Overview A critical SQL injection vulnerability, identified as CVE-2025-12743, has been discovered in Looker. This flaw affects both Looker-hosted and self-hosted instances, though Looker-hosted instances have already been automatically mitigated. This article details the vulnerability, its potential impact, and the necessary steps to secure your self-hosted Looker deployments. Technical Details The vulnerability resides in the Looker endpoint used for generating new projects from database connections. It allows users to specify “looker” as a connection name, a reserved internal name for Looker’s internal MySQL database. The schemas parameter is vulnerable to SQL injection. Exploitation allows attackers with developer permissions to manipulate…
-
-
Overview A high-severity time-based SQL injection vulnerability, identified as CVE-2025-65024, has been discovered in i-Educar, a widely used free and fully online school management software. This vulnerability affects versions 2.10.0 and prior. Exploitation of this flaw allows an attacker with valid authentication to execute arbitrary SQL commands against the application’s database, potentially leading to data breaches, system compromise, and other severe consequences. It is critical for organizations using affected versions of i-Educar to apply the available patch immediately. Technical Details The vulnerability resides within the ieducar/intranet/agenda_admin_cad.php script. Specifically, the cod_agenda GET parameter is directly concatenated into an SQL query without…
-
Overview CVE-2025-65023 is a high-severity vulnerability affecting i-Educar, a free and fully online school management software. This vulnerability is classified as a time-based SQL injection and exists within the ieducar/intranet/funcionario_vinculo_cad.php script. Successful exploitation allows an authenticated attacker to execute arbitrary SQL commands against the application’s database, potentially leading to data breaches, unauthorized access, and system compromise. Technical Details The vulnerability stems from improper handling of the cod_funcionario_vinculo GET parameter within the ieducar/intranet/funcionario_vinculo_cad.php script. Specifically, the value of this parameter is directly concatenated into an SQL query without sufficient sanitization or validation. An attacker with an authenticated session can manipulate this…
-
Overview A critical vulnerability, identified as CVE-2025-65022, has been discovered in i-Educar, a popular free and open-source school management software. This vulnerability is a time-based SQL injection affecting versions 2.10.0 and earlier. An attacker with valid user credentials can exploit this flaw to execute arbitrary SQL commands, potentially leading to significant data breaches or system compromise. Immediate patching is strongly recommended. Technical Details The vulnerability resides in the ieducar/intranet/agenda.php script. The cod_agenda request parameter is directly concatenated into multiple SQL queries without proper sanitization. This lack of input validation allows an authenticated attacker to inject malicious SQL code via the…
-
Overview CVE-2025-63879 describes a reflected cross-site scripting (XSS) vulnerability found in the E-commerce Project version 1.0 and earlier. This flaw allows attackers to inject malicious JavaScript code into a user’s browser session by crafting a specific URL with a payload in the ‘id’ parameter. Exploitation of this vulnerability could lead to session hijacking, defacement, or the theft of sensitive user data. Technical Details The vulnerability resides within the /ecommerce/products.php component. The application fails to properly sanitize the ‘id’ parameter before reflecting it back in the HTML output. An attacker can craft a URL like this: /ecommerce/products.php?id=<script>alert('XSS')</script> When a user clicks…
-
Overview CVE-2025-63878 describes a SQL injection vulnerability found in Restoran v1.0, a restaurant website application available on Github. The vulnerability resides within the Contact Form page and could allow an attacker to execute arbitrary SQL queries, potentially leading to data breaches or other malicious activities. Technical Details The SQL injection vulnerability is located within the Contact Form page of Restoran v1.0. Specifically, the application does not properly sanitize user-supplied input before incorporating it into SQL queries. An attacker could inject malicious SQL code into fields such as the name, email, or message fields of the contact form. When the application…
-
Overview A critical authentication bypass vulnerability, identified as CVE-2025-63224, has been discovered in Itel DAB (Digital Audio Broadcasting) Encoders running IDEnc build 25aec8d. This vulnerability allows attackers to gain administrative access to affected devices by reusing valid JWT (JSON Web Token) tokens obtained from other devices, even across different networks and password configurations. This poses a significant security risk, potentially leading to full compromise of the affected Itel DAB Encoder. Technical Details The vulnerability stems from improper JWT validation within the Itel DAB Encoder’s authentication mechanism. The IDEnc firmware fails to properly verify the origin or device association of a…
-
Overview CVE-2025-63223 details a critical security vulnerability affecting Axel Technology StreamerMAX MK II devices. Specifically, firmware versions 0.8.5 to 1.0.3 are susceptible to a Broken Access Control flaw. This vulnerability stems from the lack of authentication requirements on the /cgi-bin/gstFcgi.fcgi endpoint. This allows unauthenticated remote attackers to perform sensitive actions, potentially leading to complete device compromise. Technical Details The vulnerability lies in the missing authentication checks on the /cgi-bin/gstFcgi.fcgi endpoint. By sending crafted requests to this endpoint, an attacker can bypass intended access controls and execute privileged operations without valid credentials. These operations include: Listing user accounts Creating new administrative…
-
Overview CVE-2025-63221 describes a severe broken access control vulnerability affecting Axel Technology Puma devices running firmware versions 0.8.5 to 1.0.3. This flaw allows unauthenticated remote attackers to perform administrative actions due to missing authentication on the /cgi-bin/gstFcgi.fcgi endpoint. This can lead to full compromise of the affected devices. Technical Details The vulnerability exists because the /cgi-bin/gstFcgi.fcgi endpoint lacks proper authentication checks. An attacker can send crafted requests to this endpoint without providing any credentials and gain unauthorized access to sensitive functionalities. This includes: Listing user accounts Creating new administrative users Deleting users Modifying system settings This lack of authentication allows…
-
Overview This article details a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-63220, affecting the web-based management interface of Sound4 FIRST devices. This vulnerability allows an attacker to execute arbitrary code on the device by exploiting a flaw in the firmware update mechanism. Technical Details The vulnerability stems from the inadequate validation of the firmware update package. Specifically, the system fails to verify the integrity of the manual.sh script within the update package. By modifying this script and repackaging the firmware, an attacker can inject arbitrary commands that will be executed during the update process. This allows for full…