CVE-2025-48916 – Drupal Bookable Calendar Missing Authorization

June 13, 2025

CVE ID : CVE-2025-48916

Published : June 13, 2025, 4:15 p.m. | 1 hour, 51 minutes ago

Description : Missing Authorization vulnerability in Drupal Bookable Calendar allows Forceful Browsing.This issue affects Bookable Calendar: from 0.0.0 before 2.2.13.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48917 – Drupal EU Cookie Compliance Cross-Site Scripting (XSS)

Next Article CVE-2025-48915 – Drupal COOKiES Consent Management Cross-Site Scripting (XSS)

Highlights

CVE-2025-6870 – SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

June 29, 2025

CVE ID : CVE-2025-6870

Published : June 29, 2025, 8:15 p.m. | 2 hours, 9 minutes ago

Description : A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Content.php?f=service. The manipulation of the argument img leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Middle(ware) Child

Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

Unmasking The Magic: The Wizard Of Oz Method For UX Research

Newest LF Decentralized Trust Lab HOPrS identifies if photos have been altered

How passkeys work: Do your favorite sites even support passkeys?

Samsung Galaxy Z Fold 7 vs. Z Fold 6: I tried both phones, and the difference is dramatic

Cor, blimey! The ASUS ROG Ally drops to its lowest-ever price for Amazon Prime Day in the UK — the only Windows handheld to permanently replace my Steam Deck

Owlcat Games talks to us about about WH40K: Rogue Trader, the next game ‘Dark Heresy’ — and how the studio feels about working with Xbox Game Pass

Custom Object Casting in Laravel Models

Custom Object Casting in Laravel Models

PHP 8.5 Introduces an INI Diff Option

Cally – Small, feature-rich calendar components

FOSS Weekly #25.28: Xfce Customization, CoMaps, Disk Space Clean-up, Deprecated Commands and More

FOSS Weekly #25.28: Xfce Customization, CoMaps, Disk Space Clean-up, Deprecated Commands and More

Kioxia Exceria Plus G2 Portable SSD 2TB Review

SphereView – image viewer

CVE-2025-48916 – Drupal Bookable Calendar Missing Authorization

Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

CVE-2023-53132 – “Mellanox MPI3MR Linux Kernel Memory Leak”

The world’s smallest 65W USB-C charger is my latest travel essential

CVE-2018-25112 – Siemens SIMATIC Denial of Service

Handling Indentation in VS Code

CVE-2025-6870 – SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

IBM Cloud login breaks for second time this week and Big Blue isn’t saying why

Classic WTF: Superhero Wanted

CVE-2025-48916 – Drupal Bookable Calendar Missing Authorization

Related Posts