CVE-2025-1301 – Yordam Informatics Library Automation System Reflected Cross-site Scripting Vulnerability

May 2, 2025

CVE ID : CVE-2025-1301

Published : May 2, 2025, 11:15 a.m. | 1 hour, 57 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Yordam Informatics Library Automation System allows Reflected XSS.This issue affects Library Automation System: before 21.6.

Severity: 7.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-2421 – Profelis Informatics SambaBox Code Injection Vulnerability

Next Article CVE-2025-0427 – Arm Ltd Bifrost GPU, Valhall GPU, Arm 5th Gen GPU Architecture After Free Information Disclosure

Highlights

CVE-2025-5346 – Bluebird Devices File Traversal Vulnerability in BootReceiver

July 17, 2025

CVE ID : CVE-2025-5346

Published : July 17, 2025, 1:15 p.m. | 1 hour, 16 minutes ago

Description : Bluebird devices contain a pre-loaded barcode scanner application. This application exposes an unsecured broadcast receiver “kr.co.bluebird.android.bbsettings.BootReceiver”. A local attacker can call the receiver to overwrite file containing “.json” keyword with default barcode config file. It is possible to overwrite file in any location due to lack of protection against path traversal in name of the file.

This issue affects all versions before 1.3.3.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-1301 – Yordam Informatics Library Automation System Reflected Cross-site Scripting Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-32972 – XWiki LESS Compiler Script Privilege Escalation Vulnerability

CVE-2025-38171 – Linux Power Supply Driver Max77705 Workqueue Vulnerability

CVE-2025-47682 – Cozy Vision Technologies Pvt. Ltd. SMS Alert Order Notifications – WooCommerce SQL Injection

CVE-2025-4064 – ScriptAndTools Online-Travling-System Remote File Inclusion Vulnerability

CVE-2025-5346 – Bluebird Devices File Traversal Vulnerability in BootReceiver

A new superpower for growth designers

Tech Behind the Trucks: AI, GPS & Automation in Online Truck Booking Explained

Smashing Animations Part 4: Optimising SVGs

CVE-2025-1301 – Yordam Informatics Library Automation System Reflected Cross-site Scripting Vulnerability

Related Posts