CVE-2025-4551 – ContiNew Admin Cross Site Scripting Vulnerability

May 11, 2025

CVE ID : CVE-2025-4551

Published : May 11, 2025, 11:15 p.m. | 1 hour, 15 minutes ago

Description : A vulnerability, which was classified as problematic, was found in ContiNew Admin up to 3.6.0. Affected is an unknown function of the file /dev-api/common/file. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4552 – ContiNew Admin Remote Unverified Password Change Vulnerability

Next Article CVE-2025-4550 – PHPGurukul Apartment Visitors Management System SQL Injection Vulnerability

Highlights

CVE-2025-5723 – SourceCodester Student Result Management System Cross-Site Scripting Vulnerability

June 6, 2025

CVE ID : CVE-2025-5723

Published : June 6, 2025, 5:15 a.m. | 31 minutes ago

Description : A vulnerability was found in SourceCodester Student Result Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /script/academic/classes of the component Classes Page. The manipulation of the argument Class Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

STALKER 2’s latest free update restores major A-life AI features to NPCs — making them more like the original game at last

June 25, 2025

cambd – Cambridge dictionary CLI app

August 18, 2025

CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation

July 29, 2025

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-4551 – ContiNew Admin Cross Site Scripting Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

For a Quick Way to See Disk Space in Ubuntu, Try This Extension

The next chapter of our Gemini era

I highly recommend shopping these early health tracker Memorial Day deals

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

CVE-2025-5723 – SourceCodester Student Result Management System Cross-Site Scripting Vulnerability

STALKER 2’s latest free update restores major A-life AI features to NPCs — making them more like the original game at last

cambd – Cambridge dictionary CLI app

CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation

CVE-2025-4551 – ContiNew Admin Cross Site Scripting Vulnerability

Related Posts