CVE-2025-44091 – Yangyouwang Crud XSS

June 12, 2025

CVE ID : CVE-2025-44091

Published : June 12, 2025, 9:15 p.m. | 46 minutes ago

Description : yangyouwang crud v1.0.0 is vulnerable to Cross Site Scripting (XSS) via the role management function.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleEchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data

Next Article CVE-2025-49589 – PCSX2 Stack-Based Buffer Overflow Vulnerability

Highlights

CVE-2025-52922 – Innoshop Directory Traversal Remote File Inclusion

June 23, 2025

CVE ID : CVE-2025-52922

Published : June 23, 2025, 12:15 p.m. | 2 hours, 31 minutes ago

Description : Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated attacker with access to the admin panel could abuse this to: (1) fully map the filesystem structure via the /api/file_manager/files?base_folder= endpoint, (2) create arbitrary directories on the server via the /api/file_manager/directories endpoint, (3) read arbitrary files from the server by copying the file to a readable location within the application via the /api/file_manager/copy_files endpoint, {4) delete arbitrary files from the server via a DELETE request to /api/file_manager/files, or (5) create arbitrary files on the server by uploading them and then leveraging the /api/file_manager/move_files endpoint to move them anywhere in the filesystem.

Severity: 7.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-44091 – Yangyouwang Crud XSS

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Why Google Code Assist may finally be the programming power tool you need

Pixel 7a battery problems? Google might fix it for free – here’s how to check

CVE-2025-31244 – Apple macOS Sandbox Escalation

CVE-2025-6480 – Apache Code-Projects Simple Pizza Ordering System SQL Injection Vulnerability

CVE-2025-52922 – Innoshop Directory Traversal Remote File Inclusion

CVE-2024-12442 – EnerSys AMPA Command Injection Vulnerability

CVE-2025-47889 – Jenkins WSO2 Oauth Plugin Authentication Bypass Vulnerability

What’s the Real Cost of Building an AI Solution in 2025? A Comprehensive Guide💰

CVE-2025-44091 – Yangyouwang Crud XSS

Related Posts