CyberSecurityBoard
Sponsor Register Login

CVE-2025-0973

A vulnerability classified as critical was found in CmsEasy 7.7.7.9. This vulnerability affects the function backAll_action in the library lib/admin/database_admin.php of the file /index.php?case=database&act=backAll&admin_dir=admin&site=default. The manipulation of the argument select[] leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

This Cyber News was published on www.tenable.com. Publication date: Mon, 03 Feb 2025 06:57:02 +0000


Cyber News related to CVE-2025-0973

CVE-2014-9794 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-0973. Reason: This candidate is a reservation duplicate of CVE-2014-0973. Notes: All CVE users should reference CVE-2014-0973 instead of this candidate. All references and ...
55 years ago Tenable.com
CVE-2025-0973 - A vulnerability classified as critical was found in CmsEasy 7.7.7.9. This vulnerability affects the function backAll_action in the library lib/admin/database_admin.php of the file /index.php?case=database&act=backAll&admin_dir=admin&site=default. The ...
8 hours ago Tenable.com
Microsoft releases first Windows Server 2025 preview build - Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which ...
1 year ago Bleepingcomputer.com
CVE-2020-0924 - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID ...
4 years ago
CVE-2020-0925 - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID ...
4 years ago
CVE-2020-0926 - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID ...
4 years ago
CVE-2020-0927 - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID ...
4 years ago
CVE-2020-0954 - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID ...
4 years ago
CVE-2020-0923 - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID ...
4 years ago
CVE-2020-0930 - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID ...
4 years ago
CVE-2020-0973 - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID ...
4 years ago
CVE-2020-0978 - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID ...
4 years ago
CVE-2020-0933 - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID ...
4 years ago
CVE-2018-0974 - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure ...
4 years ago
CVE-2018-0969 - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure ...
4 years ago
CVE-2018-0973 - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure ...
4 years ago
CVE-2018-0887 - An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, ...
4 years ago
CVE-2018-0971 - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure ...
4 years ago
CVE-2018-0960 - An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows ...
4 years ago
CVE-2018-0972 - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure ...
4 years ago
CVE-2018-0970 - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure ...
4 years ago
CVE-2018-0975 - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure ...
4 years ago
CVE-2018-0968 - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure ...
4 years ago
CVE-2016-0975 - Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, ...
2 years ago
CVE-2016-0983 - Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & ...
2 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)