CVE-2025-5139 – Qualitor Office365 File Command Injection Vulnerability

May 25, 2025

CVE ID : CVE-2025-5139

Published : May 25, 2025, 1:15 a.m. | 3 hours, 48 minutes ago

Description : A vulnerability was found in Qualitor 8.20. It has been rated as critical. Affected by this issue is some unknown functionality of the file /html/ad/adconexaooffice365/request/testaConexaoOffice365.php. The manipulation of the argument nmconexao leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5140 – Seeyon Zhiyuan OA Web Application System Server-Side Request Forgery Vulnerability

Next Article CVE-2025-5138 – Bitwarden PDF File Handler Cross Site Scripting Vulnerability

Highlights

CVE-2025-3801 – Songquanpeng One-Api Cross Site Scripting Vulnerability

April 20, 2025

CVE ID : CVE-2025-3801

Published : April 19, 2025, 2:15 p.m. | 14 hours, 38 minutes ago

Description : A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

How Red Hat just quietly, radically transformed enterprise server Linux

OpenAI wants ChatGPT to be your ‘super assistant’ – what that means

The best Linux VPNs of 2025: Expert tested and reviewed

One of my favorite gaming PCs is 60% off right now

`document.currentScript` is more useful than I thought.

`document.currentScript` is more useful than I thought.

Adobe Sensei and GenAI in Practice for Enterprise CMS

Over The Air Updates for React Native Apps

You can now open ChatGPT on Windows 11 with Win+C (if you change the Settings)

You can now open ChatGPT on Windows 11 with Win+C (if you change the Settings)

Microsoft says Copilot can use location to change Outlook’s UI on Android

TempoMail — Command Line Temporary Email in Linux

CVE-2025-5139 – Qualitor Office365 File Command Injection Vulnerability

Chrome Zero-Day Alert: CVE-2025-5419 Actively Exploited in the Wild

CISA Adds 5 Actively Exploited Vulnerabilities to KEV Catalog: ASUS Routers, Craft CMS, and ConnectWise Targeted

Apple Researchers Propose KV-Runahead: An Efficient Parallel LLM Inference Technique to Minimize the Time-to-First-Token

FCC Adopts BGP, School Cybersecurity Plans

Industry analyst predicts iPhones to get 9% price hike amidst US tariffs – and I believe it

Revolutionizing Computing: How Windows 365 Link Brings the Cloud PC Dream to Life?

CVE-2025-3801 – Songquanpeng One-Api Cross Site Scripting Vulnerability

Notion Windows App Not Working: 7 Ways to Fix it

Google’s Veo 2 costs you $30 per minute and is more expensive than Sora

Tor Browser 13.5.14 Update Fixes Critical Security Flaw for Windows 7, 8, and 8.1

CVE-2025-5139 – Qualitor Office365 File Command Injection Vulnerability

Related Posts