CVE-2025-6489 – iSourcecode Agri-Trading Online Shopping System SQL Injection Vulnerability

June 22, 2025

CVE ID : CVE-2025-6489

Published : June 22, 2025, 7:15 p.m. | 5 hours, 39 minutes ago

Description : A vulnerability has been found in itsourcecode Agri-Trading Online Shopping System 1.0 and classified as critical. This vulnerability affects unknown code of the file /transactionsave.php. The manipulation of the argument del leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6490 – Nokogiri Heap-Based Buffer Overflow Vulnerability

Next Article CVE-2025-6486 – TOTOLINK A3002R Stack-Based Buffer Overflow Vulnerability

Highlights

CVE-2025-5501 – Open5GS NGAP PathSwitchRequest Message Handler Remote Assertion Vulnerability

June 3, 2025

CVE ID : CVE-2025-5501

Published : June 3, 2025, 2:15 p.m. | 1 hour, 14 minutes ago

Description : A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_handle_path_switch_request_transfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The patch is named 2daa44adab762c47a8cef69cc984946973a845b3. It is recommended to apply a patch to fix this issue.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

DistroWatch Weekly, Issue 1127

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Understanding JavaScript Promise

Lakeflow: Revolutionizing SCD2 Pipelines with Change Data Capture (CDC)

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

CVE-2025-6489 – iSourcecode Agri-Trading Online Shopping System SQL Injection Vulnerability

CVE-2025-6478 – CodeAstro Expense Management System CSRF

CVE-2025-6479 – Simple Pizza Ordering System SQL Injection

CVE-2025-48447 – Drupal Lightgallery Cross-Site Scripting (XSS)

CVE-2025-3965 – Itwanger Paicoding Cross Site Scripting Vulnerability

CVE-2025-2070 – “FileZ XML Parsing Denial of Service”

CVE-2025-48695 – CyberDAVA Privilege Escalation Vulnerability

CVE-2025-5501 – Open5GS NGAP PathSwitchRequest Message Handler Remote Assertion Vulnerability

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

CVE-2025-4544 – D-Link DI-8100 Jhttpd Stack-Based Buffer Overflow Vulnerability

Managed Service Offering (MSO) Support Ticketing System

CVE-2025-6489 – iSourcecode Agri-Trading Online Shopping System SQL Injection Vulnerability

Related Posts