CVE-2025-3958 – Withstars Books-Management-System Cross-Site Scripting Vulnerability

April 27, 2025

CVE ID : CVE-2025-3958

Published : April 27, 2025, 4:15 a.m. | 4 hours ago

Description : A vulnerability was found in withstars Books-Management-System 1.0. It has been classified as problematic. Affected is an unknown function of the file /book_edit_do.html of the component Book Edit Page. The manipulation of the argument Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3959 – “Withstars Books-Management-System Cross-Site Request Forgery Vulnerability”

Next Article CVE-2025-3957 – Opplus Springboot-Admin SQL Injection Vulnerability

Highlights

CVE-2025-5616 – PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

June 4, 2025

CVE ID : CVE-2025-5616

Published : June 4, 2025, 11:15 p.m. | 22 minutes ago

Description : A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Ultimate Guide to Node.js Development Pricing for Enterprises

Stack Overflow: Developers’ trust in AI outputs is worsening year over year

Web Components: Working With Shadow DOM

Google’s new Opal tool allows users to create mini AI apps with no coding required

5 preinstalled apps you should delete from your Samsung phone immediately

Ubuntu Linux lagging? Try my 10 go-to tricks to speed it up

How I survived a week with this $130 smartwatch instead of my Garmin and Galaxy Ultra

YouTube is using AI to verify your age now – and if it’s wrong, that’s on you to fix

Time-Controlled Data Processing with Laravel LazyCollection Methods

Time-Controlled Data Processing with Laravel LazyCollection Methods

Create Apple Wallet Passes in Laravel

The Laravel Idea Plugin is Now FREE for PhpStorm Users

New data shows Xbox is utterly dominating PlayStation’s storefront — accounting for 60% of the Q2 top 10 game sales spots

New data shows Xbox is utterly dominating PlayStation’s storefront — accounting for 60% of the Q2 top 10 game sales spots

Opera throws Microsoft to Brazil’s watchdogs for promoting Edge as your default browser — “Microsoft thwarts‬‭ browser‬‭ competition‬‭‬‭ at‬‭ every‬‭ turn”

Activision once again draws the ire of players for new Diablo Immortal marketing that appears to have been made with generative AI

CVE-2025-3958 – Withstars Books-Management-System Cross-Site Scripting Vulnerability

CVE-2025-43234 – Apple WatchOS/IOS/iPadOS/tvOS/macOS VisionOS Texture Corruption Vulnerability

CVE-2025-43237 – Apple macOS Sequoia Write Access Vulnerability

CVE-2025-5161 – H3C SecCenter SMP-E1114P Remote Path Traversal Vulnerability

Introducing My Second Project: Cross-Cultural Name Solutions

Microsoft brings AI model building to macOS with new Foundry tool

I found a mini PC that can be a powerful Windows alternative – and it’s not a Mac

CVE-2025-5616 – PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE-2025-5495 – Netgear WNR614 URL Handler Improper Authentication Remote RCE

Postman introduces Agent Mode to integrate the power of AI agents into Postman’s core capabilities

Boost team productivity with Amazon Q Business Insights

CVE-2025-3958 – Withstars Books-Management-System Cross-Site Scripting Vulnerability

Related Posts