CVE-2025-48045 – Apache Client Default Admin Credentials Disclosure

May 29, 2025

CVE ID : CVE-2025-48045

Published : May 29, 2025, 1:15 p.m. | 16 minutes ago

Description : An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48046 – Apache HTTP Server SMTP Server Password Disclosure Vulnerability

Next Article CVE-2025-48388 – FreeScout Format String Vulnerability

Highlights

CVE-2024-12023 – “Elementor CRM FULL Cliente SQL Injection Vulnerability”

May 2, 2025

CVE ID : CVE-2024-12023

Published : May 2, 2025, 4:15 a.m. | 3 hours, 5 minutes ago

Description : The FULL – Cliente plugin for WordPress is vulnerable to SQL Injection via the ‘formId’ parameter in all versions 3.1.5 to 3.1.25 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This is only exploitable when the PRO version of the plugin is activated, along with Elementor Pro and Elementor CRM.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

“I want to give players something new”: The Outer Worlds 2 game director says the sequel will have a “darker tone,” and I’m all for it

June 10, 2025

CVE-2025-44892 – Fortinet Wireless Access Point Stack Overflow Vulnerability

May 21, 2025

CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation

April 8, 2025

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-48045 – Apache Client Default Admin Credentials Disclosure

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-6331 – PHPGurukul Directory Management System SQL Injection

CVE-2025-34127 – Achat UDP Stack-based Buffer Overflow

How Will AI Impact the Next Generation of Designers?

1,500+ Minecraft Players Infected by Java Malware Masquerading as Game Mods on GitHub

CVE-2024-12023 – “Elementor CRM FULL Cliente SQL Injection Vulnerability”

“I want to give players something new”: The Outer Worlds 2 game director says the sequel will have a “darker tone,” and I’m all for it

CVE-2025-44892 – Fortinet Wireless Access Point Stack Overflow Vulnerability

CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation

CVE-2025-48045 – Apache Client Default Admin Credentials Disclosure

Related Posts