Overview CVE-2025-13434 describes a medium severity vulnerability found in the jameschz Hush Framework version 2.0. Specifically, the vulnerability is an HTTP Host Header Injection issue located within the Hush\hush-lib\hush\Util.php file. The vulnerability stems from improper neutralization of HTTP headers when handling scripting syntax within the $_SERVER['HOST'] argument. Successful exploitation allows for remote attackers to potentially inject malicious code or manipulate application behavior. Importantly, this vulnerability is publicly known, and an exploit is available. The vendor was contacted but did not respond to the disclosure. Technical Details The core of the vulnerability lies in how the Hush Framework processes the HTTP…
-
-
Overview A critical security vulnerability, identified as CVE-2025-13433, has been discovered in Muse Group’s MuseHub version 2.1.0.1567. This flaw stems from an unquoted search path issue within the Windows Service component of the application. The vulnerability allows a local attacker to potentially escalate privileges by placing a malicious executable in a directory that is searched before the intended application directory. The vendor, Muse Group, was notified but has not responded to the disclosure. Technical Details The vulnerability resides in an unknown function of the C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.Updater.exe file, which is part of the MuseHub Windows Service. The root cause is an…
-
Overview CVE-2025-12778 is a medium severity vulnerability affecting the Ultimate Member Widgets for Elementor – WordPress User Directory plugin for WordPress. This vulnerability allows unauthenticated attackers to extract partial metadata of all WordPress users, including their first name, last name, and email addresses. This occurs due to a missing capability check on the handle_filter_users function in versions up to and including 2.3. Technical Details The vulnerability stems from the lack of proper access control within the handle_filter_users function. This function, intended to filter user data based on specific criteria, fails to verify if the user making the request has the…
-
Overview A security vulnerability has been identified in the Attention Bar WordPress plugin, specifically versions up to and including 0.7.2.1. This vulnerability, identified as CVE-2025-12502, allows high-privilege users (such as administrators) to perform SQL injection attacks. The plugin fails to properly sanitize and escape user-supplied input before using it in SQL queries, making it possible to inject malicious SQL code. Technical Details The root cause of the vulnerability lies in the improper handling of user-supplied data within the Attention Bar plugin’s code. Specifically, a parameter is directly incorporated into a SQL statement without adequate sanitization or escaping. This allows an…
-
Overview A critical security vulnerability, identified as CVE-2025-12414, has been discovered in Looker. This vulnerability could allow an attacker to take over a Looker account in a Looker instance configured with OpenID Connect (OIDC) authentication. The issue stems from improper email address string normalization during the authentication process. While Looker-hosted instances have already been mitigated, self-hosted instances are vulnerable and require immediate patching. Technical Details CVE-2025-12414 arises from inconsistencies in how Looker handles email address normalization when using OIDC for authentication. An attacker could potentially exploit these inconsistencies to impersonate a legitimate user and gain unauthorized access to their Looker…
-
Overview CVE-2025-11676 is a critical vulnerability affecting TP-Link TL-WR940N V6 routers, specifically those running firmware versions up to and including Build 220801. This vulnerability allows unauthenticated adjacent attackers to perform a Denial of Service (DoS) attack by exploiting an improper input validation issue within the UPnP modules of the device. This means that an attacker within the same network as the router can render it unresponsive, disrupting internet access for all connected devices. Technical Details The vulnerability stems from insufficient input validation within the UPnP (Universal Plug and Play) service implementation on the TP-Link TL-WR940N V6. UPnP is designed to…
-
Overview CVE-2025-0645 identifies a high-severity vulnerability within Narkom Communication and Software Technologies Trade Ltd. Co. Pyxis Signage. This vulnerability allows for the unrestricted upload of files with potentially dangerous types, leading to Accessing Functionality Not Properly Constrained by ACLs. The issue affects Pyxis Signage versions up to and including 31012025. Exploitation of this vulnerability could grant attackers unauthorized access and control over the system. Technical Details The root cause of CVE-2025-0645 lies in the insufficient validation of file types during the upload process. The application fails to adequately restrict the types of files that can be uploaded, allowing attackers to…
-
Overview CVE-2025-0643 is a high-severity vulnerability affecting Narkom Communication and Software Technologies Trade Ltd. Co.’s Pyxis Signage software. Specifically, it’s a Stored Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of user-supplied input during web page generation. This means malicious scripts can be permanently injected into the application and executed when other users interact with the compromised data. This vulnerability affects Pyxis Signage versions up to and including 31012025. Technical Details The vulnerability lies in the insufficient sanitization or encoding of user input within the Pyxis Signage application. An attacker can inject malicious JavaScript code into a field (e.g., a…
-
Overview CVE-2025-13424 is a medium severity SQL injection vulnerability discovered in Campcodes Supplier Management System version 1.0. This vulnerability affects the /admin/add_product.php file and allows a remote attacker to inject malicious SQL code through the txtProductName argument. Successful exploitation can lead to unauthorized data access, modification, or deletion within the application’s database. The vulnerability has been publicly disclosed, making it crucial for users of Campcodes Supplier Management System 1.0 to take immediate action to mitigate the risk. Technical Details The vulnerability resides within the /admin/add_product.php script. The application fails to properly sanitize or validate user-supplied input passed through the txtProductName…
-
Overview CVE-2025-13423 describes a medium severity security vulnerability found in Campcodes Retro Basketball Shoes Online Store version 1.0. This vulnerability allows for unrestricted file uploads via the product_image argument in the /admin/admin_product.php file. A remote attacker can exploit this flaw to upload malicious files, potentially leading to code execution, system compromise, or data breaches. Technical Details The vulnerability resides in the /admin/admin_product.php file of the Campcodes Retro Basketball Shoes Online Store 1.0. The application fails to properly validate or sanitize the product_image input, allowing an attacker to upload arbitrary files to the server. By manipulating the file extension or content…