CVE-2025-3706 – 104 Corporation eHRMS Reflected Cross-site Scripting Vulnerability

April 28, 2025

CVE ID : CVE-2025-3706

Published : April 28, 2025, 3:15 a.m. | 5 hours, 13 minutes ago

Description : The eHRMS from 104 Corporation has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user’s browser through phishing attacks.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3997 – Dazhouda lecms Cross-Site Request Forgery (CSRF) Vulnerability

Next Article CVE-2025-3996 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

Highlights

CVE-2025-4306 – PHPGurukul Nipah Virus Testing Management System SQL Injection

May 5, 2025

CVE ID : CVE-2025-4306

Published : May 6, 2025, 3:15 a.m. | 19 minutes ago

Description : A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

From Data To Decisions: UX Strategies For Real-Time Dashboards

Honeycomb launches AI observability suite for developers

Low-Code vs No-Code Platforms for Node.js: What CTOs Must Know Before Investing

ServiceNow unveils Zurich AI platform

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Optimizely Mission Control – Part III

Optimizely Mission Control – Part III

Learning from PHP Log to File Example

Online EMI Calculator using PHP – Calculate Loan EMI, Interest, and Amortization Schedule

DistroWatch Weekly, Issue 1139

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

Dmitry — The Deep Magic

CVE-2025-3706 – 104 Corporation eHRMS Reflected Cross-site Scripting Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-42979 – SAP GUI for Windows Credentials Obfuscation Vulnerability

Seagate’s 4TB Xbox Series X|S Expansion Card is $70 off — but only until June 22

CodeSOD: A Single Lint Problem

Windows 11 Gets New UI Customization: Reposition System Indicator Bar to Top-Center or Top-Left

CVE-2025-4306 – PHPGurukul Nipah Virus Testing Management System SQL Injection

CVE-2025-55154 – ImageMagick Stack-Based Buffer Overflow

Why GaN Chargers Are the Future of Efficient, High-Power Charging Technology

Critical mcp-remote Vulnerability Exposes LLM Clients to Remote Code Execution Attacks

CVE-2025-3706 – 104 Corporation eHRMS Reflected Cross-site Scripting Vulnerability

Related Posts