CVE-2025-5162 – H3C SecCenter SMP-E1114P02 Remote File Upload Vulnerability

May 26, 2025

CVE ID : CVE-2025-5162

Published : May 26, 2025, 1:15 a.m. | 3 hours, 55 minutes ago

Description : A vulnerability, which was classified as critical, has been found in H3C SecCenter SMP-E1114P02 up to 20250513. Affected by this issue is some unknown functionality of the file /safeEvent/importFile/. The manipulation of the argument logGeneralFile/logGeneralFile_2 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5163 – “Yangshare WarehouseManager Remote Unauthenticated Access Control Bypass”

Next Article CVE-2025-5161 – H3C SecCenter SMP-E1114P Remote Path Traversal Vulnerability

Highlights

CVE-2025-5490 – WordPress Football Pool Stored Cross-Site Scripting Vulnerability

June 19, 2025

CVE ID : CVE-2025-5490

Published : June 19, 2025, 6:15 a.m. | 4 hours, 21 minutes ago

Description : The Football Pool plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.12.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

Severity: 5.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences

From Zero to MCP: Simplifying AI Integrations with xmcp

Distribution Release: Linux Mint 22.2

Coded Smorgasbord: Basically, a Smorgasbord

Drupal 11’s AI Features: What They Actually Mean for Your Team

Drupal 11’s AI Features: What They Actually Mean for Your Team

Why Data Governance Matters More Than Ever in 2025?

Perficient Included in the IDC Market Glance for Digital Business Professional Services, 3Q25

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

CVE-2025-5162 – H3C SecCenter SMP-E1114P02 Remote File Upload Vulnerability

Critical Linux UDisks Daemon Vulnerability (CVE-2025-8067) Exposes Privileged Data to Local Attackers

Google Slapped with $381 Million Fine in France Over Gmail Ads, Cookie Consent Missteps

CVE-2025-5345 – Bluebird IsdcardRemoteService Unauthenticated File Manipulation Vulnerability

Minimal CSS-only blurry image placeholders

Microsoft’s AI CEO says Google nearly launched “ChatGPT” before OpenAI — but brutal skeptics, fears of disrupting search, and safety concerns thwarted the plan

How to Hire Top AI Developers

CVE-2025-5490 – WordPress Football Pool Stored Cross-Site Scripting Vulnerability

Mapping the misuse of generative AI

CVE-2025-48468 – “Juniper JTAG Firmware Injection Vulnerability”

DistroWatch Weekly, Issue 1122

CVE-2025-5162 – H3C SecCenter SMP-E1114P02 Remote File Upload Vulnerability

Related Posts