CVE-2025-5128 – ScriptAndTools Real-Estate-website-in-PHP SQL Injection Vulnerability

May 24, 2025

CVE ID : CVE-2025-5128

Published : May 24, 2025, 4:15 p.m. | 4 hours, 39 minutes ago

Description : A vulnerability, which was classified as critical, was found in ScriptAndTools Real-Estate-website-in-PHP 1.0. Affected is an unknown function of the file /admin/ of the component Admin Login Panel. The manipulation of the argument Password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5129 – Sangfor aTrust Directory Traversal Vulnerability

Next Article CVE-2025-5127 – FLIR AX8 Cross-Site Scripting Vulnerability

Highlights

CVE-2025-6112 – Tenda FH1205 Buffer Overflow Vulnerability

June 16, 2025

CVE ID : CVE-2025-6112

Published : June 16, 2025, 8:15 a.m. | 29 minutes ago

Description : A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Docker Compose gets new features for building and running agents

Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

Unmasking The Magic: The Wizard Of Oz Method For UX Research

Newest LF Decentralized Trust Lab HOPrS identifies if photos have been altered

Fed up with AI scraping your content? This open-source bot blocker can help – here’s how

It’s Ubisoft’s most polished game in years — Assassin’s Creed Shadows on Xbox Series X has a fantastic Amazon Prime Day discount

I’ve accepted that Adobe subscriptions are part of my creative life — but with these discounts, it stings much less than it used to

ChatGPT falls for a “dead grandma” scam and generates Microsoft Windows 7 activation keys — but they’re useless

NativePHP for Mobile v1.1: Smaller, Smarter, and Ready to Scale

NativePHP for Mobile v1.1: Smaller, Smarter, and Ready to Scale

Custom Object Casting in Laravel Models

PHP 8.5 Introduces an INI Diff Option

Mozilla VPN Linux App is Now Available on Flathub

Mozilla VPN Linux App is Now Available on Flathub

It’s Ubisoft’s most polished game in years — Assassin’s Creed Shadows on Xbox Series X has a fantastic Amazon Prime Day discount

I’ve accepted that Adobe subscriptions are part of my creative life — but with these discounts, it stings much less than it used to

CVE-2025-5128 – ScriptAndTools Real-Estate-website-in-PHP SQL Injection Vulnerability

Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

6 small steps I took to break my phone addiction – and you can too

Top Factors to Consider When Choosing the Right AI Service Provider

Reset Rate Limits Dynamically with Laravel’s clear Method

Community News: Latest PECL Releases (06.24.2025)

CVE-2025-6112 – Tenda FH1205 Buffer Overflow Vulnerability

CVE-2025-50146 – Apache HTTP Server Authentication Bypass

Train an AI Agent That Thinks and Predicts Like Stock Market Legends

Turn Data Chaos into AI Clarity with Data Quality Management

CVE-2025-5128 – ScriptAndTools Real-Estate-website-in-PHP SQL Injection Vulnerability

Related Posts