CVE-2025-0938 - Python’s urllib.parse Flaw with Square Brackets in Domain Names (Exclusive Post)
Date: June 2024
Status: Public
Affected Python versions: Python 3 (before 3.12.4 & 3.11.9)
CWE: CWE-20 (Improper Input Validation)
Summary
A
CVE-2025-22957 - Exploiting a Critical SQL Injection in ZZCMS <= 2023 (Unauthenticated)
ZZCMS is a widely used, open-source content management system popular among small businesses and personal blogs in Asia. Recently, a nasty vulnerability has been discovered
CVE-2025-23001 - Host Header Injection in CTFd 3.7.5 — How This Severe Bug Endangers Your CTF Platform
---
CTFd is one of the most popular platforms for hosting Capture The Flag (CTF) competitions — thousands of schools, companies, and security communities use it.
CVE-2024-53584 - OS Command Injection in OpenPanel v.3.4 via `timezone` Parameter
OpenPanel is a popular web-based server control panel, widely used for managing server tasks with a simple graphical interface. In May 2024, a critical security
CVE-2024-57432 - Exploiting Insecure Permissions in macrozheng mall-tiny 1..1 with Hardcoded JWT Secrets (Exclusive Guide)
The macrozheng mall-tiny project (version 1..1) is a lightweight e-commerce platform widely used for learning and small business solutions. However, a severe vulnerability—CVE-2024-57432—
Episode
00:00:00
00:00:00