CyberSecurityBoard
Sponsor Register Login

CVE-2025-8230

A vulnerability classified as critical was found in Campcodes Courier Management System 1.0. This vulnerability affects unknown code of the file /manage_user.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Publication date: Sun, 27 Jul 2025 12:02:00 +0000


Cyber News related to CVE-2025-8230

New GPAUF Technique to Root Qualcomm-Based Android Phones - Qualcomm has issued patches for the vulnerabilities, but security experts recommend users update their devices immediately as attackers could potentially exploit these flaws to gain complete control of affected devices, access sensitive data, and ...
2 months ago Cybersecuritynews.com CVE-2024-23380
CVE-2025-8230 - A vulnerability classified as critical was found in Campcodes Courier Management System 1.0. This vulnerability affects unknown code of the file /manage_user.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated ...
4 hours ago
Jira Down - Atlassian Jira Outage Disrupts Dashboard Access for Users Globally - Atlassian, the company behind Jira, a leading project management and issue-tracking platform, is grappling with a significant service disruption that has left users unable to load certain Dashboard widgets. According to Atlassian’s incident report, ...
3 months ago Cybersecuritynews.com
DIOR Cyber Attack - Customers Personal & Financial Data Exposed - “No passwords or payment information, including bank account or payment card information, were in the database affected in the incident… The confidentiality and security of our customers’ data is an absolute priority for the House of Dior. ...
2 months ago Cybersecuritynews.com
Cybersecurity Isn’t Just For Experts Anymore: Why You Should Care - I learned how often things people didn’t know were dangerous, like a Bluetooth flaw in your headphones or a fake browser update, can take over their lives by reading more about security news. This is an interesting scenario because, in a world ...
1 week ago Cybersecuritynews.com
CVE-2015-8230 - Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted ARP packets. ...
9 years ago
CVE-2016-8230 - In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send system serial number, machine type and model and product name to Lenovo's servers. ...
8 years ago
CVE-2019-8230 - In Magentoprior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with administrative privileges to edit configuration settings can execute arbitrary code through a crafted support/output path. ...
4 years ago
CVE-2020-8230 - A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR and DEP protections in for windows allowed to corrupt memory. ...
2 years ago
CVE-2019-6771 - This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 2019.010.20098. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ...
2 years ago
CVE-2017-8230 - On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low privileged user who belongs to the ...
6 years ago
CVE-2014-8230 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none ...
55 years ago Tenable.com
CVE-2024-8230 - A vulnerability was found in Tenda O6 1.0.0.7(2054). It has been rated as critical. This issue affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based ...
10 months ago
FBI Warns of Hackers Compromising End-of-Life Routers to Hide Their Activity - According to a recent FBI FLASH report, threat actors are targeting end-of-life routers that no longer receive security patches and software updates, turning them into anonymous proxies that help criminals conceal their digital footprints. This ...
2 months ago Cybersecuritynews.com CVE-2020-17456
GPT-4o Copilot Trained in Over 30 Popular Programming Languages - To activate GPT-4o Copilot, developers can navigate to the Copilot menu in the VS Code title bar and select Configure Code Completions… > Change Completions Model. Free users receive 2,000 monthly completions under the GPT-4o model, with ...
5 months ago Cybersecuritynews.com
Research Jailbreaked OpenAI o1/o3, DeepSeek-R1, & Gemini 2.0 Flash Thinking Models - A recent study from a team of cybersecurity researchers has revealed severe security flaws in commercial-grade Large Reasoning Models (LRMs), including OpenAI’s o1/o3 series, DeepSeek-R1, and Google’s Gemini 2.0 Flash Thinking. The research ...
5 months ago Cybersecuritynews.com
Hacker Tricked SSL.com To Get Certificate Issued for Alibaba - A prominent certificate authority (SSL.com) has disclosed a significant security vulnerability in its domain validation system that could allow attackers to obtain fraudulent SSL certificates for domains they don’t own. SSL.com’s ...
3 months ago Cybersecuritynews.com
Linux io_uring Security Blind Spot Let Attackers Stealthly Deploy Rootkits - The research team at ARMO has demonstrated that popular security solutions, including CrowdStrike’s Falcon, Microsoft Defender, Falco, and Tetragon, are effectively “blind” to malicious activities performed via io_uring—an ...
3 months ago Cybersecuritynews.com
Unpatched Windows Shortcut Vulnerability Let Attackers Execute Remote Code - Security researcher Nafiez has publicly disclosed a previously unknown vulnerability affecting Windows LNK files (shortcuts) that can potentially allow attackers to execute code remotely without user interaction. As security researchers from Intezer ...
2 months ago Cybersecuritynews.com
82,000+ WordPress Sites Exposed to Remote Code Execution Attacks - “The downloaded file is copied to the WordPress uploads folder, which is publicly accessible by default… attackers can combine the two vulnerabilities to upload arbitrary malicious PHP code and then access the file to trigger remote code ...
2 months ago Cybersecuritynews.com
CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits - An improper output neutralization for logs vulnerability CVE-2024-5594 in Siemens SINEMA Remote Connect Server.  It allows a malicious OpenVPN peer to send garbage to the OpenVPN log or cause high CPU load. The advisory includes missing ...
4 months ago Cybersecuritynews.com CVE-2024-5594
Microsoft Fix Targets Attacks on SharePoint Zero-Day – Krebs on Security - In an advisory about the SharePoint security hole, a.k.a. CVE-2025-53770, Microsoft said it is aware of active attacks targeting on-premises SharePoint Server customers and exploiting vulnerabilities that were only partially addressed by the July 8, ...
6 days ago Krebsonsecurity.com CVE-2025-53770
CISA Releases 20 ICS Advisories Detailing Vulnerabilities & Exploits - Vulnerabilities in the SIPROTEC 5 series include Cleartext storage of sensitive information (CVE-2024-53651), which has a CVSS v3 base score of 4.6. Mitigation involves firmware updates and restricting network access. This SCADA management software ...
5 months ago Cybersecuritynews.com CVE-2024-53651 CVE-2025-25067 CVE-2025-24865 CVE-2025-22896 CVE-2025-23411 CVE-2023-37482 CVE-2024-54015 CVE-2022-38465 CVE-2025-24811 CVE-2025-20615 CVE-2025-24836 CVE-2025-23421 CVE-2024-53977 CVE-2025-23363 CVE-2025-1283 CVE-2025-23403 CVE-2025-26473 CVE-2025-25281 CVE-2025-24861
Apple backports zero-day patches to older iPhones and Macs - Apple has released security updates that backport fixes for actively exploited vulnerabilities that were exploited as zero-days to older versions of its operating systems. Specifically, the latest update for iOS 18.4 and iPadOS 18.4 fixes 77 ...
3 months ago Bleepingcomputer.com CVE-2025-30456
Weekly Cybersecurity Newsletter: Chrome 0-Day, VMware Flaws Patched, Fortiweb Hack, Teams Abuse, and More - Google has issued an emergency security update for its Chrome browser to address a critical zero-day vulnerability, CVE-2025-6558, that is being actively exploited in the wild. The Node.js project released security updates on July 15, 2025, to fix ...
6 days ago Cybersecuritynews.com CVE-2025-6558

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)