CVE-2025-45855 – Erupt Elevation of Privilege (Arbitrary Code Execution)

June 3, 2025

CVE ID : CVE-2025-45855

Published : June 3, 2025, 2:15 p.m. | 1 hour, 14 minutes ago

Description : An arbitrary file upload vulnerability in the component /upload/GoodsCategory/image of erupt v1.12.19 allows attackers to execute arbitrary code via uploading a crafted file.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46154 – Foxcms SQL Time Injection Vulnerability

Next Article CVE-2025-5497 – Slackero PHPWCMS Feedimport Module Deserialization Vulnerability

Highlights

CVE-2025-3895 – MegaBIP Password Reset Token Brute Force Vulnerability

May 23, 2025

CVE ID : CVE-2025-3895

Published : May 23, 2025, 11:15 a.m. | 1 hour, 24 minutes ago

Description : Token used for resetting passwords in MegaBIP software are generated using a small space of random values combined with a queryable value.
It allows an unauthenticated attacker who know user login names to brute force these tokens and change account passwords (including these belonging to administrators).
Version 5.20 of MegaBIP fixes this issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

ChatGPT now has an agent mode

Scrum Alliance and Kanban University partner to offer new course that teaches both methodologies

Is ChatGPT down? You’re not alone. Here’s what OpenAI is saying

I found a tablet that could replace my iPad and Kindle – and it’s worth every penny

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

Execute Ping Commands and Get Back Structured Data in PHP

Execute Ping Commands and Get Back Structured Data in PHP

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

Microsoft confirms active cyberattacks on SharePoint servers

How to Manually Check & Install Windows 11 Updates (Best Guide)

CVE-2025-45855 – Erupt Elevation of Privilege (Arbitrary Code Execution)

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics

Flexbar (clone USB della Touch Bar di Apple) ora supporta GNU/Linux

Announcing Google DeepMind

Mozilla interrompe lo sviluppo di DeepSpeech

Vulnerabilità di sicurezza in Linux: come i rootkit basati su io_uring aggirano i sistemi di rilevamento

CVE-2025-3895 – MegaBIP Password Reset Token Brute Force Vulnerability

CVE-2025-46383 – Apache Web Server Cross-Site Scripting

CVE-2025-53320 – Wp Enhanced Free Downloads EDD Cross-site Scripting

The top 6 TVs ZDNET readers are buying (no. 1 has the best picture quality we’ve ever seen)

CVE-2025-45855 – Erupt Elevation of Privilege (Arbitrary Code Execution)

Related Posts