Poster - CVE CyberSecurity Database News (Page 178)

Feb 28, 2025 WordPress API Exploit

CVE-2024-13796 - How a WordPress Plugin Exposed User Emails & Sensitive Info

WordPress powers millions of websites, and plugins make it even more powerful. But even popular plugins can have serious bugs. This is the case with

Feb 28, 2025 API Exploit MITM

CVE-2025-25728 - Bosscomm IF740 Firmware Leak Exposes Sensitive Data in Plaintext API Calls

In early 2025, cybersecurity researchers disclosed a critical vulnerability—CVE-2025-25728—in the Bosscomm IF740 IoT device. This problem affects devices running Firmware versions 11001.7078

Feb 27, 2025

CVE-2024-51139 - Critical Buffer Overflow in DrayTek Vigor Routers’ HTTP CGI Parser

A serious security vulnerability has been publicly disclosed as CVE-2024-51139 affecting a wide range of DrayTek Vigor routers. This flaw is a buffer overflow found

Feb 27, 2025 API Exploit SQL PHP

CVE-2024-55160 - SQL Injection in GFast v2 to v3.2 via the `OrderBy` Parameter

In the ongoing battle for cybersecurity, SQL injection vulnerabilities remain a top threat for web applications. In this blog post, we focus on a newly

Feb 27, 2025 Exploit

CVE-2024-51138 - Remote Code Execution in DrayTek Vigor Routers via TR-069 STUN URL Parsing (Exploit and Technical Deep-Dive)

--- A new critical vulnerability, CVE-2024-51138, has been identified in several popular DrayTek Vigor router models (source). This security flaw could let a remote hacker