Overview A critical SQL injection vulnerability has been identified in phpPgAdmin version 7.13.0 and earlier. This vulnerability, tracked as CVE-2025-60797, allows an authenticated attacker to execute arbitrary SQL commands by injecting malicious code into the $_REQUEST['query'] parameter. This can lead to complete database compromise, data theft, or privilege escalation. Technical Details The vulnerability exists within the dataexport.php file at line 118. The application directly executes user-supplied SQL queries from the $_REQUEST['query'] parameter without proper sanitization or parameterization. The vulnerable code snippet is: $data->conn->Execute($_REQUEST['query']); This direct execution of unsanitized input allows an attacker to inject malicious SQL code, effectively bypassing any…

Overview A significant security vulnerability, identified as CVE-2025-60796, has been discovered in phpPgAdmin versions 7.13.0 and earlier. This vulnerability exposes the application to multiple cross-site scripting (XSS) attacks due to insufficient sanitization of user-supplied input. Exploitation of these vulnerabilities can lead to arbitrary JavaScript execution within the context of a user’s browser, potentially allowing attackers to hijack sessions, steal credentials, and perform other malicious actions. Technical Details The root cause of these vulnerabilities lies in the lack of proper encoding or sanitization of user-supplied input received through $_REQUEST parameters. This unsanitized input is then reflected directly in the HTML output…

Overview This article details CVE-2025-60794, a vulnerability discovered in couch-auth version 0.21.2. This security flaw exposes sensitive data, including session tokens and passwords, due to insecure memory management within the JavaScript codebase. Failure to properly clear sensitive data from memory creates a window of opportunity for attackers to extract this information, potentially leading to session hijacking and other malicious activities. Technical Details The vulnerability stems from the way couch-auth handles session tokens and passwords in the src/user.ts file, specifically lines 700-707. Instead of securely storing or clearing these sensitive data points after use, they are stored within JavaScript objects that…

Overview CVE-2025-5092 describes a medium-severity Stored Cross-Site Scripting (XSS) vulnerability impacting multiple WordPress plugins and themes that bundle the lightGallery library (versions 2.8.3 and below). This vulnerability stems from insufficient input sanitization and output escaping of user-supplied attributes, allowing authenticated attackers with Contributor-level access or higher to inject malicious JavaScript code into website pages. When a user visits a page containing the injected script, the code will execute, potentially leading to account compromise, data theft, or website defacement. Technical Details The vulnerability lies within the lightGallery library integrated into various WordPress plugins and themes. Specifically, insufficient sanitization of user-provided attributes…

Overview CVE-2025-41076 describes an information disclosure vulnerability found in LimeSurvey version 6.13.0. This flaw allows an unauthenticated, external attacker to trigger a 500 error by sending a specially crafted, malformed session cookie to the application. Critically, instead of displaying a generic error, the system inadvertently exposes sensitive internal backend information. This exposed information can aid attackers in further reconnaissance and potential exploitation. Technical Details The vulnerability stems from inadequate error handling when processing session cookies. When a malformed cookie is received, LimeSurvey attempts to process it but fails. The resulting exception is not properly masked, leading to a detailed error…

Overview CVE-2025-41075 identifies a critical vulnerability in LimeSurvey version 6.13.0. This vulnerability resides within the /optin endpoint and results in an infinite HTTP redirect loop when accessed directly. This behavior can be exploited by malicious actors to launch a Denial of Service (DoS) attack, potentially exhausting server or client resources and rendering the application unavailable. The system’s inability to break the redirect loop leads to service degradation and possible browser instability for users attempting to access the affected endpoint. Technical Details The vulnerability stems from improper handling of direct requests to the /optin endpoint in LimeSurvey 6.13.0. When a user,…

Overview CVE-2025-41074 describes a Denial of Service (DoS) vulnerability affecting LimeSurvey version 6.13.0. The vulnerability resides in the /optout endpoint. When accessed directly, this endpoint triggers an infinite HTTP redirect loop. This loop can quickly exhaust server and/or client resources, leading to service degradation or browser instability for users interacting with the affected LimeSurvey instance. Technical Details The root cause of the vulnerability lies in the flawed logic within the /optout endpoint. Instead of handling direct access gracefully (e.g., displaying a helpful message or redirecting to a valid page), the endpoint enters an uncontrolled redirect sequence. The system fails to…

Overview A significant path traversal vulnerability, identified as CVE-2025-40605, has been discovered in a widely used Email Security appliance. This flaw allows malicious actors to bypass security restrictions and potentially access sensitive files and directories outside of the intended access path. Exploitation of this vulnerability could lead to severe data breaches, system compromise, and other detrimental consequences. Technical Details The vulnerability stems from improper input validation related to file system path handling within the Email Security appliance. By injecting crafted directory-traversal sequences, such as ../, into specific input fields, an attacker can manipulate the application’s file access routines. This allows…

Overview CVE-2025-40604 describes a critical “Download of Code Without Integrity Check” vulnerability affecting the SonicWall Email Security appliance. This flaw allows an attacker with access to the underlying VMDK or datastore to potentially modify system files and achieve persistent, arbitrary code execution on the affected appliance. Technical Details The vulnerability stems from the SonicWall Email Security appliance’s failure to properly verify the signatures of root filesystem images during the download process. An attacker with privileged access to the VMDK or datastore can manipulate these images. Since the appliance does not perform sufficient integrity checks before loading them, the attacker can…

Overview A critical vulnerability, identified as CVE-2025-40601, has been discovered in the SonicOS SSLVPN service. This flaw allows a remote, unauthenticated attacker to exploit a stack-based buffer overflow, potentially leading to a Denial of Service (DoS) condition that could crash an impacted firewall. This vulnerability poses a significant threat to organizations relying on SonicWall firewalls for secure remote access. Technical Details CVE-2025-40601 is a stack-based buffer overflow vulnerability within the SSLVPN service of SonicOS. Due to insufficient input validation, an attacker can send specially crafted data to the vulnerable service. This data overwrites parts of the stack, including critical function…