CVE-2025-28967 – Steve Truman Contact People LITE SQL Injection

July 4, 2025

CVE ID : CVE-2025-28967

Published : July 4, 2025, 9:15 a.m. | 2 hours, 37 minutes ago

Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Steve Truman Contact Us page – Contact people LITE allows SQL Injection. This issue affects Contact Us page – Contact people LITE: from n/a through 3.7.4.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-28969 – Cybio Gallery Widget SQL Injection

Next Article CVE-2025-28963 – “URL Shortener Server-Side Request Forgery”

Highlights

CVE-2025-45525 – Microlight.js Null Pointer Dereference Vulnerability

June 17, 2025

CVE ID : CVE-2025-45525

Published : June 17, 2025, 8:15 p.m. | 15 minutes ago

Description : A null pointer dereference vulnerability was discovered in microlight.js (version 0.0.7), a lightweight syntax highlighting library. When processing elements with non-standard CSS color values, the library fails to validate the result of a regular expression match before accessing its properties, leading to an uncaught TypeError and potential application crash.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2025-28967 – Steve Truman Contact People LITE SQL Injection

CVE-2025-24748 – LambertGroup All In One Slider Responsive SQL Injection

CVE-2025-27358 – mndpsingh287 Frontend File Manager Basic XSS Vulnerability

CVE-2025-52491 – Akamai CloudTest SSRF

Experiment with Gemini 2.0 Flash native image generation

Elixir WebRTC is an implementation of the W3C WebRTC API

Why Your Automation Needs AI Decision-Making (And How Wordware Delivers)

CVE-2025-45525 – Microlight.js Null Pointer Dereference Vulnerability

CVE-2025-4116 – Netgear JWNR2000 Buffer Overflow Vulnerability

CVE-2025-33053: RCE in WebDAV | Kaspersky official blog

CVE-2024-10442 (CVSS 10): Zero-Click RCE in Synology DiskStation, PoC Publishes

CVE-2025-28967 – Steve Truman Contact People LITE SQL Injection

Related Posts