CVE-2025-8522 – Givanz Vvvebjs Node.js File Path Traversal Vulnerability

August 4, 2025

CVE ID : CVE-2025-8522

Published : Aug. 4, 2025, 7:15 p.m. | 4 hours, 28 minutes ago

Description : A vulnerability, which was classified as critical, was found in givanz Vvvebjs up to 2.0.4. Affected is an unknown function of the file /save.php of the component node.js. The manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-50340 – SOGo Webmail IDOR Email Spoofing

Next Article CVE-2025-8521 – Givanz Vvveb Add Type Handler Cross-Site Scripting Vulnerability

Highlights

CVE-2025-4649 – Centreon Web Privilege Escalation Vulnerability

May 13, 2025

CVE ID : CVE-2025-4649

Published : May 13, 2025, 12:15 p.m. | 4 hours, 9 minutes ago

Description : Improper Privilege Management vulnerability in Centreon web allows Privilege Escalation.
ACL are not correctly taken into account in the display of the “event logs” page. This page requiring, high privileges, will display all available logs.

This issue affects web: from 24.10.3 before 24.10.4, from 24.04.09 before 24.04.10, from 23.10.19 before 23.10.21, from 23.04.24 before 23.04.26.

Severity: 4.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2025-8522 – Givanz Vvvebjs Node.js File Path Traversal Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Multimodal AI Needs More Than Modality Support: Researchers Propose General-Level and General-Bench to Evaluate True Synergy in Generalist Models

CVE-2025-32951 – Jmix HTML Injection Vulnerability

Splitcat – split and merge files

The world’s smallest 65W USB-C charger is my latest travel essential

CVE-2025-4649 – Centreon Web Privilege Escalation Vulnerability

Microsoft Reportedly Hires More AI Talent from Google DeepMind

How to install IoT platform — Total.js

The art of cutting Test Maintenance in Half Welcome AI-Driven Performance Testing

CVE-2025-8522 – Givanz Vvvebjs Node.js File Path Traversal Vulnerability

Related Posts