Overview CVE-2025-65844 details a critical vulnerability affecting EverShop version 2.0.1. This vulnerability allows an unauthenticated attacker to upload arbitrary files and create directories within the /api/images endpoint. This poses a significant security risk as malicious files could be uploaded and executed, potentially leading to remote code execution, data breaches, and system compromise. Technical Details The vulnerability stems from insufficient access control and input validation on the /api/images endpoint. An attacker can directly send a crafted HTTP request to this endpoint to upload any file type, bypassing any intended authentication mechanisms. Furthermore, the attacker can create arbitrary directories within the images…

Overview This article details CVE-2025-65215, a Cross-Site Scripting (XSS) vulnerability found in Sourcecodester Web-based Pharmacy Product Management System version 1.0. This vulnerability allows an attacker to inject malicious scripts into the application, potentially compromising user accounts, data, and the overall security of the system. Technical Details The vulnerability resides in the /product_expiry/add-supplier.php file within the application. Specifically, the Supplier Name field is susceptible to reflected XSS. An attacker can inject malicious JavaScript code into this field, which will then be executed in the browser of anyone who views the page after the malicious data is submitted. The lack of proper…

Overview CVE-2025-65105 describes a medium severity security vulnerability in Apptainer, an open-source container platform. This flaw allows a container to disable the --security=apparmor:<profile> and --security=selinux:<label> options, potentially bypassing intended security restrictions. This impacts systems where AppArmor or SELinux are relied upon to limit container operations. The vulnerability affects Apptainer versions prior to 1.4.5. Technical Details The --security option in Apptainer is designed to allow the root user to apply additional security restrictions to containers, using AppArmor or SELinux profiles/labels. While documentation indicates this is a root-only feature, it functions for unprivileged users on systems where AppArmor or SELinux are enabled.…

Overview CVE-2025-64750 describes a medium severity security vulnerability affecting SingularityCE and SingularityPRO, open-source container platforms. This vulnerability allows an attacker to potentially bypass Linux Security Module (LSM) restrictions under specific conditions. The vulnerability resides in how shared mounts are handled, allowing a malicious container to redirect LSM label write operations, effectively disabling LSM security controls. Technical Details This vulnerability arises when a user relies on LSM restrictions to prevent malicious operations within a SingularityCE or SingularityPRO container. An attacker can exploit this by crafting a malicious container image that redirects the mount of /proc to a destination that’s a shared…

Overview This article details a critical command injection vulnerability identified as CVE-2025-60854 affecting D-Link R15 (AX1500) routers running firmware version 1.20.01 and below. This vulnerability allows an attacker to potentially execute arbitrary commands on the router’s operating system via a maliciously crafted password change request. Technical Details CVE-2025-60854 stems from insufficient input validation of the model name parameter within the web administrator page. Specifically, when a user initiates a password change request, the model name parameter, which is ostensibly intended for display purposes only, is not properly sanitized. By injecting shell commands into this parameter, an attacker can potentially execute…

Overview CVE-2025-58386 is a critical vulnerability affecting Terminalfour versions 8 through 8.4.1.1. This flaw allows a Power User to escalate their privileges (or those of other low-privileged accounts) to that of an Administrator. This is achieved by manipulating the userLevel parameter in the user management function during account creation or modification. Technical Details The vulnerability lies in the lack of proper server-side authorization checks when handling the userLevel parameter. A Power User, by intercepting and modifying the network request involved in user creation or modification, can assign the Administrator role to a target account. This account can be an existing…

Overview CVE-2025-52622 identifies a vulnerability within the BigFix SaaS platform related to missing security headers in HTTP responses. The absence of these headers weakens the client-side security posture of the application, making it more susceptible to various web-based attacks. This vulnerability was published on 2025-12-02T18:15:47.820 and assigned a CVSS score of 5.4, indicating a medium severity. Technical Details The vulnerability stems from the lack of proper security headers in the HTTP responses generated by the BigFix SaaS application. Security headers are crucial for instructing the browser on how to behave when handling the response. The missing headers may include, but…

Overview CVE-2025-65656 describes a file inclusion vulnerability discovered in dcat-admin, a PHP admin panel framework. Specifically, versions 2.2.3-beta and earlier are susceptible. This vulnerability resides in the admin/src/Extend/VersionManager.php file. An attacker could potentially exploit this flaw to include arbitrary files, leading to sensitive information disclosure or even remote code execution. Technical Details The vulnerability stems from insufficient sanitization or validation of user-supplied input used when including files within the VersionManager.php file. The exact mechanism of exploitation requires further analysis of the vulnerable code. However, the core problem is that an attacker can manipulate the file path used in an include…

Overview CVE-2025-65358 details a significant SQL injection vulnerability affecting Edoc Doctor Appointment System version 1.0.1. This vulnerability allows attackers to potentially execute arbitrary SQL queries, leading to data breaches, modification, or complete system compromise. The vulnerability exists within the /admin/appointment.php file, specifically through the unsanitized ‘docid’ parameter. Technical Details The vulnerability lies in the lack of proper input validation and sanitization of the docid parameter within the /admin/appointment.php script. An attacker can craft a malicious SQL query within this parameter, which, when processed by the application, can lead to the execution of arbitrary SQL commands. This bypasses the intended database…

Overview This article details CVE-2025-65186, a stored Cross-Site Scripting (XSS) vulnerability affecting Grav CMS version 1.7.49. This vulnerability allows authenticated users with page editing privileges to inject malicious JavaScript code into page content via the Markdown editor. When other users, particularly administrators, view the affected page in the Grav CMS admin interface, the injected script executes, potentially leading to account compromise, data theft, or other malicious activities. Technical Details The vulnerability lies in the inadequate sanitization of user-supplied input within the page editor’s Markdown functionality. Specifically, the application fails to properly escape or remove <script> tags. An attacker can craft…