CVE CyberSecurity Database News (Page 176)

Mar 1, 2025 RCE Exploit PHP

CVE-2025-1791 - Critical Unrestricted File Upload in Zorlan SkyCaiji 2.9 (Complete Exploit Walkthrough)

A critical vulnerability, CVE-2025-1791, was discovered in Zorlan SkyCaiji 2.9. This flaw allows an attacker to upload any file—such as malicious scripts—directly

Mar 1, 2025 WordPress Exploit

CVE-2025-1671 - Privilege Escalation in Academist Membership WordPress Plugin – Complete Analysis & Exploit Walkthrough

In this in-depth blog post, I’ll break down everything you need to know about CVE-2025-1671, a serious vulnerability affecting the Academist Membership plugin for

Feb 28, 2025

CVE-2025-26466 - Exploiting an OpenSSH Ping Memory Leak for Denial of Service (DoS)

Published: June 2024 Summary A new security vulnerability has been discovered in OpenSSH, affecting how the server handles "ping" packets during the SSH

Feb 28, 2025 WordPress API Exploit PHP Google

CVE-2025-0769 - Unauthenticated PHP Object Injection in PixelYourSite 10.1.1.1

WordPress plugins play a vital role in making websites dynamic and feature-rich. However, they can sometimes introduce security risks if not coded carefully. Recently, a

Feb 28, 2025 XSS Exploit

CVE-2025-22274 - HTML Injection Vulnerability Discovered in CyberArk Endpoint Privilege Manager (SaaS 24.7.1) – Exploit, Code Example & Analysis

--- Updated: June 2024 CVE: CVE-2025-22274 Product Affected: CyberArk Endpoint Privilege Manager SaaS version 24.7.1 Issue: HTML Injection via "content" field