CVE-2025-5387 – JeeWMS File Handler Improper Access Controls Remote Vulnerability

May 31, 2025

CVE ID : CVE-2025-5387

Published : May 31, 2025, 6:15 p.m. | 2 hours, 43 minutes ago

Description : A vulnerability classified as critical has been found in JeeWMS up to 20250504. Affected is the function dogenerate of the file /generateController.do?dogenerate of the component File Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5388 – JeeWMS SQL Injection Vulnerability

Next Article New Apache InLong Vulnerability (CVE-2025-27522) Exposes Systems to Remote Code Execution Risks

Highlights

CVE-2025-4035 – Libsoup Cookie Domain Bypass Vulnerability

April 29, 2025

CVE ID : CVE-2025-4035

Published : April 29, 2025, 1:15 p.m. | 2 hours, 47 minutes ago

Description : A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2025-5387 – JeeWMS File Handler Improper Access Controls Remote Vulnerability

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

Reliably Detecting Third-Party Cookie Blocking In 2025

How Infosys built a generative AI solution to process oil and gas drilling data with Amazon Bedrock

CVE-2025-32992 – Thermo Fisher Scientific ePort Authentication Bypass

CVE-2025-7638 – Forminator Forms SQL Injection

CVE-2025-4035 – Libsoup Cookie Domain Bypass Vulnerability

CVE-2025-36027 – IBM Datacap Clickjacking Vulnerability

resticprofile is a configuration profiles manager and scheduler

CVE-2025-3997 – Dazhouda lecms Cross-Site Request Forgery (CSRF) Vulnerability

CVE-2025-5387 – JeeWMS File Handler Improper Access Controls Remote Vulnerability

Related Posts