Overview This article details a stored Cross-Site Scripting (XSS) vulnerability identified as CVE-2025-65675 affecting Classroomio LMS version 0.1.13. This vulnerability allows authenticated attackers to inject and execute arbitrary JavaScript code within the application, potentially leading to account compromise, data theft, and other malicious activities. The exploit is triggered by uploading a specially crafted SVG file as a user profile picture. Technical Details The vulnerability resides in the application’s handling of user-uploaded profile pictures, specifically when SVG files are permitted. The application fails to properly sanitize the SVG file content, allowing an attacker to embed malicious JavaScript code within the <svg>…

Overview CVE-2025-65672 details an Insecure Direct Object Reference (IDOR) vulnerability found in classroomio version 0.1.13. This vulnerability allows unauthorized users to potentially access and modify course settings, including sharing and invitation configurations, without proper authorization. This could lead to significant security risks, potentially impacting data privacy and integrity within the classroomio platform. Technical Details The IDOR vulnerability exists in the handling of course identification during share and invite operations within classroomio 0.1.13. An attacker could potentially manipulate the course ID parameter in a request to access settings of a course they are not authorized to manage. By altering the course…

Overview CVE-2025-65669 describes a critical vulnerability discovered in classroomio version 0.1.13. This flaw allows student accounts to delete courses directly from the “Explore” page. This action should be restricted to administrator accounts only. The vulnerability stems from a lack of proper authorization and authentication checks before executing the deletion function. Technical Details The vulnerability exists because the application fails to verify the user’s role or permissions before allowing them to delete a course. A student user can manipulate the application (e.g., by intercepting and modifying HTTP requests) to trigger the deletion functionality normally reserved for administrators. There are no apparent…

Overview CVE-2025-26155 details an Untrusted Search Path vulnerability affecting NCP Secure Enterprise Client version 13.18 and NCP Secure Entry Windows Client version 13.19. This vulnerability could allow a local attacker to execute arbitrary code with elevated privileges. It is crucial to understand the implications and take immediate action to mitigate this risk. Technical Details The vulnerability stems from the application’s reliance on the Windows search path when loading certain DLL files. If a malicious DLL file with the same name as one expected by the NCP client is placed in a directory that appears earlier in the search path than…

Published: 2025-11-26T19:15:46.387 Overview CVE-2021-4472 describes a local file inclusion (LFI) vulnerability found in the mistral-dashboard plugin for OpenStack. This vulnerability allows an attacker with sufficient privileges within the OpenStack environment to potentially read arbitrary files from the server’s file system. The flaw is located within the ‘Create Workbook’ feature of the dashboard. Technical Details The vulnerability arises from improper sanitization and validation of user-supplied input within the ‘Create Workbook’ functionality. Specifically, the application fails to adequately restrict the paths that can be specified when creating or importing a workbook. This allows an attacker to manipulate the input to include paths…

Overview CVE-2025-64130 is a critical security vulnerability affecting Zenitel TCIV-3+ intercom systems. This vulnerability is a reflected Cross-Site Scripting (XSS) issue, which can be exploited by a remote attacker to execute arbitrary JavaScript code within a victim’s browser. Successful exploitation of this vulnerability can lead to session hijacking, defacement of the intercom’s web interface, or redirection of the user to malicious websites. Technical Details The vulnerability lies in the handling of user-supplied input within the web interface of the Zenitel TCIV-3+ device. Specifically, certain parameters are not properly sanitized before being reflected back to the user’s browser. An attacker can…

Overview A critical out-of-bounds write vulnerability, identified as CVE-2025-64129, has been discovered in Zenitel TCIV-3+ devices. This vulnerability could allow a remote attacker to potentially crash the affected device, disrupting its normal operation. This poses a significant security risk, particularly for organizations relying on these devices for critical communication or security systems. Technical Details CVE-2025-64129 is an out-of-bounds write vulnerability within the Zenitel TCIV-3+ device. Out-of-bounds write vulnerabilities occur when a program writes data beyond the allocated memory buffer. A remote attacker, by sending specially crafted data to the affected device, could trigger this condition, potentially overwriting critical system memory…

Overview CVE-2025-64128 is a critical OS command injection vulnerability identified in a yet-to-be-named product. This vulnerability arises from insufficient validation of user-supplied input, allowing an unauthenticated attacker to inject arbitrary commands. The vulnerability has been assigned a CVSS score of 10, highlighting its severity and potential impact. Technical Details The root cause of CVE-2025-64128 lies in the incomplete input validation of user-provided data. The affected software fails to enforce sufficient formatting rules, allowing attackers to append malicious commands to the input. Because the attacker is unauthenticated, no prior access is required. Specifically, the vulnerability exists because the application does not…

Overview CVE-2025-64127 is a critical security vulnerability affecting specific systems due to an OS command injection flaw. This vulnerability allows an unauthenticated attacker to execute arbitrary operating system commands remotely. Due to insufficient sanitization of user-supplied input, parameters accepted by the application are incorporated into OS commands without proper validation, creating a pathway for malicious exploitation. This vulnerability was published on 2025-11-26T18:15:49.243. Technical Details The root cause of CVE-2025-64127 lies in the inadequate input validation performed on parameters accepted by the vulnerable application. Specifically, when the application constructs operating system commands, it directly includes user-provided input without proper sanitization or…

Overview CVE-2025-64126 is a critical OS command injection vulnerability identified in a specific application. This vulnerability allows an unauthenticated attacker to potentially execute arbitrary commands on the affected system due to insufficient input validation. The core problem lies in the application’s failure to properly sanitize user-supplied input before using it in OS commands. This poses a significant security risk and requires immediate attention. Technical Details The vulnerability stems from improper input validation. Specifically, the application directly accepts a parameter from user input without verifying if it represents a valid IP address or filtering potentially malicious characters. This allows an attacker…