Overview CVE-2025-13797 is a medium-severity command injection vulnerability discovered in ADSLR B-QE2W401 routers, specifically affecting firmware version 250814-r037c. This vulnerability allows remote attackers to execute arbitrary commands on the device by manipulating the del_swifimac argument within the /send_order.cgi file. The exploit is publicly available, making it crucial for users to understand and mitigate this risk. The vendor was notified but did not respond to the disclosure. Technical Details The vulnerability lies within the parameterdel_swifimac function of the /send_order.cgi script. Improper sanitization of user-supplied input to this parameter allows an attacker to inject arbitrary commands into the system’s operating system. By…

Overview CVE-2025-13796 identifies a Server-Side Request Forgery (SSRF) vulnerability present in deco-cx applications up to version 0.120.1. This flaw allows a remote attacker to potentially force the application to make requests to unintended locations, potentially exposing sensitive internal resources or performing actions on behalf of the server. Upgrading to version 0.120.2 is strongly recommended to address this security issue. Technical Details The vulnerability resides within the AnalyticsScript function found in the website/loaders/analyticsScript.ts file of the deco-cx apps. Specifically, the component affected is the Parameter Handler. By manipulating the url argument, an attacker can inject arbitrary URLs, causing the server to…

Overview CVE-2025-13795 describes a Cross-Site Scripting (XSS) vulnerability found in the codingWithElias School Management System, specifically in versions up to commit f1ac334bfd89ae9067cc14dea12ec6ff3f078c01. This vulnerability allows a remote attacker to inject malicious scripts into the “First Name” field on the Edit Student Info page, potentially compromising user accounts and data. The vendor was contacted but did not respond. Technical Details The vulnerability resides within the /student-view.php file of the codingWithElias School Management System. Specifically, the “First Name” argument on the Edit Student Info page is not properly sanitized. This lack of input validation allows an attacker to inject malicious JavaScript code.…

Overview CVE-2025-35028 is a critical vulnerability affecting the HexStrike AI MCP (Management and Control Plane) server. This command injection vulnerability allows an attacker to execute arbitrary commands with root privileges on the affected server. Due to the severity and ease of exploitation, immediate action is recommended to mitigate this risk. Technical Details The vulnerability resides in the EnhancedCommandExecutor class of the HexStrike AI MCP server. Specifically, when an API endpoint created by this class receives a command-line argument starting with a semicolon (;), the server fails to properly sanitize this input. Consequently, the crafted command is executed directly with the…

Overview CVE-2025-13793 identifies a Cross-Site Scripting (XSS) vulnerability found in the winston-dsouza Ecommerce-Website, specifically in versions up to commit 87734c043269baac0b4cfe9664784462138b1b2e. This vulnerability allows remote attackers to inject arbitrary web scripts into the browser of unsuspecting users. The vendor, winston-dsouza, has not responded to attempts at responsible disclosure, leaving websites using this software vulnerable. Technical Details The vulnerability resides within the /includes/header_menu.php file of the Ecommerce-Website. The application fails to properly sanitize user-supplied input passed through the Error GET parameter. By manipulating this parameter, an attacker can inject malicious JavaScript code that will be executed in the context of the user’s…

Overview A high-severity code injection vulnerability, identified as CVE-2025-13792, has been discovered in Qualitor versions 8.20 and 8.24. This vulnerability allows remote attackers to inject arbitrary code via the passageiros argument in the getResumo.php file within the /html/st/stdeslocamento/request/ directory. The exploit is publicly available and actively being exploited. The vendor was contacted but has not responded to the disclosure. Technical Details The vulnerability resides in the eval function within /html/st/stdeslocamento/request/getResumo.php. By manipulating the passageiros argument, an attacker can inject and execute arbitrary code on the server. This occurs because the input isn’t properly sanitized or validated before being passed to…

Overview CVE-2025-13791 describes a path traversal vulnerability discovered in Scada-LTS (Long Term Support) versions up to 2.7.8.1. This vulnerability resides within the Project Import functionality and can be exploited remotely. The vendor was notified but did not respond. Technical Details The vulnerability is located in the Common.getHomeDir function within the br/org/scadabr/vo/exporter/ZIPProjectManager.java file. By manipulating input during the Project Import process, an attacker can inject arbitrary paths, allowing them to read or potentially overwrite files outside the intended directory. This type of vulnerability is commonly known as a Zip Slip vulnerability. The exploit is publicly available. CVSS Analysis The Common Vulnerability…

Overview A Cross-Site Request Forgery (CSRF) vulnerability, identified as CVE-2025-13790, has been discovered in Scada-LTS versions up to 2.7.8.1. This vulnerability allows an attacker to potentially execute unauthorized actions on behalf of a legitimate user without their knowledge. The vendor was notified but did not respond. Public exploits are available, increasing the risk to Scada-LTS deployments. Technical Details CVE-2025-13790 affects an unspecified function within Scada-LTS. By crafting a malicious web page or link, an attacker can trick a logged-in user into inadvertently sending requests that perform actions on the Scada-LTS system. This could include modifying configurations, adding or deleting users,…

Overview CVE-2025-13789 describes a Server-Side Request Forgery (SSRF) vulnerability found in ZenTao, specifically affecting versions up to 21.7.6-8564. This vulnerability resides within the makeRequest function of the module/ai/model.php file. By manipulating the Base argument, attackers can potentially force the ZenTao server to make requests to arbitrary internal or external destinations, leading to information disclosure or other malicious activities. A public exploit is available, making immediate action crucial. Technical Details The vulnerability lies in the insufficient validation and sanitization of the Base parameter within the makeRequest function. An attacker can exploit this by injecting a malicious URL into the Base parameter,…

Overview A high-severity SQL injection vulnerability, identified as CVE-2025-13788, has been discovered in Chanjet CRM versions up to 20251106. This flaw allows a remote attacker to execute arbitrary SQL commands, potentially leading to data breaches, system compromise, and other severe consequences. The vulnerability is actively exploitable and a proof-of-concept (PoC) is publicly available. The vendor has been unresponsive to initial disclosure attempts. Technical Details The vulnerability exists in the /tools/upgradeattribute.php file. Specifically, the gblOrgID parameter is susceptible to SQL injection. An attacker can manipulate this parameter in a crafted request to inject malicious SQL code, allowing them to bypass security…