Security

CVE ID : CVE-2025-5301

Published : June 12, 2025, 8:15 a.m. | 1 hour, 43 minutes ago

Description : ONLYOFFICE Docs (DocumentServer) in versions equal and below 8.3.1 are affected by a reflected cross-site scripting (XSS) issue when opening files via the WOPI protocol. Attackers could inject malicious scripts via crafted HTTP POST requests, which are then reflected in the server’s HTML response.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6003

Published : June 12, 2025, 9:15 a.m. | 43 minutes ago

Description : The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due to a misconfigured capability check on a function in all versions up to, and including, the *.5.3 versions of the plugin. This makes it possible for unauthenticated attackers to extract sensitive data including site content that has been restricted to certain users and/or roles.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4613

Published : June 12, 2025, 9:15 a.m. | 43 minutes ago

Description : Path traversal in Google Web Designer’s template handling versions prior to 16.3.0.0407 on Windows allows attacker to achieve remote code execution by tricking users into downloading a malicious ad template

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access!

A recent coordinated security advisory issued by CERT@VDE and Weidmueller has disclosed three critical vulnerabilities affecting the IE-SR-2TX series of security routers, potentially allowing unauthen …
Read more

Published Date:
Jun 12, 2025 (5 hours, 24 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-41663

CVE-2025-41662

CVE-2025-41661

CVE-2025-25246

Mozilla Firefox 139.0.4 Released

Mozilla has rolled out Firefox version 139.0.4 on June 10, 2025, as a part of its ongoing commitment to performance stability, user experience enhancement, and robust security. This is a point-release …
Read more

Published Date:
Jun 12, 2025 (4 hours, 56 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-49710

CVE-2025-49709

CVE-2024-9680

CVE-2023-37201

CVE-2022-34470

Urgent GitLab Security Alert: High-Severity Flaws Allow Account Takeover & Code Injection!

GitLab has issued urgent security updates for its Community Edition (CE) and Enterprise Edition (EE), addressing a series of high-severity vulnerabilities that impact self-managed installations. The n …
Read more

Published Date:
Jun 12, 2025 (4 hours, 25 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE ID : CVE-2025-6006

Published : June 12, 2025, 2:15 a.m. | 2 hours, 57 minutes ago

Description : A vulnerability, which was classified as critical, has been found in kiCode111 like-girl 5.2.0. This issue affects some unknown processing of the file /admin/ImgUpdaPost.php. The manipulation of the argument id/imgText/imgDatd/imgUrl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6007

Published : June 12, 2025, 2:15 a.m. | 2 hours, 57 minutes ago

Description : A vulnerability, which was classified as critical, was found in kiCode111 like-girl 5.2.0. Affected is an unknown function of the file /admin/CopyadminPost.php. The manipulation of the argument icp/Copyright leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6008

Published : June 12, 2025, 2:15 a.m. | 2 hours, 57 minutes ago

Description : A vulnerability has been found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ImgAddPost.php. The manipulation of the argument imgDatd/imgText/imgUrl leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6005

Published : June 12, 2025, 2:15 a.m. | 2 hours, 57 minutes ago

Description : A vulnerability classified as critical was found in kiCode111 like-girl 5.2.0. This vulnerability affects unknown code of the file /admin/aboutPost.php. The manipulation of the argument title/aboutimg/info1/info2/info3/btn1/btn2/infox1/infox2/infox3/infox4/infox5/infox6/btnx2/infof1/infof2/infof3/infof4/btnf3/infod1/infod2/infod3/infod4/infod5 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2023-36636

Published : June 12, 2025, 3:15 a.m. | 1 hour, 57 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49814

Published : June 12, 2025, 3:15 a.m. | 1 hour, 57 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49815

Published : June 12, 2025, 3:15 a.m. | 1 hour, 57 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49816

Published : June 12, 2025, 3:15 a.m. | 1 hour, 57 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49818

Published : June 12, 2025, 3:15 a.m. | 1 hour, 57 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49817

Published : June 12, 2025, 3:15 a.m. | 1 hour, 57 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49819

Published : June 12, 2025, 3:15 a.m. | 1 hour, 57 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49820

Published : June 12, 2025, 3:15 a.m. | 1 hour, 57 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-6009

Published : June 12, 2025, 3:15 a.m. | 1 hour, 57 minutes ago

Description : A vulnerability was found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ipAddPost.php. The manipulation of the argument bz/ipdz leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-49821

Published : June 12, 2025, 3:15 a.m. | 1 hour, 57 minutes ago

Description : Rejected reason: Not used

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…