CVE-2025-8798 – Samarium Unrestricted File Upload Vulnerability

August 10, 2025

CVE ID : CVE-2025-8798

Published : Aug. 10, 2025, 7:15 a.m. | 18 hours, 26 minutes ago

Description : A vulnerability was found in oitcode samarium up to 0.9.6. It has been classified as critical. Affected is an unknown function of the file /dashboard/product of the component Create Product Page. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8799 – Open5GS AMF Denial of Service Vulnerability

Next Article Next.js PWA offline capability with Service Worker, no extra package

Highlights

CVE-2025-53824 – WeGIA Reflected Cross-Site Scripting (XSS) Vulnerability

July 15, 2025

CVE ID : CVE-2025-53824

Published : July 14, 2025, 11:15 p.m. | 3 hours, 36 minutes ago

Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the editar_permissoes.php endpoint of the WeGIA application prior to version 3.4.4. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. Version 3.4.4 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-8798 – Samarium Unrestricted File Upload Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Development Release: deepin 25 Beta

CVE-2025-2962 – Apache DNS DNS Denial-of-Service

Your Samsung Galaxy Watch is about to get a big upgrade for free – 4 features I can’t wait to try

Agents panel: Launch Copilot coding agent tasks anywhere on GitHub

CVE-2025-53824 – WeGIA Reflected Cross-Site Scripting (XSS) Vulnerability

CVE-2025-6929 – PHPGurukul Zoo Management System SQL Injection Vulnerability

Windows Subsystem for Linux 2 (WSL2): The Complete Tutorial for Windows 10 & 11

What’s the easiest way to deploy on a VPS?

CVE-2025-8798 – Samarium Unrestricted File Upload Vulnerability

Related Posts