CyberSecurityBoard
Sponsor Register Login

CVE-2025-0201

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/update_account.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

This Cyber News was published on www.tenable.com. Publication date: Sat, 04 Jan 2025 04:56:02 +0000


Cyber News related to CVE-2025-0201

Microsoft releases first Windows Server 2025 preview build - Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which ...
11 months ago Bleepingcomputer.com
CVE-2025-0201 - A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/update_account.php. The manipulation of the argument ...
2 days ago Tenable.com
Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d - RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker to send specially crafted packets to change credentials without any prior authentication. A vulnerability of authentication bypass has been found in Zebra ...
1 year ago Cisa.gov
UK to replace physical biometric immigration cards with e-visas - By 2025, Britain is set to ditch physical immigration status documents such as Biometric Residence Permits and Biometric Residence Cards in a bid to make its borders digital, which is in-line with developed countries like Australia. Presently, ...
10 months ago Bleepingcomputer.com
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
7 months ago Cisa.gov
Microsoft No Longer Selling Windows 10 Licenses Redirects to Windows 11 Product Pages - Marking an end to an era, Microsoft is no longer directly selling Windows 10 product keys on their website, instead redirecting users to Windows 11 product pages. This month, Microsoft began displaying an alert on their Windows 10 Home and Pro ...
1 year ago Bleepingcomputer.com
King Charles III signs off on UK Online Safety Act The Register - With the assent of King Charles, the United Kingdom's Online Safety Act has become law, one that the British government says will "Make the UK the safest place in the world to be online." The Online Safety Act, which began in April 2019 as the Online ...
1 year ago Theregister.com
The Momentum, the Margin and the "Magic" with Cisco MSP Partners - The momentum of Cisco's Managed Service Provider partners is undeniable. A recent Canalys study¹ indicates that a striking 79% of partners anticipate growth in this sector in 2023, with 56% expecting growth rates to exceed 10%. By 2027, the managed ...
1 year ago Feedpress.me
Microsoft to let Windows 10 home users buy Extended Security Updates - Microsoft says that all Windows 10 customers will be able to pay for three extra years of security updates through the company's Extended Security Updates program after the end of support date. After Windows 10 reaches the end of support on October ...
1 year ago Bleepingcomputer.com
Microsoft to let Windows 10 home users buy Extended Security Updates - Microsoft says that all Windows 10 customers will be able to pay for three extra years of security updates through the company's Extended Security Updates program after the end of support date. After Windows 10 reaches the end of support on October ...
1 year ago Bleepingcomputer.com
Microsoft Will Charge for Windows 10 Security Updates in 2025 - All good things must come to an end, and a decade after its first release, Windows 10 will finally be sent to a farm upstate. It had a good run, though Microsoft plans to keep dropping security updates after the OS' demise on Oct. 14, 2025. Just be ...
1 year ago Packetstormsecurity.com
Microsoft Exchange 2019 has reached end of mainstream support - Microsoft announced the end of mainstream support for its Exchange Server 2019 on-premises mail server software on January 9, 2023. Starting today, the company says it will no longer accept requests for bug fixes and Design Change Requests, but it ...
11 months ago Bleepingcomputer.com
Generative AI's enterprise gamble: IT leaders bet big on tech despite security woes - Enterprise IT teams are moving swiftly to adopt generative artificial intelligence systems like ChatGPT, according to a new report from Glean and ISG. The report found that IT leaders see generative AI as transformational and are willing to increase ...
11 months ago Venturebeat.com
Microsoft is bringing the Linux sudo command to Windows Server - Microsoft is bringing the Linux 'sudo' feature to Windows Server 2025, offering a new way for admins to elevate privileges for console applications. Superuser do, or sudo, is a Linux console program that allows low-privileged users to execute a ...
11 months ago Bleepingcomputer.com
Windows 11 KB5037853 update fixes File Explorer issues, 20 bugs - Microsoft has released the May 2024 non-security preview update for Windows 11 versions 22H2 and 23H2, which includes 32 fixes and changes. Among this cumulative update's highlights, Microsoft mentions fixing an issue causing the Windows File ...
7 months ago Bleepingcomputer.com
Tesla Issues Fourth Recall For Cybertruck - Most Cybertrucks in the United States are being recalled over problems with windshield wipers and exterior trim. Elon Musk's Tesla is once again having to issue a recall for thousands of its slab-sided Cybertruck vehicles due to a couple of ...
6 months ago Silicon.co.uk
CVE-2010-0194 - Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, ...
6 years ago
CVE-2010-0197 - Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, ...
6 years ago
CVE-2010-0204 - Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, ...
6 years ago
CVE-2010-0201 - Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, ...
6 years ago
CVE-2017-0093 - A remote code execution vulnerability in Microsoft Edge exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute ...
7 years ago
CVE-2017-0201 - A remote code execution vulnerability exists in Internet Explorer in the way that the JScript and VBScript engines render when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary ...
7 years ago
CVE-2003-1332 - Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. ...
7 years ago
CVE-2003-0196 - Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. ...
6 years ago
CVE-2004-0201 - Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different ...
5 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)