Overview CVE-2025-59694 is a security vulnerability affecting the Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices. This vulnerability, dubbed F03 by some researchers, allows a physically proximate attacker to persistently modify firmware and influence the appliance’s boot process. Successful exploitation requires physical access to the device and the ability to modify firmware either via JTAG or by performing a malicious upgrade to the chassis management board firmware. Technical Details The vulnerability stems from an insecure configuration within the Chassis Management Board’s boot process. An attacker with physical access can leverage JTAG debugging interfaces or…

Overview CVE-2025-13876 is a medium severity security vulnerability affecting the Rareprob HD Video Player All Formats App version 12.1.372 on Android. This vulnerability allows a local attacker to perform path traversal, potentially leading to unauthorized file access or manipulation. The vendor was notified but has not responded. The exploit for this vulnerability is publicly available, increasing the risk of exploitation. Technical Details The vulnerability resides within an unknown function of the com.rocks.music.videoplayer component of the Rareprob HD Video Player All Formats App. By manipulating input, an attacker can bypass intended security restrictions and traverse the file system. The specific attack…

Overview CVE-2025-13875 details a path traversal vulnerability found in Yohann0617’s oci-helper, specifically versions up to 3.2.4. This medium-severity flaw resides within the addCfg function of the OciServiceImpl.java file, which is part of the OCI Configuration Upload component. An attacker can exploit this vulnerability to read arbitrary files on the server by manipulating the File argument. This issue can be exploited remotely. Technical Details The vulnerability exists because the addCfg function in src/main/java/com/yohann/ocihelper/service/impl/OciServiceImpl.java doesn’t properly sanitize the input provided through the File argument. An attacker can inject path traversal sequences (e.g., ../) within the filename to navigate outside the intended directory…

Overview CVE-2025-13505 describes a stored Cross-Site Scripting (XSS) vulnerability found in Datateam Information Technologies Inc.’s Datactive software. Specifically, versions 2.13.34 and prior to 2.14.0.6 are affected. This vulnerability allows an attacker to inject malicious JavaScript code into the application’s database. When other users access the affected data, the malicious script is executed in their browsers, potentially leading to sensitive data theft, session hijacking, or defacement of the application. Technical Details The vulnerability stems from improper neutralization of user-supplied input during web page generation. Specifically, the application fails to adequately sanitize script-related HTML tags. An attacker can inject malicious JavaScript code…

Overview This article details CVE-2025-41066, a user enumeration vulnerability discovered in Horde Groupware v5.2.22. This vulnerability allows unauthenticated attackers to determine the existence of valid user accounts on a Horde Groupware instance. Successfully exploiting this issue can be a precursor to further attacks, such as password brute-forcing or targeted phishing campaigns. Technical Details The vulnerability lies within the /imp/attachment.php script. By sending a crafted HTTP request with specific parameters, an attacker can probe the existence of user accounts. The attack leverages the following parameters: id: This parameter seems to be related to attachment handling but is used in conjunction with…

Overview CVE-2025-41015 identifies a user enumeration vulnerability within TCMAN GIM v11, specifically version 20250304. This flaw allows an unauthenticated attacker to probe the system and determine if a particular user account exists. This information, while seemingly minor, can be a critical first step in a larger attack, such as a brute-force password attempt or targeted phishing campaign. Technical Details The vulnerability is located in the /WS/PDAWebService.asmx endpoint. By manipulating the pda:username parameter in conjunction with the soapaction GetUserQuestionAndAnswer, an attacker can send requests to the server. The server’s response will differ depending on whether the provided username exists. This difference…

Overview CVE-2025-41014 describes a user enumeration vulnerability affecting TCMAN GIM v11, specifically version 20250304. This vulnerability allows an unauthenticated attacker to determine if a specific user exists on the system. This is possible due to how the system handles requests to the /WS/PDAWebService.asmx endpoint. Technical Details The vulnerability resides in the /WS/PDAWebService.asmx endpoint. By sending a SOAP request with the soapaction GetLastDatePasswordChange and providing a username via the pda:username parameter, the system’s response differs depending on whether the provided username exists. This allows an attacker to deduce the existence of user accounts without requiring any authentication. Specifically, an attacker can…

Overview A security vulnerability, identified as CVE-2025-13731, has been discovered in the Nexter Extension – Site Enhancements Toolkit plugin for WordPress. This vulnerability is a Stored Cross-Site Scripting (XSS) flaw, affecting versions up to and including 4.4.1. The vulnerability allows authenticated attackers with Contributor-level access or higher to inject malicious JavaScript code into website pages. This code executes whenever a user visits the compromised page, potentially leading to data theft, account takeover, or other malicious activities. Technical Details The vulnerability lies within the nxt-year shortcode functionality of the Nexter Extension plugin. Insufficient input sanitization and output escaping in the plugin’s…

Overview CVE-2025-13295 is a high-severity vulnerability affecting Argus Technology Inc.’s BILGER software. This vulnerability allows an attacker to insert sensitive information into data that is sent by the system. Specifically, the issue arises from the ability to influence and choose the message identifier. This affects versions of BILGER prior to 2.4.9. Technical Details The vulnerability stems from insufficient input validation and sanitization related to the message identifier within the BILGER application. An attacker can leverage this flaw to inject arbitrary data into the message identifier field. This injected data can then be transmitted alongside legitimate data, potentially exposing sensitive information…

Overview CVE-2025-41012 describes an unauthorized access vulnerability found in TCMAN GIM v11, specifically version 20250304. This vulnerability allows an unauthenticated attacker to determine the existence of users within the system. By leveraging the pda:userId and pda:newPassword parameters in conjunction with the soapaction UnlockUser function within the /WS/PDAWebService.asmx endpoint, an attacker can probe for valid usernames without needing prior authentication. Technical Details The vulnerability resides in the lack of proper authentication and authorization checks within the UnlockUser function of the PDAWebService.asmx service. An attacker can craft a SOAP request containing a pda:userId parameter, essentially attempting to unlock a user’s account. The…