CVE-2025-48493 – “Redis AUTH Credentials Exposed in Yii Logs”

June 5, 2025

CVE ID : CVE-2025-48493

Published : June 5, 2025, 5:15 p.m. | 1 hour, 13 minutes ago

Description : The Yii 2 Redis extension provides the redis key-value store support for the Yii framework 2.0. On failing connection, the extension writes commands sequence to logs. Prior to version 2.0.20, AUTH parameters are written in plain text exposing username and password. That might be an issue if attacker has access to logs. Version 2.0.20 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5670 – PHPGurukul Medical Card Generation System SQL Injection

Next Article CVE-2025-49009 – Facebook Para Facebook Auth Token Information Disclosure

Highlights

CVE-2025-5710 – “Code-projects Real Estate Property Management System SQL Injection Vulnerability”

June 5, 2025

CVE ID : CVE-2025-5710

Published : June 6, 2025, 2:15 a.m. | 1 hour, 29 minutes ago

Description : A vulnerability, which was classified as critical, has been found in code-projects Real Estate Property Management System 1.0. This issue affects some unknown processing of the file /Admin/InsertState.php. The manipulation of the argument txtStateName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

AI is currently in its teenage years, battling raging hormones

4 ways your organization can adapt and thrive in the age of AI

Google’s new Search tool turns financial info into interactive charts – how to try it

This rugged Android phone has something I’ve never seen on competing models

Anthropic’s new AI models for classified info are already in use by US gov

Handling PostgreSQL Migrations in Node.js

Handling PostgreSQL Migrations in Node.js

How to Add Product Badges in Optimizely Configured Commerce Spire

Salesforce Health Check Assessment Unlocks ROI

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Spf Permerror Troubleshooting Guide For Better Email Deliverability Today

Amap – Gather Info in Easy Way

CVE-2025-48493 – “Redis AUTH Credentials Exposed in Yii Logs”

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

CISA Alert: Critical Vulnerabilities Found in CyberData SIP Emergency Intercom Devices

Ubuntu 24.04 e le vulnerabilità nei Namespace non privilegiati: cosa sapere

5 ways AI can help with your taxes – and 10 major mistakes to avoid

New HIPAA Security Rule Would Strengthen Healthcare Cybersecurity

CVE-2025-46577 – GoldenDB Database SQL Injection Vulnerability

CVE-2025-5710 – “Code-projects Real Estate Property Management System SQL Injection Vulnerability”

CVE-2025-48491 – Project AI Exposed Hardcoded API Key Vulnerability

Study shows vision-language models can’t handle queries with negation words

How to automate Accounts Payable using LLM-Powered Multi Agent Systems

CVE-2025-48493 – “Redis AUTH Credentials Exposed in Yii Logs”

Related Posts