CVE-2024-57698 – Modernwms Information Disclosure Vulnerability

April 29, 2025

CVE ID : CVE-2024-57698

Published : April 29, 2025, 8:15 p.m. | 2 hours, 53 minutes ago

Description : An issue in modernwms v.1.0 allows an attacker view the MD5 hash of the administrator password and other attributes without authentication, even after initial configuration and password change. This happens due to excessive exposure of information and the lack of adequate access control on the /user/list?culture=en-us endpoint.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4078 – Wangshen SecGate 3600 2400 File Path Traversal Vulnerability

Next Article CVE-2025-0520 – ShowDoc Unrestricted File Upload RCE

Highlights

CVE-2025-55741 – UnoPim Laravel Mass Delete Privilege Escalation Vulnerability

August 22, 2025

CVE ID : CVE-2025-55741

Published : Aug. 22, 2025, 4:15 p.m. | 9 hours, 59 minutes ago

Description : UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intended access controls by issuing requests to the mass-delete endpoint, allowing them to delete products without proper authorization. This vulnerability allows unauthorized product deletion, leading to potential data loss and business disruption. The issue is fixed in version 0.3.1. No known workarounds exist.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

From Data To Decisions: UX Strategies For Real-Time Dashboards

Honeycomb launches AI observability suite for developers

Low-Code vs No-Code Platforms for Node.js: What CTOs Must Know Before Investing

ServiceNow unveils Zurich AI platform

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Distribution Release: Q4OS 6.1

Optimizely Mission Control – Part III

Optimizely Mission Control – Part III

Learning from PHP Log to File Example

Online EMI Calculator using PHP – Calculate Loan EMI, Interest, and Amortization Schedule

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

Dmitry — The Deep Magic

Right way to record and share our Terminal sessions

CVE-2024-57698 – Modernwms Information Disclosure Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-5985 – Code-projects School Fees Payment System Remote Authentication Bypass Vulnerability

Basic Networking Part 6 – What is OSI Model?

FUSS – Debian-based Linux distribution

CVE-2025-5825 – Autel MaxiCharger AC Wallbox Commercial Firmware Remote Code Execution Vulnerability

CVE-2025-55741 – UnoPim Laravel Mass Delete Privilege Escalation Vulnerability

ImageMagick Flaw (CVE-2025-53101): Stack Buffer Overflow Allows Potential Remote Code Execution

Windows 11 KB5055523 install fails, Windows Hello not working (April 2025 Update issues)

CVE-2025-44861 – TOTOLINK CA300-POE Command Injection

CVE-2024-57698 – Modernwms Information Disclosure Vulnerability

Related Posts