CVE-2025-8750 – Macrozheng Mall Cross-Site Scripting Vulnerability

August 9, 2025

CVE ID : CVE-2025-8750

Published : Aug. 9, 2025, 7:15 a.m. | 16 hours, 25 minutes ago

Description : A vulnerability has been found in macrozheng mall up to 1.0.3 and classified as problematic. Affected by this vulnerability is the function Upload of the file /minio/upload of the component Add Product Page. The manipulation of the argument File leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8751 – Protected Total WebShield Extension Chrome Cross-Site Scripting Vulnerability

Next Article CVE-2025-8746 – “GNU libopts __strstr_sse2 Memory Corruption Vulnerability”

Highlights

CVE-2025-5186 – Thinkgem JeeSite SSRF

May 26, 2025

CVE ID : CVE-2025-5186

Published : May 26, 2025, 1:15 p.m. | 3 hours, 42 minutes ago

Description : A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Across the 4th Dimension

Cursor vs GitHub Copilot (2025): Which AI Platform Wins for Your Node.js Dev Team?

NuGet adds support for Trusted Publishing

AWS launches IDE extension for building browser automation agents

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

IDC ServiceScape for Microsoft Power Apps Low-Code/No-Code Custom Application Development Services

A Stream-Oriented UI library for interactive web applications

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-8750 – Macrozheng Mall Cross-Site Scripting Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-55613 – Tenda O3V2 Buffer Overflow Vulnerability

FoalTS framework – version 4.6 released

CVE-2025-49449 – WP Map Plugins Interactive Regional Map of Africa CSRF Vulnerability

CVE-2025-2763 – CarlinKit CPC200-CCPA Cryptographic Signature Verification Bypass Code Execution Vulnerability

CVE-2025-5186 – Thinkgem JeeSite SSRF

CVE-2025-30751 – Oracle Database Server Create Procedure Privilege Escalation

ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners

New tool evaluates progress in reinforcement learning

CVE-2025-8750 – Macrozheng Mall Cross-Site Scripting Vulnerability

Related Posts