 p.m. | 3 hours, 22 minutes ago

Description : An issue was discovered in Znuny through 7.1.3. A cookie is set without the HttpOnly flag.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-45842 – TOTOLINK NR1800X Buffer Overflow Vulnerability

Next Article CVE-2023-51328 – PHPJabbers Cleaning Business Software Stored XSS

Highlights

CVE-2025-4060 – PHPGurukul Notice Board System SQL Injection Vulnerability

April 29, 2025

CVE ID : CVE-2025-4060

Published : April 29, 2025, 1:15 p.m. | 2 hours, 47 minutes ago

Description : A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file /category.php. The manipulation of the argument catname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2025-26844 – Znuny Cookie Without HttpOnly Flag Vulnerability

Critical Lucee Flaw (CVE-2025-34074, CVSS 9.4): Authenticated RCE Via Scheduled Task Abuse, Metasploit Module Out

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

AI tariff report: Everything you need to know

Microsoft Edge 136 revamps many of the browser’s sections

Fedora 43 sancisce la fine di X11 su GNOME: Wayland prende il comando

CVE-2025-6032 – Podman TLS Certificate Verification Bypass Vulnerability

CVE-2025-4060 – PHPGurukul Notice Board System SQL Injection Vulnerability

This amplifier easily turns any of my Bluetooth devices into a modern home audio system

CVE-2025-38155 – “Qualcomm Atheros mt76 Wireless Null Pointer Dereference Vulnerability”

5 Android browsers that are better than Chrome (and why I prefer them)

CVE-2025-26844 – Znuny Cookie Without HttpOnly Flag Vulnerability

Related Posts