CVE-2025-41441 – Mailform Pro CGI Information Disclosure

May 26, 2025

CVE ID : CVE-2025-41441

Published : May 26, 2025, 7:15 a.m. | 1 hour, 56 minutes ago

Description : Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. This vulnerability only affects products that use the coupon feature.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5173 – HumanSignal Label Studio ML Backend Deserialization Vulnerability

Next Article CVE-2025-5172 – Econtrata SQL Injection Vulnerability

Highlights

CVE-2025-52377 – Nexxt Solutions NCM-X1800 Mesh Router Command Injection Vulnerability

July 15, 2025

CVE ID : CVE-2025-52377

Published : July 15, 2025, 3:15 p.m. | 1 hour, 19 minutes ago

Description : Command injection vulnerability in Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and below, allowing authenticated attackers to execute arbitrary commands on the device. The vulnerability is present in the web management interface’s ping and traceroute functionality, specifically in the /web/um_ping_set.cgi endpoint. The application fails to properly sanitize user input in the `Ping_host_text` parameter before passing it to the underlying system command, allowing attackers to inject and execute arbitrary shell commands as the root user.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-41441 – Mailform Pro CGI Information Disclosure

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-35005 – Microhard BulletLTE-NA2 and IPn4Gii-NA2 AT+MFMAC Command Injection Vulnerability

CVE-2025-6735 – Juzaweb CMS Remote Improper Authorization Vulnerability

Introduction and Overview Microsoft 365 Admin Center

DragonForce Ransomware Claimed To Compromise Over 120 Victims in The Past Year

CVE-2025-52377 – Nexxt Solutions NCM-X1800 Mesh Router Command Injection Vulnerability

Android Security Update – Patch for Vulnerabilities that Allows Privilege Escalation

How to Install LXD on Ubuntu 24.04 LTS

CVE-2023-37516 – HCL Leap Information Disclosure

CVE-2025-41441 – Mailform Pro CGI Information Disclosure

Related Posts