CVE-2025-54134 – HAX CMS NodeJs allows users to manage their micros

July 21, 2025

CVE ID : CVE-2025-54134

Published : July 21, 2025, 9:15 p.m. | 3 hours, 25 minutes ago

Description : HAX CMS NodeJs allows users to manage their microsite universe with a NodeJs backend. In versions 11.0.8 and below, the HAX CMS NodeJS application crashes when an authenticated attacker provides an API request lacking required URL parameters. This vulnerability affects the listFiles and saveFiles endpoints. This vulnerability exists because the application does not properly handle exceptions which occur as a result of changes to user-modifiable URL parameters. This is fixed in version 11.0.9.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53832 – Lara Translate MCP Server is a Model Context Proto

Next Article CVE-2025-54129 – HAXiam is a packaging wrapper for HAXcms which all

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-54134 – HAX CMS NodeJs allows users to manage their micros

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

ALT Linux 11.0 Workstation: la distribuzione GNU/Linux russa con GNOME e tecnologie all’avanguardia

Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

Your Verizon customer service experience is about to feel very different due to an AI overhaul

Can E Ink tablets really reduce stress? This study and my experience say yes

Your Oura Ring just got one of its biggest feature updates ever – for free

Despite Microsoft’s multi-billion-dollar OpenAI investment, these viral ChatGPT 4o Ghibli memes are another example of just how far behind Copilot is

Zyxel Firewalls Under Attack via Critical CVE-2023-28771

Affordable cybersecurity for SMBs in the midwest

CVE-2025-54134 – HAX CMS NodeJs allows users to manage their micros

Related Posts