PHP - CVE CyberSecurity Database News (Page 17)

Feb 12, 2025 API PHP

CVE-2025-26357 - Path Traversal Vulnerability in Q-Free MaxTime ≤ 2.11. (Exploit & Technical Breakdown)

CVE-2025-26357 is a critical Path Traversal vulnerability (CWE-35) discovered in the Q-Free MaxTime traffic management software, affecting all versions up to and including 2.11.

Feb 12, 2025 RCE Exploit PHP

CVE-2025-1186 - Critical Remote Deserialization Vulnerability in XunRuiCMS <=4.6.4 (Exploit Details Inside)

A new critical security flaw, CVE-2025-1186, has been found in *XunRuiCMS*, an open-source content management system widely used in the Chinese web development community. According

Feb 8, 2025 XSS WordPress PHP

CVE-2025-0169 - Exploiting Stored Cross-Site Scripting (XSS) in DWT - Directory & Listing WordPress Theme (<= 3.3.4)

The web is full of themes and plugins that make WordPress shine, but sometimes, a simple oversight in code can lead to serious security holes.

Feb 6, 2025 XSS Exploit PHP

CVE-2025-1082 - Cross-Site Scripting (XSS) Vulnerability in Mindskip xzs-mysql 学之思开源考试系统 3.9. (Exclusive Analysis)

--- Overview A critical security vulnerability, CVE-2025-1082, has been discovered in the open-source examination platform Mindskip xzs-mysql 学之思开源考试系统, version 3.9.. The issue affects the

Feb 6, 2025 Exploit Apache PHP

CVE-2024-37358 - Apache James IMAP Literal Abuse Denial-of-Service Vulnerability Explained (With Exploit Details)

A new security issue identified as CVE-2024-37358 affects Apache James, a popular open-source email server. Just like the recent CVE-2024-34055, this vulnerability lets both authenticated