CVE-2025-7409 – Code-projects Mobile Shop SQL Injection Vulnerability

July 10, 2025

CVE ID : CVE-2025-7409

Published : July 10, 2025, 5:15 p.m. | 2 hours, 3 minutes ago

Description : A vulnerability was found in code-projects Mobile Shop 1.0 and classified as critical. This issue affects some unknown processing of the file /LoginAsAdmin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53371 – DiscordNotifications SSRF and DOS

Next Article CVE-2025-53020 – Apache HTTP Server Memory Disclosure

Highlights

CVE-2025-4671 – WordPress Profile Builder Stored Cross-Site Scripting Vulnerability

June 3, 2025

CVE ID : CVE-2025-4671

Published : June 3, 2025, 12:15 p.m. | 3 hours, 14 minutes ago

Description : The Profile Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s user_meta and compare shortcodes in all versions up to, and including, 3.13.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Vibe Loop: AI-native reliability engineering for the real world

Docker Compose gets new features for building and running agents

Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

Unmasking The Magic: The Wizard Of Oz Method For UX Research

The Beats Studio Buds Plus are nearly 50% off during Prime Day – hurry while the deal lasts

Perplexity’s Comet AI browser is hurtling toward Chrome – how to try it

My favorite headphones for watching movies are at their lowest price for Prime Day

Musk claims new Grok 4 beats o3 and Gemini 2.5 Pro – how to try it

Oracle Cloud EPM: Transitioning to Forms 2.0, Dashboards 2.0 by October 2025

Oracle Cloud EPM: Transitioning to Forms 2.0, Dashboards 2.0 by October 2025

This Week in Laravel: React.js, Filament vs Laravel, and Junior Test

NativePHP for Mobile v1.1: Smaller, Smarter, and Ready to Scale

Linux’s Ascendancy: Charting the Open-Source Surge in the Desktop OS Arena

Linux’s Ascendancy: Charting the Open-Source Surge in the Desktop OS Arena

Asteroid Shooter – time-bound survival asteroid shooter

Mozilla VPN Linux App is Now Available on Flathub

CVE-2025-7409 – Code-projects Mobile Shop SQL Injection Vulnerability

CVE-2025-27614 – Gitk Command Injection Vulnerability

CVE-2025-46334 – Git GUI Path Injection Vulnerability

Several Ubisoft games can now be purchased in the Xbox PC app, including Assassin’s Creed Shadows and Watch Dogs 2

4 MacOS email clients that might work better for you than Apple Mail

Claude Pro’s two new features make this AI subscription even more enticing

CVE-2025-3649 – LightPress Lightbox Stored XSS Vulnerability

CVE-2025-4671 – WordPress Profile Builder Stored Cross-Site Scripting Vulnerability

CVE-2025-0917 – IBM Cognos Analytics Stored Cross-Site Scripting

How safe and secure is your iPhone really?

Apple’s App Store shaken: Court ends ‘Apple tax’ on external purchases

CVE-2025-7409 – Code-projects Mobile Shop SQL Injection Vulnerability

Related Posts