SOLDIERX.COM Nobody Can Stop Information Insemination

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 27

SEC Consult Vulnerability Lab Security Advisory < 20250521-0 >
=======================================================================
title: Multiple Vulnerabilities
product: eCharge Hardy Barth cPH2 and cPP2 charging stations
vulnerable version: 2.2.0
fixed version: Not available
CVE number: CVE-2025-27803, CVE-2025-27804, CVE-2025-48413,
CVE-2025-48414, CVE-2025-48415,...

Posted by Ron E on May 27


An authenticated SQL injection vulnerability exists in the frappe.desk.reportview.get_list API of the Frappe Framework,
affecting versions v15.56.1. The vulnerability stems from improper sanitization of the fields[] parameter, which allows
low-privileged users to inject arbitrary SQL expressions directly into the SELECT clause.

Sample Structured Query Language Injection:

Request:

GET...

Posted by Shaikh Shahnawaz on May 16

[+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC
[+] twitter.com/_striv3r_

[Vendor of Product]
RSI Queue (https://www.rsiqueue.com/)

[Vulnerability Type]
Blind SQL Injection

[Affected Component]
The vulnerable component is the TaskID parameter in the get request.

[CVE Reference]
CVE-2025-26086

[Security Issue]
An unauthenticated blind SQL injection vulnerability exists in RSI Queue
Management System v3.0 within the...

Posted by Sebastian Auwärter via Fulldisclosure on May 16

Advisory ID: SYSS-2025-006
Product: Tiiwee X1 Alarm System
Manufacturer: Tiiwee B.V.
Affected Version(s): TWX1HAKV2
Tested Version(s): TWX1HAKV2
Vulnerability Type: Authentication Bypass by Capture-replay
(CWE-294)
Risk Level: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Solution Status: Open
Manufacturer Notification: 2025-01-27...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16

SEC Consult Vulnerability Lab Security Advisory < 20250507-0 >
=======================================================================
title: Authenticated Command Injection
product: Honeywell MB-Secure
vulnerable version: MB-Secure versions from V11.04 and prior to V12.53,
MB-Secure PRO versions from V01.06 and prior to V03.09
fixed version: MB-Secure v12.53, MB-Secure PRO v03.09
CVE number:...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16

SEC Consult Vulnerability Lab Security Advisory < publishing date 20250429-0 >
Combined Security Advisory for Sure Access Enterprise and Sure Click Enterprise
=======================================================================
title: Multiple Vulnerabilities
product: HP Wolf Security Controller / HP Sure Access Enterprise /
HP Sure Click Enterprise
vulnerable version: HP Wolf Security...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16

SEC Consult Vulnerability Lab Security Advisory < 20250422-0 >
=======================================================================
title: Local Privilege Escalation via DLL Search Order Hijacking
product: Ivanti Endpoint Manager Security Scan (Vulscan) Self
Update
vulnerable version: EPM 2022 SU6 and previous, EPM 2024
fixed version: EPM 2022 SU7 and EPM 2024 SU1
CVE number: CVE-2025-22458...

Posted by Ron E on May 16

A session management vulnerability exists in gugoan's Economizzer
v.0.9-beta1. The application fails to properly invalidate user sessions
upon logout or other session termination events. As a result, a valid
session remains active and usable even after the user has attempted to log
out.

POST /web/category/create HTTP/2

Host: <host>

Cookie: _economizzerSessionId=<<REDACTED>>;

Posted by Ron E on May 16

A persistent cross-site scripting (XSS) vulnerability exists in gugoan's
Economizzer v.0.9-beta1. The application fails to properly sanitize
user-supplied input when creating a new category via the
*category/create *endpoint.
An attacker can inject malicious JavaScript payloads that are permanently
stored and later executed in the context of any user who views the affected
entry.

https://<host>/web/category/create

POST...

Posted by Ron E on May 16

A persistent cross-site scripting (XSS) vulnerability exists in gugoan's
Economizzer v.0.9-beta1 The application fails to properly sanitize
user-supplied input when creating a new cash book entry via the
*cashbook/create* endpoint. An attacker can inject malicious JavaScript
payloads that are permanently stored and later executed in the context of
any user who views the affected entry.

https://<host>/web/cashbook/create

POST...

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-9 Safari 18.5

Safari 18.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122719.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

WebKit
Available for: macOS Ventura and macOS Sonoma
Impact: A type confusion issue could lead to memory corruption
Description: This...

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-8 visionOS 2.5

visionOS 2.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122721.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AppleJPEG
Available for: Apple Vision Pro
Impact: Processing a maliciously crafted media file may lead to
unexpected app termination...

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-7 tvOS 18.5

tvOS 18.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122720.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AppleJPEG
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: Processing a maliciously crafted media file may lead to
unexpected...

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-6 watchOS 11.5

watchOS 11.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122722.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AppleJPEG
Available for: Apple Watch Series 6 and later
Impact: Processing a maliciously crafted media file may lead to
unexpected app...

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-5 macOS Ventura 13.7.6

macOS Ventura 13.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122718.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

afpfs
Available for: macOS Ventura
Impact: Mounting a maliciously crafted AFP network share may lead to
system...

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-4 macOS Sonoma 14.7.6

macOS Sonoma 14.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122717.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

afpfs
Available for: macOS Sonoma
Impact: Connecting to a malicious AFP server may corrupt kernel memory
Description:...

Posted by Apple Product Security via Fulldisclosure on May 16

APPLE-SA-05-12-2025-3 macOS Sequoia 15.5

macOS Sequoia 15.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122716.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

afpfs
Available for: macOS Sequoia
Impact: Connecting to a malicious AFP server may corrupt kernel memory
Description: The...

Posted by Paul Szabo via Fulldisclosure on May 06

=== Details ========================================================

Vendor: BeyondTrust
Product: Privileged Remote Access (PRA)
Subject: PRA connection takeover
CVE ID: CVE-2025-0217
CVSS: 7.8 (high) CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Author: Paul Szabo <psz () maths usyd edu au>
Date: 2025-05-05

=== Introduction ===================================================

I noticed an issue in
BeyondTrust Privileged...

Posted by hyp3rlinx on May 01

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: https://hyp3rlinx.altervista.org/advisories/Microsoft_Windows_xrm-ms_File_NTLM-Hash_Disclosure.txt
[+] x.com/hyp3rlinx
[+] ISR: ApparitionSec

[Vendor]
www.microsoft.com

[Product]
.xrm-ms File Type

[Vulnerability Type]
NTLM Hash Disclosure (Spoofing)

[Video URL PoC]
https://www.youtube.com/watch?v=d5U_krLQbNY

[CVE Reference]
N/A

[Security Issue]
The...

Posted by Artur Janicki via Fulldisclosure on Apr 26

[APOLOGIES FOR CROSS-POSTING]

CALL FOR PAPERS
14th International Workshop on Cyber Crime (IWCC 2025 -
https://2025.ares-conference.eu/program/iwcc/)
to be held in conjunction with the 20th International Conference on
Availability, Reliability and Security (ARES 2025 -
http://2025.ares-conference.eu)

August 11-14, 2025, Ghent, Belgium

IMPORTANT DATES
Submission Deadline May 12, 2025
Author Notification May 30, 2025
Proceedings Version...