Overview CVE-2025-14011 details a medium-severity SQL Injection vulnerability found in JIZHICMS up to version 2.5.5. The vulnerability resides within the addcomment.html file, specifically in the commentlist function. Attackers can exploit this flaw by manipulating the aid or tid parameters, leading to arbitrary SQL code execution. This vulnerability can be exploited remotely, and a proof-of-concept exploit is publicly available. The vendor was notified but did not respond to the disclosure. Technical Details The vulnerability exists in the /index.php/admins/Comment/addcomment.html file of the JIZHICMS application. The commentlist function doesn’t properly sanitize or validate the aid or tid parameters passed via HTTP requests. This…

Overview CVE-2025-66516 details a critical XML External Entity (XXE) injection vulnerability affecting Apache Tika. This vulnerability resides in the tika-core (versions 1.13-3.2.1), tika-pdf-module (versions 2.0.0-3.2.1), and tika-parsers (versions 1.13-1.28.5) modules. An attacker can exploit this flaw by crafting a malicious XFA file embedded within a PDF, potentially allowing them to access sensitive data on the server or execute arbitrary code. This CVE effectively expands upon the scope of CVE-2025-54988, clarifying that the underlying vulnerability and its fix are within tika-core. Furthermore, it highlights that Tika 1.x releases include the PDFParser within the tika-parsers module, making them equally susceptible. Technical Details…

Overview CVE-2025-66373 describes a HTTP request smuggling vulnerability affecting Akamai Ghost on Akamai CDN edge servers before version 2025-11-17. This vulnerability arises from an error in processing chunked request bodies. When Akamai Ghost encounters an invalid chunked body (where the declared chunk size doesn’t match the actual chunk data size), it may, under specific circumstances, forward the invalid request, along with superfluous bytes, to the origin server. These superfluous bytes can potentially be used to smuggle malicious HTTP requests. The exploitability of this vulnerability is heavily dependent on the origin server’s behavior and how it processes the invalid request it…

Overview CVE-2025-66287 is a high-severity vulnerability identified in WebKitGTK, a port of the WebKit rendering engine used by various applications. This flaw, discovered on December 4, 2025, can be exploited by processing malicious web content, leading to an unexpected process crash due to improper memory handling. This can disrupt application functionality and potentially be used as a stepping stone for more sophisticated attacks. Technical Details The vulnerability stems from inadequate memory management within WebKitGTK when handling specifically crafted web content. An attacker can exploit this weakness by serving a malicious webpage or embedding malicious content within an application using WebKitGTK.…

Overview CVE-2025-63364 details a security vulnerability found in the Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0, specifically affecting HW 4.3.2.1 and Webpage V7.04T.07.002880.0301. The gateway transmits administrator credentials in plaintext, potentially allowing unauthorized access and control of the device and connected systems. Technical Details The vulnerability stems from the insecure transmission of administrator credentials. Instead of employing encryption or hashing mechanisms, the gateway transmits the username and password in their original, unencrypted form. This exposure could occur during authentication processes, configuration updates, or other communication channels. An attacker intercepting network traffic could easily obtain these…

Overview CVE-2025-8074 describes an origin validation error vulnerability found in Synology BeeDrive for desktop versions prior to 1.4.3-13973. This flaw allows local users to potentially write arbitrary files containing non-sensitive information to the system through unspecified attack vectors. This means an attacker with local access could leverage this vulnerability to modify system files, potentially leading to unexpected application behavior or system instability. Technical Details The core issue lies in insufficient validation of the origin of data being processed by BeeDrive. Without proper origin validation, the application can be tricked into accepting data from unauthorized sources. In this specific case, a…

A critical security vulnerability, identified as CVE-2025-65516, has been discovered and patched in Seafile Community Edition. This article provides a detailed overview of the vulnerability, its technical details, potential impact, and the necessary steps to mitigate the risk. Overview CVE-2025-65516 is a stored cross-site scripting (XSS) vulnerability affecting Seafile Community Edition versions prior to 13.0.12. The vulnerability allows an attacker to inject malicious JavaScript code into the Seafile server, which can then be executed in the browsers of other users who access the affected data. This could lead to session hijacking, data theft, or other malicious activities. Technical Details The…

Overview CVE-2025-63681 identifies an Incorrect Access Control vulnerability found in Open-WebUI version 0.6.33. This flaw allows a standard user to stop arbitrary Large Language Model (LLM) response tasks initiated by other users. The issue stems from a lack of proper authorization checks when accessing the /api/tasks/stop/ endpoint. Published on 2025-12-04T16:16:22.447, this vulnerability exposes the application to potential denial-of-service scenarios and unauthorized interference with user workflows. Technical Details The vulnerability resides in the /api/tasks/stop/ API endpoint. Specifically, the Open-WebUI backend code (as observed in the identified code snippet) directly accesses and cancels tasks based solely on the task ID provided in…

Overview CVE-2025-61148 details an Insecure Direct Object Reference (IDOR) vulnerability found in EduplusCampus version 3.0.1. This vulnerability resides within the Student Payment API and allows authenticated users to potentially access the personal and financial records of other students without proper authorization. By manipulating the rec_no parameter in the /student/get-receipt endpoint, an attacker can retrieve sensitive data belonging to different student accounts. This could lead to significant privacy breaches and potential financial harm. Technical Details The vulnerability stems from insufficient authorization checks within the /student/get-receipt API endpoint. The application uses the rec_no parameter to directly reference specific student payment records. However,…

Overview CVE-2025-57213 details an incorrect access control vulnerability found in Platform version 1.0.0. Specifically, the orderService.queryObject component is susceptible to unauthorized access, potentially allowing attackers to retrieve sensitive information through carefully crafted requests. This vulnerability was published on 2025-12-04 and poses a significant risk to systems running the affected version. Technical Details The vulnerability resides in the orderService.queryObject component. Due to flawed access control mechanisms, a malicious actor can bypass intended security checks and directly query the component, potentially extracting data related to orders, users, or other sensitive aspects of the platform. The exact nature of the “crafted request” requires…