CVE-2024-58258 – SugarCRM SSRF Vulnerability

July 13, 2025

CVE ID : CVE-2024-58258

Published : July 13, 2025, 10:15 p.m. | 2 hours, 15 minutes ago

Description : SugarCRM before 13.0.4 and 14.x before 14.0.1 allows SSRF in the API module because a limited type of code injection can occur.

Severity: 7.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7546 – GNU Binutils Out-of-Bounds Write Vulnerability

Next Article CVE-2025-7545 – “GNU Binutils Heap-Based Buffer Overflow”

Highlights

CVE-2025-4589 – WordPress Bon Toolkit Stored Cross-Site Scripting Vulnerability

May 15, 2025

CVE ID : CVE-2025-4589

Published : May 15, 2025, 4:16 a.m. | 39 minutes ago

Description : The Bon Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘bt-map’ shortcode in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

JFrog finds MCP-related vulnerability, highlighting need for stronger focus on security in MCP ecosystem

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

Distribution Release: CachyOS 250713

Most AI projects are abandoned – 5 ways to ensure your data efforts succeed

How agentic AI is transforming the very foundations of business strategy

The best Xbox and PC headset I’ve used for the last couple years is on sale

The details of TC39’s last meeting

The details of TC39’s last meeting

new Date(“wtf”) – How well do you know JavaScript’s Date class?

Francisco Bergeret Paves the Way Through Strong Leadership at Perficient

Distribution Release: CachyOS 250713

Distribution Release: CachyOS 250713

Word for the Web Finally Gets Proper Header and Footer Editing

Windows 11 Build 27898 Adds Small Taskbar Icons, Quick Recovery, Smarter Sharing

CVE-2024-58258 – SugarCRM SSRF Vulnerability

CVE-2025-7537 – Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE-2025-7538 – Campcodes Sales and Inventory System File Upload Vulnerability

CVE-2025-2421 – Profelis Informatics SambaBox Code Injection Vulnerability

CVE-2025-46535 – AlphaEfficiencyTeam Custom Login and Registration Missing Authorization Vulnerability

CVE-2025-4881 – iSourcecode Restaurant Management System SQL Injection

CVE-2025-7210 – Apache Ros Library Management System File Upload Vulnerability

CVE-2025-4589 – WordPress Bon Toolkit Stored Cross-Site Scripting Vulnerability

Rilasciato Agama 16: l’Installatore di openSUSE Introduce il Supporto per Wayland

Does Making Fewer HTTP Requests Improve Page Speed?

Set Laravel User Locale in Middleware

CVE-2024-58258 – SugarCRM SSRF Vulnerability

Related Posts