CVE-2025-48046 – Apache HTTP Server SMTP Server Password Disclosure Vulnerability

May 29, 2025

CVE ID : CVE-2025-48046

Published : May 29, 2025, 1:15 p.m. | 16 minutes ago

Description : An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP GET request to the /config.php endpoint.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48047 – NetFax Server Command Injection Vulnerability

Next Article CVE-2025-48045 – Apache Client Default Admin Credentials Disclosure

Highlights

CVE-2025-9277 – SiteSEO – WordPress Stored Cross-Site Scripting

August 26, 2025

CVE ID : CVE-2025-9277

Published : Aug. 26, 2025, 11:15 p.m. | 3 hours, 39 minutes ago

Description : The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the broken preg_replace expression in all versions up to, and including, 1.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Best React.js Development Services in 2025: Features, Benefits & What to Look For

Report: Samsung’s tri-fold phone, XR headset, and AI smart glasses to be revealed at Sep 29 Unpacked event

Are smart glasses with built-in hearing aids viable? My verdict after months of testing

These 7 smart plug hacks that saved me time, money, and energy (and how I set them up)

Amazon will sell you the iPhone 16 Pro for $250 off right now – how the deal works

Fake News Detection using Python Machine Learning (ML)

Fake News Detection using Python Machine Learning (ML)

Common FP – A New JS Utility Lib

Call for Speakers – JS Conf Armenia 2025

Chrome on Windows 11 FINALLY Gets Touch Drag and Drop, Matching Native Apps

Chrome on Windows 11 FINALLY Gets Touch Drag and Drop, Matching Native Apps

Fox Sports not Working: 7 Quick Fixes to Stream Again

Capital One Zelle not Working: 7 Fast Fixes

CVE-2025-48046 – Apache HTTP Server SMTP Server Password Disclosure Vulnerability

CVE-2024-32832 – Hamid Alinia Login with Phone Number Missing Authorization

CVE-2025-31100 – Mojoomla School Management Unrestricted File Upload Vulnerability

Xbox Insiders can now try Gaming Copilot in Windows Game Bar

CloudBees Unify, YugabyteDB adds support for DocumentDB, and more — SD Times Daily Digest

Google Chrome Now Scans Your PC for Windows 11 Upgrade Eligibility as Windows 10 Nears EOL

CVE-2025-4272 – Mechrevo Control Console DLL Search Path Vulnerability

CVE-2025-9277 – SiteSEO – WordPress Stored Cross-Site Scripting

What’s Quick Machine Recovery, and how to set it up? Windows 11 recovery feature explained.

CVE-2025-44148 – MailEnable Cross Site Scripting (XSS)

CVE-2025-50348 – PHPGurukul Pre-School Enrollment System Project Directory Traversal Vulnerability

CVE-2025-48046 – Apache HTTP Server SMTP Server Password Disclosure Vulnerability

Related Posts