CyberSecurityBoard
Sponsor Register Login

CVE-2025-4332

A vulnerability was found in PHPGurukul Company Visitor Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /visitor-detail.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Publication date: Tue, 06 May 2025 07:31:00 +0000


Cyber News related to CVE-2025-4332

CVE-2025-4332 - A vulnerability was found in PHPGurukul Company Visitor Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /visitor-detail.php. The manipulation of the argument editid leads to sql ...
10 months ago
CVE-2005-4825 - Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain ...
7 years ago
CVE-2009-4332 - db2pd in the Problem Determination component in IBM DB2 9.1 before FP7 and 9.5 before FP5 allows attackers to cause a denial of service (NULL pointer dereference and application termination) via unspecified vectors. Per: ...
15 years ago
CVE-2011-4332 - Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
14 years ago
CVE-2012-4332 - The ShareYourCart plugin 1.7.1 for WordPress allows remote attackers to obtain the installation path via unspecified vectors related to the SDK. ...
13 years ago
CVE-2006-4332 - Unspecified vulnerability in the DHCP dissector in Wireshark (formerly Ethereal) 0.10.13 through 0.99.2, when run on Windows, allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a bug in Glib. ...
8 years ago
CVE-2007-4332 - SQL injection vulnerability in article.php in Article Dashboard, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action. NOTE: the provenance of this information is ...
8 years ago
CVE-2008-4332 - SQL injection vulnerability in the showjavatopic function in func.php in PHP infoBoard V.7 Plus allows remote attackers to execute arbitrary SQL commands via the idcat parameter to showtopic.php. ...
8 years ago
CVE-2016-4332 - The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library ...
8 years ago
CVE-2010-4332 - Pointter PHP Content Management System 1.0 allows remote attackers to bypass authentication and obtain administrative privileges via arbitrary values of the auser and apass cookies. ...
2 years ago
CVE-2005-4332 - Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) ...
7 years ago
CVE-2018-4332 - A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. ...
6 years ago
CVE-2013-4332 - Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) ...
2 years ago
CVE-2021-4332 - The Plus Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in versions up to, and including 4.1.9 (pro) and 2.0.6 (free). The plugin has a feature to add an "Info Box" to an Elementor created page. This Info Box ...
2 years ago
CVE-2022-4332 - In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus ...
2 years ago
CVE-2023-4332 - Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file ...
2 years ago
CVE-2015-4332 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none ...
56 years ago Tenable.com
CVE-2017-4332 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
56 years ago Tenable.com
CVE-2024-4332 - An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional "Auto-synchronize LDAP Users, ...
1 year ago
CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits - An improper output neutralization for logs vulnerability CVE-2024-5594 in Siemens SINEMA Remote Connect Server.  It allows a malicious OpenVPN peer to send garbage to the OpenVPN log or cause high CPU load. The advisory includes missing ...
11 months ago Cybersecuritynews.com CVE-2024-5594
Microsoft Fix Targets Attacks on SharePoint Zero-Day – Krebs on Security - In an advisory about the SharePoint security hole, a.k.a. CVE-2025-53770, Microsoft said it is aware of active attacks targeting on-premises SharePoint Server customers and exploiting vulnerabilities that were only partially addressed by the July 8, ...
7 months ago Krebsonsecurity.com CVE-2025-53770
CISA Releases 20 ICS Advisories Detailing Vulnerabilities & Exploits - Vulnerabilities in the SIPROTEC 5 series include Cleartext storage of sensitive information (CVE-2024-53651), which has a CVSS v3 base score of 4.6. Mitigation involves firmware updates and restricting network access. This SCADA management software ...
1 year ago Cybersecuritynews.com CVE-2024-53651 CVE-2025-25067 CVE-2025-24865 CVE-2025-22896 CVE-2025-23411 CVE-2023-37482 CVE-2024-54015 CVE-2022-38465 CVE-2025-24811 CVE-2025-20615 CVE-2025-24836 CVE-2025-23421 CVE-2024-53977 CVE-2025-23363 CVE-2025-1283 CVE-2025-23403 CVE-2025-26473 CVE-2025-25281 CVE-2025-24861
Apple backports zero-day patches to older iPhones and Macs - Apple has released security updates that backport fixes for actively exploited vulnerabilities that were exploited as zero-days to older versions of its operating systems. Specifically, the latest update for iOS 18.4 and iPadOS 18.4 fixes 77 ...
11 months ago Bleepingcomputer.com CVE-2025-30456
Weekly Cybersecurity Newsletter: Chrome 0-Day, VMware Flaws Patched, Fortiweb Hack, Teams Abuse, and More - Google has issued an emergency security update for its Chrome browser to address a critical zero-day vulnerability, CVE-2025-6558, that is being actively exploited in the wild. The Node.js project released security updates on July 15, 2025, to fix ...
7 months ago Cybersecuritynews.com CVE-2025-6558
CVE-2025-37859 - In the Linux kernel, the following vulnerability has been resolved: ...
10 months ago

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)