CVE-2025-48998 – DataEase Arbitrary File Deserialization

June 3, 2025

CVE ID : CVE-2025-48998

Published : June 3, 2025, 7:15 p.m. | 15 minutes ago

Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass of the patch for CVE-2025-27103 allows authenticated users to read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.10. No known workarounds are available.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5521 – WuKongOpenSource WukongCRM Cross-Site Request Forgery Vulnerability

Next Article CVE-2025-48997 – Multer DoS Denial of Service Vulnerability

Highlights

CVE-2025-4156 – PHPGurukul Boat Booking System SQL Injection Vulnerability

May 1, 2025

CVE ID : CVE-2025-4156

Published : May 1, 2025, 8:15 a.m. | 3 hours, 38 minutes ago

Description : A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-image.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

AI is currently in its teenage years, battling raging hormones

4 ways your organization can adapt and thrive in the age of AI

Google’s new Search tool turns financial info into interactive charts – how to try it

This rugged Android phone has something I’ve never seen on competing models

Anthropic’s new AI models for classified info are already in use by US gov

Handling PostgreSQL Migrations in Node.js

Handling PostgreSQL Migrations in Node.js

How to Add Product Badges in Optimizely Configured Commerce Spire

Salesforce Health Check Assessment Unlocks ROI

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Spf Permerror Troubleshooting Guide For Better Email Deliverability Today

Amap – Gather Info in Easy Way

CVE-2025-48998 – DataEase Arbitrary File Deserialization

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

CISA Alert: Critical Vulnerabilities Found in CyberData SIP Emergency Intercom Devices

Facebook privacy – why statements about copyright don’t do anything

Optimizing Imitation Learning: How X‑IL is Shaping the Future of Robotics

RCalc – RPN calculator

CVE-2025-46326 – Snowflake-Connector-Net TOCTOU Race Condition Vulnerability

CVE-2025-4156 – PHPGurukul Boat Booking System SQL Injection Vulnerability

CVE-2025-2893 – WordPress Gutenverse Stored Cross-Site Scripting (XSS)

SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools

Personalization to Boost Customer Engagement

CVE-2025-48998 – DataEase Arbitrary File Deserialization

Related Posts