Overview CVE-2025-13209 is a medium severity vulnerability identified in bestfeng oa_git_free up to version 9.5. This vulnerability is classified as an XML External Entity (XXE) injection flaw and resides within the updateWriteBack function of the WorkflowPredefineController.java file. A remote attacker can exploit this weakness by manipulating the writeProp argument, potentially leading to information disclosure or other malicious activities. The vulnerability has been publicly disclosed and an exploit is available, making it critical to address this issue promptly. Technical Details The vulnerability is located in yimioa-oa9.5\server\c-flow\src\main\java\com\cloudweb\oa\controller\WorkflowPredefineController.java, specifically within the updateWriteBack function. This function appears to process XML data without proper sanitization…
-
-
Overview CVE-2025-13208 describes a SQL Injection vulnerability found in FantasticLBP Hotels Server up to commit 67b44df162fab26df209bd5d5d542875fcbec1d0. This flaw allows a remote attacker to inject malicious SQL code through the subjectId or cityName arguments of the controller/api/hotelList.php file. Exploitation of this vulnerability could lead to unauthorized data access, modification, or deletion. A public exploit is available, increasing the risk of exploitation. Notably, the vendor was contacted but has not responded to the disclosure. Technical Details The vulnerability resides within the controller/api/hotelList.php file of FantasticLBP Hotels Server. Specifically, it’s within an unknown function that processes user-supplied input from the subjectId and cityName…
-
Overview CVE-2025-13203 describes a critical SQL injection vulnerability found in Simple Cafe Ordering System version 1.0. This vulnerability allows a remote attacker to execute arbitrary SQL commands on the application’s database, potentially leading to data breaches, unauthorized access, or complete system compromise. The vulnerability resides in the /addmem.php file and is exploitable via manipulation of the studentnum argument. Technical Details The vulnerability stems from improper sanitization of user-supplied input within the /addmem.php script. Specifically, the studentnum parameter is not adequately validated before being used in an SQL query. This allows an attacker to inject malicious SQL code into the query,…
-
Overview CVE-2025-13202 details a Cross-Site Scripting (XSS) vulnerability discovered in the Simple Cafe Ordering System version 1.0, a project hosted on code-projects.org. The vulnerability allows a remote attacker to inject malicious scripts into the application through the product_name parameter in the /add_to_cart endpoint. This can potentially lead to information theft, session hijacking, or defacement of the website. The exploit is publicly available, increasing the risk of exploitation. Technical Details The vulnerability stems from insufficient input sanitization within the /add_to_cart functionality. By crafting a malicious product_name that includes JavaScript code, an attacker can inject this code into the application’s response. When…
-
Overview CVE-2025-13201 is a high-severity SQL injection vulnerability affecting Simple Cafe Ordering System version 1.0. This vulnerability resides within the /login.php file, specifically in how the application handles the Username argument during login authentication. A remote attacker can exploit this flaw to execute arbitrary SQL commands, potentially leading to sensitive data exposure, modification, or even complete system compromise. This vulnerability is publicly known and actively exploitable. Technical Details The vulnerability stems from insufficient sanitization of user-supplied input provided through the Username parameter in the /login.php script. By injecting malicious SQL code within the Username field, an attacker can manipulate the…
-
Overview CVE-2025-13200 describes a medium-severity vulnerability found in SourceCodester Farm Management System version 1.0. This vulnerability allows for the exposure of sensitive information through uncontrolled directory listing. A remote attacker can exploit this weakness to gain access to potentially confidential files and data within the affected application. The vulnerability has been publicly disclosed and is potentially exploitable. Technical Details The vulnerability stems from a lack of proper access controls and input sanitization within the Farm Management System. Specifically, the application fails to prevent directory listing in certain directories. By crafting specific HTTP requests, an attacker can trigger the web server…
-
Overview CVE-2025-13199 describes a path traversal vulnerability discovered in Email Logging Interface 2.0. This vulnerability allows a local attacker to read arbitrary files on the system by manipulating the ‘Username’ argument within the signup.cpp file. The public availability of an exploit increases the risk associated with this vulnerability. Technical Details The vulnerability resides in the signup.cpp file of Email Logging Interface 2.0. Specifically, the Username argument is not properly sanitized, allowing an attacker with local access to inject path traversal sequences like ../filedir. This manipulation allows the attacker to bypass intended directory restrictions and access files outside of the expected…
-
Overview CVE-2025-13198 is a medium severity vulnerability affecting DouPHP, a content management system (CMS). This vulnerability allows for unrestricted file uploads, potentially leading to remote code execution and complete system compromise. It affects versions up to and including Release 20251022. Technical Details The vulnerability resides within the upload/include/file.class.php file. Specifically, an unknown function is susceptible to attack when handling the File argument. By manipulating this argument, an attacker can bypass upload restrictions and upload arbitrary files, including executable code, to the server. The ease of exploitation is high, as the attack is performed remotely and a public exploit is already…
-
Overview CVE-2025-12983 is a low-severity denial-of-service (DoS) vulnerability affecting GitLab Community Edition (CE) and Enterprise Edition (EE). This vulnerability exists in versions prior to 18.3.6, 18.4.4, and 18.5.2. It allows an authenticated attacker to potentially crash a GitLab instance by submitting maliciously crafted markdown content containing excessively nested formatting patterns. While the impact is considered low due to the requirement of authentication and the relatively contained nature of the denial of service, it’s still important to address to maintain the stability and availability of your GitLab environment. Technical Details The vulnerability stems from improper handling of markdown rendering when processing…
-
Overview CVE-2025-7736 is a security vulnerability identified in GitLab CE/EE affecting versions 17.9 through 18.5. Specifically, it impacts versions before 18.3.6, 18.4.4, and 18.5.2. This vulnerability could allow an authenticated attacker to bypass access control restrictions and view GitLab Pages content that was intended only for project members. This bypass is possible by authenticating through OAuth providers. Technical Details The vulnerability stems from an issue in how GitLab handles access control checks in conjunction with OAuth authentication for GitLab Pages. An attacker, already authenticated to GitLab via an OAuth provider, could potentially craft requests to access GitLab Pages content associated…