CVE-2025-7748 – ZCMS Cross Site Scripting (XSS) Vulnerability in Create Article Page

July 17, 2025

CVE ID : CVE-2025-7748

Published : July 17, 2025, 6:15 p.m. | 21 minutes ago

Description : A vulnerability classified as problematic was found in ZCMS 3.6.0. This vulnerability affects unknown code of the component Create Article Page. The manipulation of the argument Title leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7747 – Tenda POST Request Handler Buffer Overflow Vulnerability

Next Article CVE-2025-53638 – Solady Silent Failure in Proxy Initialization Vulnerability

Highlights

CVE-2025-30012 – SAP SRM Java Applet Deserialization Vulnerability

May 13, 2025

CVE ID : CVE-2025-30012

Published : May 13, 2025, 1:15 a.m. | 1 hour, 49 minutes ago

Description : The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM stack to accept binary Java objects in specific encoding format. On successful exploitation, an authenticated attacker with high privileges could send malicious payload request and receive an outbound DNS request, resulting in deserialization of data in the application. This vulnerability has low impact on confidentiality, integrity and availability of the application.

Severity: 3.9 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2025-7748 – ZCMS Cross Site Scripting (XSS) Vulnerability in Create Article Page

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

Tailor responsible AI with new safeguard tiers in Amazon Bedrock Guardrails

Ubuntu’s Desktop Icons Extension Gains New Keyboard Shortcuts

Hugging Face Releases nanoVLM: A Pure PyTorch Library to Train a Vision-Language Model from Scratch in 750 Lines of Code

Adobe GenStudio for Performance Marketing for Beginners

CVE-2025-30012 – SAP SRM Java Applet Deserialization Vulnerability

Xbox Game Pass Gets an Assassin’s Creed Game and More in August — While this Awesome Co-op Title Returns to the Service

Google’s New IDE Redefines Developer Productivity

Kerberoasting Detections: A New Approach to a Decade-Old Challenge

CVE-2025-7748 – ZCMS Cross Site Scripting (XSS) Vulnerability in Create Article Page

Related Posts