CVE-2025-50979 – NodeBB SQL Injection

August 27, 2025

CVE ID : CVE-2025-50979

Published : Aug. 27, 2025, 6:15 p.m. | 7 hours, 34 minutes ago

Description : NodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint (/api/v3/search/categories). The search query parameter is not properly sanitized, allowing unauthenticated, remote attackers to inject boolean-based blind and PostgreSQL error-based payloads.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-55422 – FoxCMS Reflected Cross Site Scripting (XSS)

Next Article CVE-2025-34161 – Coolify Remote Code Execution Vulnerability

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Best React.js Development Services in 2025: Features, Benefits & What to Look For

Report: Samsung’s tri-fold phone, XR headset, and AI smart glasses to be revealed at Sep 29 Unpacked event

Are smart glasses with built-in hearing aids viable? My verdict after months of testing

These 7 smart plug hacks that saved me time, money, and energy (and how I set them up)

Amazon will sell you the iPhone 16 Pro for $250 off right now – how the deal works

Fake News Detection using Python Machine Learning (ML)

Fake News Detection using Python Machine Learning (ML)

Common FP – A New JS Utility Lib

Call for Speakers – JS Conf Armenia 2025

Chrome on Windows 11 FINALLY Gets Touch Drag and Drop, Matching Native Apps

Chrome on Windows 11 FINALLY Gets Touch Drag and Drop, Matching Native Apps

Fox Sports not Working: 7 Quick Fixes to Stream Again

Capital One Zelle not Working: 7 Fast Fixes

CVE-2025-50979 – NodeBB SQL Injection

CVE-2024-32832 – Hamid Alinia Login with Phone Number Missing Authorization

CVE-2025-31100 – Mojoomla School Management Unrestricted File Upload Vulnerability

VS meldt actief misbruik van kritiek lek in Erlang Erlang/OTP SSH Server

CVE-2025-5730 – WordPress Contact Form Plugin Stored Cross-Site Scripting Vulnerability

CVE-2025-4244 – Code-Projects Online Bus Reservation System SQL Injection

CVE-2025-20277 – Cisco Unified CCX Path Traversal Remote Code Execution

Windows 11 is testing Taskbar companions and it might be another AI feature

Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin

CVE-2025-20164 – “Cisco Industrial Ethernet Switch Device Manager Privilege Elevation Vulnerability”

AI Guardrails and Trustworthy LLM Evaluation: Building Responsible AI Systems

CVE-2025-50979 – NodeBB SQL Injection

Related Posts