CVE-2025-6131 – CodeAstro Food Ordering System Cross-Site Scripting Vulnerability

June 16, 2025

CVE ID : CVE-2025-6131

Published : June 16, 2025, 5:15 p.m. | 1 hour, 6 minutes ago

Description : A vulnerability, which was classified as problematic, was found in CodeAstro Food Ordering System 1.0. Affected is an unknown function of the file /admin/store/edit/ of the component POST Request Parameter Handler. The manipulation of the argument Restaurant Name/Address leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6179 – Google ChromeOS Extension Management Permissions Bypass

Next Article CVE-2025-6130 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow Vulnerability

Highlights

CVE-2024-13916 – Kruger&Matz com.pri.applock Fingerprint PIN Code Exfiltration

May 30, 2025

CVE ID : CVE-2024-13916

Published : May 30, 2025, 4:15 p.m. | 1 hour, 23 minutes ago

Description : An application “com.pri.applock”, which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data.
Exposed ”com.android.providers.settings.fingerprint.PriFpShareProvider“ content provider’s public method query() allows any other malicious application, without any granted Android system permissions, to exfiltrate the PIN code.

Vendor did not provide information about vulnerable versions.
Only version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

Parasoft C/C++test 2025.1, Secure Code Warrior AI Security Rules, and more – Daily News Digest

What I Wish Someone Told Me When I Was Getting Into ARIA

SD Times 100

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

‘No aggressive monetization’ — Nexus Mods’ new ownership responds to worried members

Build AI Agents That Run Your Day – While You Focus on What Matters

Build AI Agents That Run Your Day – While You Focus on What Matters

Faster Builds in Meteor 3.3: Modern Build Stack with SWC and Bundler Optimizations

How to Change Redirect After Login/Register in Laravel Breeze

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

CVE-2025-6131 – CodeAstro Food Ordering System Cross-Site Scripting Vulnerability

The “Infinite Workday” is Here: Microsoft Warns of Never-Ending Work Driven by Hybrid Models & AI

Mastodon Cracks Down: New Terms Ban Unauthorized AI Data Scraping

CVE-2025-26872 – Eximius Unrestricted File Upload Vulnerability

CVE-2025-4323 – Apache MRCMS Cross Site Scripting Vulnerability

CVE-2025-35010 – Microhard BulletLTE-NA2 and IPn4Gii-NA2 Command Injection Vulnerability

Fedora Linux è ora una distribuzione WSL ufficiale

CVE-2024-13916 – Kruger&Matz com.pri.applock Fingerprint PIN Code Exfiltration

CVE-2025-0163 – IBM Security Verify Access Appliance and Docker Information Disclosure Vulnerability

18 Best Free Fonts for Designers: Expert-Picked Collection (2025)

CVE-2025-5484 – SinoTrack Default Password Vulnerability (Weak Authentication)

CVE-2025-6131 – CodeAstro Food Ordering System Cross-Site Scripting Vulnerability

Related Posts