CVE-2025-39350 – Rocket Apps wProject Missing Authorization Vulnerability

May 19, 2025

CVE ID : CVE-2025-39350

Published : May 19, 2025, 8:15 p.m. | 3 hours, 59 minutes ago

Description : Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-39357 – Mojoomla Hospital Management System SQL Injection

Next Article CVE-2025-39356 – Chimpstudio Foodbakery Sticky Cart Object Injection Vulnerability

Highlights

CVE-2025-6735 – Juzaweb CMS Remote Improper Authorization Vulnerability

June 26, 2025

CVE ID : CVE-2025-6735

Published : June 27, 2025, 12:15 a.m. | 1 hour, 18 minutes ago

Description : A vulnerability classified as critical has been found in juzaweb CMS 3.4.2. Affected is an unknown function of the file /admin-cp/imports of the component Import Page. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

Laravel in the First Half of 2025

Laravel in the First Half of 2025

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

GOnnect – easy to use VoIP client

GOnnect – easy to use VoIP client

Gnuinos – spin of Devuan Linux

5 Best Free and Open Source Backend Electronic Circuit Simulators

CVE-2025-39350 – Rocket Apps wProject Missing Authorization Vulnerability

CVE-2025-38221 – Linux Kernel ext4 Out-of-Bounds Punch Offset Vulnerability

CVE-2025-38222 – Linux ext4 Inline Data Overflow

CVE-2025-52875 – JetBrains TeamCity DOM-Based XSS

CVE-2025-6089 – Astun Technology iShare Maps Open Redirect Vulnerability

CVE-2025-5427 – Juzaweb CMS Permalinks Page Remote Access Control Bypass Vulnerability

Frigoligo is a wallabag client

CVE-2025-6735 – Juzaweb CMS Remote Improper Authorization Vulnerability

Distribution Release: Network Security Toolkit 42-14476

WordPress AI Engine Flaw (CVE-2025-5071): Critical Bug Allows Subscriber-Level Account Takeover

The Evolution of Webinject

CVE-2025-39350 – Rocket Apps wProject Missing Authorization Vulnerability

Related Posts