Navigation:   Dark C0d3rs Exploit Log CVE Details Daily CVE Record Information - 2025-03-18

Daily CVE Record Information - 2025-03-18

0 Replies, 296 Views

 hashXploiter

   03-18-2025, 05:00 PM
Administrator
#1
CVE-2025-25220

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in +F FS010M versions prior to V2.0.1_1101. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote authenticated attacker.

Maximum CVSS Score : 8.8
Exploit Availability: Not available
Reference: You are not allowed to view links. Register or Login to view.

CVE-2025-24306

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in +F FS010M versions prior to V2.0.0_1101. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote authenticated attacker with an administrative privilege.

Maximum CVSS Score : 7.2
Exploit Availability: Not available
Reference: You are not allowed to view links. Register or Login to view.

CVE-2025-2473

A vulnerability was found in PHPGurukul Company Visitor Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Sign In. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Maximum CVSS Score : 7.5
Exploit Availability: Not available
Reference: You are not allowed to view links. Register or Login to view.

CVE-2025-2262

The The Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.7.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Maximum CVSS Score : 7.3
Exploit Availability: Not available
Reference: You are not allowed to view links. Register or Login to view.

CVE-2025-0755

The various bson_append functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum allowable size (INT32_MAX), resulting in a segmentation fault and possible application crash. This issue affected libbson versions prior to 1.27.5, MongoDB Server v8.0 versions prior to 8.0.1 and MongoDB Server v7.0 versions prior to 7.0.16

Maximum CVSS Score : 8.4
Exploit Availability: Not available
Reference: You are not allowed to view links. Register or Login to view.
[Image: e72398fe92beda2aa80d0329e8b9f4febece7568.gif]



Users browsing this thread: 1 Guest(s)