CVE-2025-48045 – Apache Client Default Admin Credentials Disclosure

May 29, 2025

CVE ID : CVE-2025-48045

Published : May 29, 2025, 1:15 p.m. | 16 minutes ago

Description : An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48046 – Apache HTTP Server SMTP Server Password Disclosure Vulnerability

Next Article CVE-2025-48388 – FreeScout Format String Vulnerability

Highlights

CVE-2025-32974 – XWiki Cross-Site Scripting (XSS) and Privilege Escalation Vulnerability

April 30, 2025

CVE ID : CVE-2025-32974

Published : April 30, 2025, 3:16 p.m. | 25 minutes ago

Description : XWiki is a generic wiki platform. In versions starting from 15.9-rc-1 to before 15.10.8 and from 16.0.0-rc-1 to before 16.2.0, the required rights analysis doesn’t consider TextAreas with default content type. When editing a page, XWiki warns since version 15.9 when there is content on the page like a script macro that would gain more rights due to the editing. This analysis doesn’t consider certain kinds of properties, allowing a user to put malicious scripts in there that will be executed after a user with script, admin, or programming rights edited the page. Such a malicious script could impact the confidentiality, integrity and availability of the whole XWiki installation. This issue has been patched in versions 15.10.8 and 16.2.0.

Severity: 9.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2025-48045 – Apache Client Default Admin Credentials Disclosure

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

CVE-2025-30475 – Dell PowerScale InsightIQ Privilege Escalation Vulnerability

Microsoft Patches Four Critical Azure and Power Apps Vulnerabilities, Including CVSS 10 Privilege Escalation

Why Google Code Assist may finally be the programming power tool you need

Rilasciato Firefox 140: Novità e Miglioramenti del Browser Open Source

CVE-2025-32974 – XWiki Cross-Site Scripting (XSS) and Privilege Escalation Vulnerability

This AI Startup Is Making an Anime Series and Giving Away $1 Million to Creators

NVIDIA Researchers Introduce Dynamic Memory Sparsification (DMS) for 8× KV Cache Compression in Transformer LLMs

What to do when users just want the old version back

CVE-2025-48045 – Apache Client Default Admin Credentials Disclosure

Related Posts