Overview This article provides an in-depth analysis of CVE-2025-63695, a critical vulnerability affecting DzzOffice v2.3.7 and earlier. This vulnerability allows for arbitrary file uploads, potentially leading to remote code execution and complete system compromise. DzzOffice is a web-based office collaboration platform, and this security flaw poses a significant risk to organizations using the affected versions. Technical Details CVE-2025-63695 is located in the /dzz/system/ueditor/php/controller.php file of DzzOffice. The vulnerability stems from insufficient input validation and sanitization during the file upload process. Attackers can bypass intended restrictions and upload malicious files, such as PHP scripts, to the server. These files can then…

Overview A significant security vulnerability, identified as CVE-2025-63694, has been discovered in DzzOffice, a web-based office suite. This vulnerability is a SQL Injection flaw present in versions 2.3.7 and earlier, specifically affecting the explorer/groupmanage component. Exploitation of this vulnerability could allow attackers to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or even complete system compromise. Technical Details The SQL Injection vulnerability exists within the explorer/groupmanage functionality of DzzOffice. The exact input vector where the injection occurs is detailed in the references provided. Without proper input sanitization or parameterization, user-supplied data is directly incorporated into SQL queries.…

Overview CVE-2025-63514 identifies a Cross-Site Scripting (XSS) vulnerability affecting the kishan0725 Hospital Management System. Specifically, this vulnerability is located within the appsearch.php file and is triggered via the email parameter. This flaw allows an attacker to inject malicious client-side scripts into the application, potentially compromising user accounts and data. Technical Details The appsearch.php file in the kishan0725 Hospital Management System improperly sanitizes user input provided through the email parameter. An attacker can exploit this by injecting malicious JavaScript code into this parameter. When a user interacts with the application, this injected script will be executed within their browser context. This…

Overview CVE-2025-56643 identifies a critical security vulnerability within Requarks Wiki.js version 2.5.307. The flaw stems from the application’s failure to properly revoke or invalidate JSON Web Tokens (JWTs) upon user logout. This means that previously issued tokens remain active and can be potentially reused to gain unauthorized access to the system, even after a user has explicitly logged out. This poses a significant risk to session integrity and data security. Technical Details The core issue lies within the authentication resolver logic of Wiki.js. Specifically, when a user logs out, the application does not implement a mechanism to actively invalidate or…

Overview CVE-2025-63829 describes an infinite loop vulnerability affecting eProsima Fast-DDS versions 3.3 and earlier. This flaw stems from an integer overflow within the Time_t::fraction() function. Exploitation of this vulnerability can lead to a denial-of-service (DoS) condition, potentially halting critical systems relying on Fast-DDS for real-time data communication. Technical Details The vulnerability resides within the Time_t::fraction() function, as detailed in the Fast-DDS source code. An integer overflow occurs when the result of a calculation exceeds the maximum value that can be stored in the integer variable. In this case, a carefully crafted input can trigger this overflow, leading to an infinite…

Overview CVE-2025-63513 describes an Insecure Direct Object Reference (IDOR) vulnerability found in kishan0725 Hospital Management System v4. This vulnerability affects the appointment cancellation functionality, potentially allowing unauthorized users to cancel appointments belonging to other patients. An IDOR vulnerability occurs when an application uses user-supplied input to directly access objects, such as database records or files, without proper authorization checks. This allows an attacker to manipulate the input (e.g., an appointment ID) to access or modify objects they shouldn’t have access to. Technical Details The vulnerability resides within the appointment cancellation feature of the Hospital Management System. Specifically, the application likely…

Overview CVE-2025-63512 identifies a significant security vulnerability in kishan0725 Hospital Management System version 4. This flaw is a SQL Injection vulnerability located in the admin-panel1.php file, specifically within the doctor deletion functionality. The application’s failure to properly sanitize user-supplied input makes it susceptible to malicious SQL queries, potentially compromising sensitive patient and administrative data. Technical Details The vulnerability stems from the improper handling of the demail parameter within the admin-panel1.php script. When deleting a doctor’s record, the application takes the value provided in the demail parameter (which is likely the doctor’s email address) and directly incorporates it into a SQL…

Overview A critical remote command execution (RCE) vulnerability, identified as CVE-2025-63258, has been discovered in H3C ERG3/ERG5 series routers and XiaoBei series routers, cloud gateways, and wireless access points. This vulnerability allows a remote attacker to execute arbitrary commands on the affected devices. Given the potential impact, immediate action is recommended to mitigate the risk. Technical Details The vulnerability resides in how the affected H3C devices handle the sessionid parameter. Attackers can inject crafted commands into this parameter, which the router then executes with elevated privileges. Specifically, the affected versions include: ERG3/ERG5 series routers XiaoBei series routers, cloud gateways, and…

Overview CVE-2025-61713 is a medium severity vulnerability affecting Fortinet FortiPAM. It stems from the cleartext storage of sensitive information in memory, allowing an authenticated attacker with read-write admin privileges to the CLI to potentially gain access to other administrator’s credentials. This vulnerability impacts all versions of FortiPAM from 1.0 through 1.6.0. Technical Details The vulnerability, classified as CWE-316 (Cleartext Storage of Sensitive Information in Memory), resides in how FortiPAM handles and stores administrator credentials. Specifically, the credentials of administrators are not properly encrypted or protected while held in memory. An attacker with the necessary privileges (read-write admin access to the…

Overview CVE-2025-59669 describes a security vulnerability found in Fortinet FortiWeb web application firewalls (WAF). This vulnerability involves the use of hardcoded credentials that can be exploited by an authenticated attacker with shell access to the device. Successful exploitation allows the attacker to connect to the Redis service and gain unauthorized access to its data. Technical Details The vulnerability stems from the presence of hardcoded credentials used to access the Redis database within the FortiWeb appliance. If an attacker manages to gain shell access (e.g., through another vulnerability or misconfiguration) to the FortiWeb system, they can leverage these hardcoded credentials to…