CVE-2025-47599 – Facturante SQL Injection

May 26, 2025

CVE ID : CVE-2025-47599

Published : May 23, 2025, 1:15 p.m. | 2 days, 19 hours ago

Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in facturante Facturante allows SQL Injection. This issue affects Facturante: from n/a through 1.11.

Severity: 9.3 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleRilasciato il kernel Linux 6.15: Tutte le Novità della Nuova Versione

Next Article Rilasciato Immich 1.133: Soluzione Open Source per il Backup di Foto e Video con Importanti Novità

Highlights

CVE-2025-20214 – Cisco IOS XE NACM Unauthorized Data Access Vulnerability

May 7, 2025

CVE ID : CVE-2025-20214

Published : May 7, 2025, 6:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability in the Network Configuration Access Control Module (NACM) of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data.

This vulnerability exists because a subtle change in inner API call behavior causes results to be filtered incorrectly. An attacker could exploit this vulnerability by using either NETCONF, RESTCONF, or gRPC Network Management Interface (gNMI) protocols and query data on paths that may have been denied by the NACM configuration. A successful exploit could allow the attacker to access data that should have been restricted according to the NACM configuration.

Note: This vulnerability requires that the attacker obtain the credentials from a valid user with privileges lower than 15, and that NACM was configured to provide restricted read access for that user.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Microsoft Graph CLI to be retired

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

I asked AI to modify mission-critical code, and what happened next haunts me

Why you should delete your browser extensions right now – or do this to stay safe

Dolby Vision 2 comes with big upgrades – here’s which TVs get them first

This one small feature makes this travel charger my favorite for business trips

Laracon AU 2025 Talk Titles Revealed

Laracon AU 2025 Talk Titles Revealed

Stop Writing Bad Controllers: Laravel Custom Collections Transform Your Code

Handle ownership relationships between Eloquent models with Laravel Ownable

Lenovo Legion Go 2 confirmed with Ryzen Z2 Extreme, 1200p OLED 144Hz display & 74Wh battery

Lenovo Legion Go 2 confirmed with Ryzen Z2 Extreme, 1200p OLED 144Hz display & 74Wh battery

How to Open Ports in Firewall on Windows Server

Google TV Remote Not Working? 5 Quick Fixes

CVE-2025-47599 – Facturante SQL Injection

Malicious npm Package nodejs-smtp Mimics Nodemailer, Targets Atomic and Exodus Wallets

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware

Xbox’s Age of Empires 2: Definitive Edition is getting The Three Kingdoms DLC, bringing new units, campaigns, and more

CVE-2025-3642 – Moodle EQUELLA Remote Code Execution Vulnerability

CVE-2025-7642 – WordPress Simpler Checkout Plugin Authentication Bypass

Shifting the sands of RansomHub’s EDRKillShifter

CVE-2025-20214 – Cisco IOS XE NACM Unauthorized Data Access Vulnerability

CVE-2025-4329 – 74CMS Path Traversal Vulnerability

Google Can Keep Paying for Firefox Search Deal, Judge Rules

I’m a diehard Pixel fan, but I’m not upgrading to the Pixel 10. Here’s why

CVE-2025-47599 – Facturante SQL Injection

Related Posts