Overview CVE-2025-13505 describes a stored Cross-Site Scripting (XSS) vulnerability found in Datateam Information Technologies Inc.’s Datactive software. Specifically, versions 2.13.34 and prior to 2.14.0.6 are affected. This vulnerability allows an attacker to inject malicious JavaScript code into the application’s database. When other users access the affected data, the malicious script is executed in their browsers, potentially leading to sensitive data theft, session hijacking, or defacement of the application. Technical Details The vulnerability stems from improper neutralization of user-supplied input during web page generation. Specifically, the application fails to adequately sanitize script-related HTML tags. An attacker can inject malicious JavaScript code…
-
-
Overview This article details CVE-2025-41066, a user enumeration vulnerability discovered in Horde Groupware v5.2.22. This vulnerability allows unauthenticated attackers to determine the existence of valid user accounts on a Horde Groupware instance. Successfully exploiting this issue can be a precursor to further attacks, such as password brute-forcing or targeted phishing campaigns. Technical Details The vulnerability lies within the /imp/attachment.php script. By sending a crafted HTTP request with specific parameters, an attacker can probe the existence of user accounts. The attack leverages the following parameters: id: This parameter seems to be related to attachment handling but is used in conjunction with…
-
Overview CVE-2025-41015 identifies a user enumeration vulnerability within TCMAN GIM v11, specifically version 20250304. This flaw allows an unauthenticated attacker to probe the system and determine if a particular user account exists. This information, while seemingly minor, can be a critical first step in a larger attack, such as a brute-force password attempt or targeted phishing campaign. Technical Details The vulnerability is located in the /WS/PDAWebService.asmx endpoint. By manipulating the pda:username parameter in conjunction with the soapaction GetUserQuestionAndAnswer, an attacker can send requests to the server. The server’s response will differ depending on whether the provided username exists. This difference…
-
Overview CVE-2025-41014 describes a user enumeration vulnerability affecting TCMAN GIM v11, specifically version 20250304. This vulnerability allows an unauthenticated attacker to determine if a specific user exists on the system. This is possible due to how the system handles requests to the /WS/PDAWebService.asmx endpoint. Technical Details The vulnerability resides in the /WS/PDAWebService.asmx endpoint. By sending a SOAP request with the soapaction GetLastDatePasswordChange and providing a username via the pda:username parameter, the system’s response differs depending on whether the provided username exists. This allows an attacker to deduce the existence of user accounts without requiring any authentication. Specifically, an attacker can…
-
Overview A security vulnerability, identified as CVE-2025-13731, has been discovered in the Nexter Extension – Site Enhancements Toolkit plugin for WordPress. This vulnerability is a Stored Cross-Site Scripting (XSS) flaw, affecting versions up to and including 4.4.1. The vulnerability allows authenticated attackers with Contributor-level access or higher to inject malicious JavaScript code into website pages. This code executes whenever a user visits the compromised page, potentially leading to data theft, account takeover, or other malicious activities. Technical Details The vulnerability lies within the nxt-year shortcode functionality of the Nexter Extension plugin. Insufficient input sanitization and output escaping in the plugin’s…
-
Overview CVE-2025-13295 is a high-severity vulnerability affecting Argus Technology Inc.’s BILGER software. This vulnerability allows an attacker to insert sensitive information into data that is sent by the system. Specifically, the issue arises from the ability to influence and choose the message identifier. This affects versions of BILGER prior to 2.4.9. Technical Details The vulnerability stems from insufficient input validation and sanitization related to the message identifier within the BILGER application. An attacker can leverage this flaw to inject arbitrary data into the message identifier field. This injected data can then be transmitted alongside legitimate data, potentially exposing sensitive information…
-
Overview CVE-2025-41012 describes an unauthorized access vulnerability found in TCMAN GIM v11, specifically version 20250304. This vulnerability allows an unauthenticated attacker to determine the existence of users within the system. By leveraging the pda:userId and pda:newPassword parameters in conjunction with the soapaction UnlockUser function within the /WS/PDAWebService.asmx endpoint, an attacker can probe for valid usernames without needing prior authentication. Technical Details The vulnerability resides in the lack of proper authentication and authorization checks within the UnlockUser function of the PDAWebService.asmx service. An attacker can craft a SOAP request containing a pda:userId parameter, essentially attempting to unlock a user’s account. The…
-
Overview CVE-2025-40700 details a reflected Cross-Site Scripting (XSS) vulnerability found in IDI Eikon’s Governalia. This vulnerability could allow an attacker to inject and execute malicious JavaScript code within a user’s browser by crafting a specific URL. This malicious URL, when clicked by a user, could lead to the theft of sensitive information or unauthorized actions performed on the user’s behalf. Technical Details The vulnerability resides within the /search endpoint of Governalia. Specifically, the application fails to properly sanitize the q parameter. An attacker can exploit this by injecting JavaScript code into the q parameter of the URL. When a user…
-
Overview CVE-2025-13879 describes a directory traversal vulnerability found in SOLIDserver IP Address Management (IPAM) version 8.2.3. This flaw allows an authenticated user with administrator privileges to access and list directories outside of their authorized scope. By manipulating the ‘directory’ parameter in the /mod/ajax.php?action=sections/list/list endpoint, malicious actors can potentially view sensitive system files and directories, leading to information disclosure and potentially further compromise. Technical Details The vulnerability exists within the /mod/ajax.php script, specifically when handling the sections/list/list action. The application fails to properly sanitize or validate the ‘directory’ parameter, allowing an attacker to inject directory traversal sequences (e.g., ../) to navigate…
-
Overview A critical Blind SQL injection vulnerability, identified as CVE-2025-12465, has been discovered in QuickCMS. This vulnerability stems from the improper neutralization of input within the aFilesDelete functionality, making the application susceptible to Blind SQL Injection attacks. The vulnerability is exploitable by high-privileged users. This article provides a detailed analysis of the vulnerability, its potential impact, and recommended mitigation steps. Please note that the vendor was notified, but has not provided specific details or a vulnerable version range as of this publication. Version 6.8 has been confirmed as vulnerable; other versions may also be affected. Technical Details CVE-2025-12465 arises from…