CVE-2025-49113 - Remote Code Execution in Roundcube Webmail via Authenticated PHP Object Deserialization
CVE-2025-49113 is a critical vulnerability affecting Roundcube Webmail (before version 1.5.10 and 1.6.x before 1.6.11). If you’re running
CVE-2025-48828 - How a Simple Trick in vBulletin Template Conditionals Let Hackers Run Any PHP Code
In May 2025, a major security flaw surfaced in popular forum software vBulletin. The issue, tracked as CVE-2025-48828, allows hackers to run arbitrary PHP code
CVE-2025-48827 - How Hackers Bypassed vBulletin API Protections (With Exploit Details)
---
If you run a vBulletin forum, this is for you. In May 2025, security researchers found a critical vulnerability (CVE-2025-48827) affecting vBulletin 5.. – 5.
CVE-2025-35939 - How Unauthenticated Users Could Inject Content into Craft CMS Session Files
*Published: June 2024*
Craft CMS is a widely used content management system for building flexible websites and digital experiences. But recently, a serious vulnerability (tracked
CVE-2025-46661 - Exploiting Unauthenticated Remote Code Execution in IPW Systems Metazo (Analyze & Demo)
In early 2025, security researchers spotted a serious flaw (now CVE-2025-46661) in IPW Systems’ Metazo software, affecting all versions through 8.1.3. This vulnerability
Episode
00:00:00
00:00:00