CVE-2025-3816 – Westboy CicadasCMS OS Command Injection Vulnerability

April 20, 2025

CVE ID : CVE-2025-3816

Published : April 19, 2025, 6:15 p.m. | 20 hours, 34 minutes ago

Description : A vulnerability classified as critical was found in westboy CicadasCMS 2.0. This vulnerability affects unknown code of the file /system/schedule/save of the component Scheduled Task Handler. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3822 – SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

Next Article CVE-2025-3808 – Zhenfeng13 My-BBS Cross-Site Request Forgery Vulnerability

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

Multiple reports suggest a Persona 4 Remake from Atlus will be announced during the Xbox Games Showcase

TC39 advances numerous proposals at latest meeting

TC39 advances numerous proposals at latest meeting

TypeBridge – zero ceremony, compile time rpc for client and server com

Simplify Cloud-Native Development with Quarkus Extensions

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

CVE-2025-3816 – Westboy CicadasCMS OS Command Injection Vulnerability

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

Critical Fortinet flaws now exploited in Qilin ransomware attacks

One of the best cheap earbuds I’ve tested isn’t made by Soundcore or Earfun (and it’s on sale)

Best Free and Open Source Alternatives to Microsoft Windows Clock

Justice Department Disrupts Cybercrime Network Selling Hacking Tools to Organized Crime Groups

elementary OS 8.1 Brings Bug Fixes, New Kernel + More

CVE-2025-44073 – SeaCMS SQL Injection Vulnerability

Can governments turn AI safety talk into action?

Google to offer free version of Gemini Code Assist

This modular Android phone made my Pixel 9 Pro feel boring – but it left me confused

CVE-2025-3816 – Westboy CicadasCMS OS Command Injection Vulnerability

Related Posts