CVE-2025-6266 – FLIR AX8 Unrestricted File Upload Vulnerability

June 19, 2025

CVE ID : CVE-2025-6266

Published : June 19, 2025, 12:15 p.m. | 29 minutes ago

Description : A vulnerability was found in FLIR AX8 up to 1.46. It has been declared as critical. This vulnerability affects unknown code of the file /upload.php. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4738 – Yirmibes Software MY ERP SQL Injection

Next Article CVE-2025-6019 – Libblockdev Polkit Local Privilege Escalation

Highlights

CVE-2025-5528 – WordPress Sassy Social Share Reflected Cross-Site Scripting Vulnerability

June 7, 2025

CVE ID : CVE-2025-5528

Published : June 7, 2025, 12:15 p.m. | 3 hours, 15 minutes ago

Description : The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in all versions up to, and including, 3.3.75 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action, such as clicking on a link.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

Meet Accessible UX Research, A Brand-New Smashing Book

How to free up your Mac’s storage space – 3 easy ways

I finally found a mini PC with a striking design (and the power to back it up)

The best password generators of 2025: Expert tested

Facebook’s new passkey support could soon let you ditch your password forever

eslint-plugin-mutate

eslint-plugin-mutate

Event-Driven Microservice Backend For a Modern E-commerce Platform.

Search Params Are State – How TanStack Router Solves It

You Can Now Auto-Generate Google Forms Using Gemini Using Prompts or Files – Here’s How

You Can Now Auto-Generate Google Forms Using Gemini Using Prompts or Files – Here’s How

Google Helps Devs Build Safe Android Apps with THIS Play Policy – Find Out More Here

Microsoft Edge for Business Now Lets Admins Push Encrypted Passwords to Users Securely

CVE-2025-6266 – FLIR AX8 Unrestricted File Upload Vulnerability

CISA Warning: Critical Flaw (CVE-2025-5310) Exposes Fueling Station Devices

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data

GameSir just showed off its G7 Pro “Xbox Elite” controller, and it looksspectacular

CVE-2025-32431 – Traefik Path Traversal Vulnerability

Non-Human Identities: How to Address the Expanding Security Risk

How Much Does It Cost to Develop a React Native App in 2025? (Real-World Examples Included)💰

CVE-2025-5528 – WordPress Sassy Social Share Reflected Cross-Site Scripting Vulnerability

CVE-2025-4164 – PHPGurukul Employee Record Management System SQL Injection Vulnerability

Rilasciato Terminator 2.1.5: Il Terminale Avanzato per GNU/Linux

CVE-2025-49195 – Apache FTP Unrestricted Authentication

CVE-2025-6266 – FLIR AX8 Unrestricted File Upload Vulnerability

Related Posts