CVE-2025-4136 – Weitong Mall Remote Unauthorized Access Vulnerability

April 30, 2025

CVE ID : CVE-2025-4136

Published : April 30, 2025, 8:15 p.m. | 2 hours, 54 minutes ago

Description : A vulnerability was found in Weitong Mall 1.0.0. It has been classified as critical. This affects an unknown part of the component Sale Endpoint. The manipulation of the argument ID leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2022-27562 – HCL Domino Volt HTML Injection Vulnerability

Next Article CVE-2025-2082 – Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability

Highlights

CVE-2025-53025 – Oracle VirtualBox Core Privilege Escalation Vulnerability

July 16, 2025

CVE ID : CVE-2025-53025

Published : July 15, 2025, 8:15 p.m. | 6 hours, 38 minutes ago

Description : Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Severity: 6.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Functionally, a Date

Creating Elastic And Bounce Effects With Expressive Animator

Microsoft shares Insiders preview of Visual Studio 2026

From Data To Decisions: UX Strategies For Real-Time Dashboards

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Can I use React Server Components (RSCs) today?

Can I use React Server Components (RSCs) today?

Perficient Named among Notable Providers in Forrester’s Q3 2025 Commerce Services Landscape

Sarah McDowell Helps Clients Build a Strong AI Foundation Through Salesforce

I Ran Local LLMs on My Android Phone

I Ran Local LLMs on My Android Phone

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

CVE-2025-4136 – Weitong Mall Remote Unauthorized Access Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-46337 – ADOdb PostgreSQL SQL Injection Vulnerability

Ori and the Blind Forest studio head says they could be forced to “shut down” due to the impact of negative Steam reviews for ‘No Rest for the Wicked’

Deena Piquion from Xerox on Data, Disruption, and Digital Natives

CVE-2025-5603 – Campcodes Hospital Management System SQL Injection Vulnerability

CVE-2025-53025 – Oracle VirtualBox Core Privilege Escalation Vulnerability

CVE-2025-5985 – Code-projects School Fees Payment System Remote Authentication Bypass Vulnerability

Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)

CVE-2025-4887 – SourceCodester Online Student Clearance System Cross-Site Request Forgery Vulnerability

CVE-2025-4136 – Weitong Mall Remote Unauthorized Access Vulnerability

Related Posts