CVE-2025-47166 – Microsoft Office SharePoint Remote Code Execution

June 11, 2025

CVE ID : CVE-2025-47166

Published : June 10, 2025, 5:23 p.m. | 18 hours, 51 minutes ago

Description : Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47167 – Microsoft Office Type Confusion Code Execution

Next Article CVE-2025-47164 – Microsoft Office Use After Free Remote Code Execution Vulnerability

Highlights

CVE-2024-13322 – WordPress Ads Pro Plugin SQL Injection Vulnerability

May 2, 2025

CVE ID : CVE-2024-13322

Published : May 2, 2025, 4:15 a.m. | 3 hours, 5 minutes ago

Description : The Ads Pro Plugin – Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘a_id’ parameter in all versions up to, and including, 4.88 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-47166 – Microsoft Office SharePoint Remote Code Execution

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

More From Our Main Blog: The Good, the Bad and the Ugly in Cybersecurity – Week 24

CVE-2025-49150 – Cursor JSON File Remote Request Vulnerability

Building Your AI Q&A Bot for Webpages Using Open Source AI Models

CVE-2025-49575 – Citizen is a MediaWiki skin that makes extensions

The Role of Linux in the Open-Source Security Ecosystem: Collaborative Solutions for a Safer Digital World

CVE-2024-13322 – WordPress Ads Pro Plugin SQL Injection Vulnerability

CVE-2022-21546 – Dell SBC Null Data Buffer Access Crash Vulnerability (Denial of Service)

CVE-2025-5975 – PHPGurukul Rail Pass Management System Cross Site Scripting Vulnerability

Identifying AI-generated images with SynthID

CVE-2025-47166 – Microsoft Office SharePoint Remote Code Execution

Related Posts