CVE-2023-47298 – “NCR Terminal Handler Information Disclosure Vulnerability”

June 23, 2025

CVE ID : CVE-2023-47298

Published : June 23, 2025, 3:15 p.m. | 3 hours, 9 minutes ago

Description : An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46101 – Beakon Software Beakon Learning Management System SCORM SQL Injection

Next Article CVE-2023-48978 – NCR ITM Web Terminal Remote Code Execution Vulnerability

Highlights

CVE-2025-4803 – WPPedia PHP Object Injection Vulnerability

May 21, 2025

CVE ID : CVE-2025-4803

Published : May 21, 2025, 12:16 p.m. | 2 hours, 34 minutes ago

Description : The Glossary by WPPedia – Best Glossary plugin for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.0 via deserialization of untrusted input from the ‘posttypes’ parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.

Severity: 7.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2023-47298 – “NCR Terminal Handler Information Disclosure Vulnerability”

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

New SonicBoom Attack Allows Bypass of Authentication for Admin Access

Laravel API Errors and Exceptions: How to Return Responses

CVE-2025-48885 – XWiki URL Shortener Unauthenticated Page Creation Vulnerability

Supercharge your development with Claude Code and Amazon Bedrock prompt caching

CVE-2025-4803 – WPPedia PHP Object Injection Vulnerability

CVE-2025-40628 – DomainsPRO SQL Injection

DICE Responds to Battlefield 6 Community: Key Updates on Map Flow and Class Mechanics

CVE-2025-22430 – Apache Access Control Information Disclosure Vulnerability

CVE-2023-47298 – “NCR Terminal Handler Information Disclosure Vulnerability”

Related Posts