CVE-2025-6839 – Conjure Position Department Service Quality Evaluation System Less Bootstrap Mixin Head PHP Backdoor Remote Code Execution

June 28, 2025

CVE ID : CVE-2025-6839

Published : June 29, 2025, 2:15 a.m. | 1 hour, 7 minutes ago

Description : A vulnerability, which was classified as critical, has been found in Conjure Position Department Service Quality Evaluation System up to 1.0.11. Affected by this issue is the function eval of the file public/assets/less/bootstrap-less/mixins/head.php. The manipulation of the argument payload leads to backdoor. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53392 – pfSense File Traversal Vulnerability

Next Article CVE-2025-6837 – Code-projects Library System Unrestricted File Upload Vulnerability

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-6839 – Conjure Position Department Service Quality Evaluation System Less Bootstrap Mixin Head PHP Backdoor Remote Code Execution

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Lingmo OS – modern Linux distribution based on Debian

Sampling Without Data is Now Scalable: Meta AI Releases Adjoint Sampling for Reward-Driven Generative Modeling

Qwen3 family of reasoning models now available in Amazon Bedrock Marketplace and Amazon SageMaker JumpStart

Qualcomm’s new Adreno Control Panel will let you fine-tune the GPU for certain games on Snapdragon X Elite devices

Microsoft makes it easier to use Classic Outlook with new Outlook on Windows 11

Steam Deck OLED falls out of stock in US & Canada due to “supply chain constraints” presumably triggered by tariffs — but the price won’t increase

ImageMagick Flaw (CVE-2025-53101): Stack Buffer Overflow Allows Potential Remote Code Execution

Distribution Release: SparkyLinux 7.7

CVE-2025-6839 – Conjure Position Department Service Quality Evaluation System Less Bootstrap Mixin Head PHP Backdoor Remote Code Execution

Related Posts