CVE-2025-45855 – Erupt Elevation of Privilege (Arbitrary Code Execution)

June 3, 2025

CVE ID : CVE-2025-45855

Published : June 3, 2025, 2:15 p.m. | 1 hour, 14 minutes ago

Description : An arbitrary file upload vulnerability in the component /upload/GoodsCategory/image of erupt v1.12.19 allows attackers to execute arbitrary code via uploading a crafted file.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46154 – Foxcms SQL Time Injection Vulnerability

Next Article CVE-2025-5497 – Slackero PHPWCMS Feedimport Module Deserialization Vulnerability

Highlights

CVE-2025-24977 – OpenCTI Container Escalation Vulnerability

May 5, 2025

CVE ID : CVE-2025-24977

Published : May 5, 2025, 5:18 p.m. | 1 hour, 36 minutes ago

Description : OpenCTI is an open cyber threat intelligence (CTI) platform. Prior to version 6.4.11 any user with the capability `manage customizations` can execute commands on the underlying infrastructure where OpenCTI is hosted and can access internal server side secrets by misusing the web-hooks. Since the malicious user gets a root shell inside a container this opens up the the infrastructure environment for further attacks and exposures. Version 6.4.11 fixes the issue.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Microsoft turns Copilot into your personal shopping assistant

April 4, 2025

$800 million and 13 years later, here’s how you can play one of the world’s most expensive PC games for free

May 22, 2025

Meta AI Released the Perception Language Model (PLM): An Open and Reproducible Vision-Language Model to Tackle Challenging Visual Recognition Tasks

April 18, 2025

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

Copilot Vision just launched — and Microsoft already added new features

Master Data Management: The Key to Improved Analytics Reporting

Master Data Management: The Key to Improved Analytics Reporting

Salesforce Lead-to-Revenue Management

React Native 0.80 – React 19.1, JS API Changes, Freezing Legacy Arch and much more

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

CVE-2025-45855 – Erupt Elevation of Privilege (Arbitrary Code Execution)

Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces

Warning: Discontinued Amazon Cloud Cam Has Vulnerability (CVE-2025-6031), Exposing Your Network

Chinese APT IronHusky Deploys Updated MysterySnail RAT on Russia

CloudBees Unify, YugabyteDB adds support for DocumentDB, and more — SD Times Daily Digest

The Dark Coffee

Your Google Gemini assistant is getting 8 useful features – here’s the update log

CVE-2025-24977 – OpenCTI Container Escalation Vulnerability

Microsoft turns Copilot into your personal shopping assistant

$800 million and 13 years later, here’s how you can play one of the world’s most expensive PC games for free

Meta AI Released the Perception Language Model (PLM): An Open and Reproducible Vision-Language Model to Tackle Challenging Visual Recognition Tasks

CVE-2025-45855 – Erupt Elevation of Privilege (Arbitrary Code Execution)

Related Posts