Daily CVE Threat Report
1. undefined
CVSS: 0 | Published: undefined
Threat Score: 0 | Priority: Ø=ßâ Low
Summary: **CVE-2025-7012: Cato Client for Linux - Local Privilege Escalation via Symlink**
**What it is:** A security flaw in the Cato Client for Linux (versions before 5.5) allows a local attacker
(someone already having some access to the system) to gain root privileges (full control of the system).
**How it works:** The vulnerability stems from how the Cato Client handles symbolic links. An attacker
can manipulate these links to trick the application into performing actions with root privileges on files or
directories it shouldn't be able to access.
**Impact:** If exploited, this vulnerability allows an attacker to completely compromise the Linux system
where the Cato Client is installed, potentially leading to data theft, system manipulation, or denial of
service.
**Who's affected:** Users of Cato Client for Linux versions 5.0 to before 5.5.
**What to do:**
* **Update:** Upgrade the Cato Client for Linux to version 5.5 or later.
2. CVE-2025-7523
CVSS: 0 | Published: undefined
Threat Score: 0 | Priority: Ø=ßâ Low
Summary: **Summary for Security Analysts and Developers:**
Jinher OA 1.0 has a vulnerability (CVE-2025-7523) that allows an attacker to potentially read sensitive
files or trigger denial of service through an XXE (XML External Entity) injection. The affected file is `/c6/
Jhsoft.Web.message/ToolBar/DelTemp.aspx`. This vulnerability is remotely exploitable without
authentication, and a proof-of-concept exploit is publicly available. **Action:** If you are using Jinher OA
1.0, investigate and patch this vulnerability immediately. Focus on sanitizing XML input to prevent
external entity injection. Consider using a web application firewall (WAF) as an interim measure.
3. CVE-2025-7522
CVSS: 0 | Published: undefined
Threat Score: 0 | Priority: Ø=ßâ Low
Summary: **CVE-2025-7522: SQL Injection Vulnerability in PHPGurukul Vehicle Parking Management
System 1.13**
In simple terms:
* **What:** There's a critical security flaw in PHPGurukul Vehicle Parking Management System version
1.13. It's a SQL Injection vulnerability.
* **Where:** The vulnerability is located in the `bwdates-reports-details.php` file, specifically when it
processes the `fromdate` and `todate` arguments.
* **How:** An attacker can remotely inject malicious SQL code by manipulating the `fromdate` and
`todate` parameters.
* **Impact:** A successful attack could allow an attacker to read, modify, or delete data in the database,
potentially compromising the entire system.
�* **Status:** The vulnerability has been publicly disclosed, and exploit code is available.
**For Developers:**
* Sanitize user inputs (`fromdate` and `todate` in `bwdates-reports-details.php`) to prevent SQL
injection. Use parameterized queries or prepared statements instead of directly concatenating user input
into SQL queries.
* Upgrade to a patched version of the software, if available.
* Implement input validation and escaping to mitigate the risk.
**For Security Analysts:**
* Identify any instances of PHPGurukul Vehicle Parking Management System 1.13 in your environment.
* Prioritize patching or mitigation efforts for systems running this version.
* Monitor network traffic and system logs for signs of exploitation attempts targeting this vulnerability.
Pay attention to requests targeting the `bwdates-reports-details.php` file with suspicious parameters.
4. CVE-2025-6094
CVSS: 0 | Published: undefined
Threat Score: 0 | Priority: Ø=ßâ Low
Summary: **CVE-2025-6094: FoxCMS SQL Injection Vulnerability**
* **What:** FoxCMS version 1.2.5 and earlier has a security flaw (SQL Injection) in the `Download.php`
file, specifically in the `batchCope` function.
* **How it works:** An attacker can remotely manipulate the `ids` argument, injecting malicious SQL
code that the application will execute against the database.
* **Impact:** This could allow an attacker with low privileges to potentially read, modify, or delete data in
the database.
* **Status:** A public exploit exists, meaning attackers can readily use this vulnerability.
* **Action:** If you're using FoxCMS, especially versions up to 1.2.5, update to a patched version or
apply a workaround to prevent SQL injection in the `batchCope` function of `Download.php`. Sanitize
user input to prevent manipulation of the `ids` parameter.
5. undefined
CVSS: 0 | Published: undefined
Threat Score: 0 | Priority: Ø=ßâ Low
Summary: **CVE-2025-7523: Jinher OA 1.0 is vulnerable to XML External Entity (XXE) Injection.**
In simple terms: Jinher OA 1.0 has a security flaw in the `DelTemp.aspx` file that allows attackers to
potentially read sensitive server files or interact with internal or external systems. This happens because
the application doesn't properly handle XML data, allowing an attacker to inject malicious XML code to
access information they shouldn't be able to.
**Impact:**
* **For Security Analysts:** This is a remotely exploitable vulnerability (attackers don't need local
access). An exploit is publicly available (proof of concept). You should investigate and patch this in your
Jinher OA 1.0 installations ASAP. Consider blocking access to `/c6/Jhsoft.Web.message/ToolBar/
DelTemp.aspx` as a temporary mitigation.
* **For Developers:** The vulnerability lies in how the `DelTemp.aspx` file handles XML data. You need
to sanitize XML input to prevent XXE attacks. Specifically, disable external entities loading or properly
validate the XML structure. Review the provided links for exploit details and fix your XML parsing logic.
6. undefined
�CVSS: 0 | Published: undefined
Threat Score: 0 | Priority: Ø=ßâ Low
Summary: **CVE-2025-6094: FoxCMS SQL Injection Vulnerability**
**What it is:** A critical security flaw in qianfox FoxCMS versions 1.2.0 through 1.2.5 that allows attackers
to inject malicious SQL code into the database. This is possible due to improper handling of the `ids`
argument in the `batchCope` function of the `Download.php` file.
**Impact:** Attackers who are logged in as admins can potentially:
* Read sensitive data from the database.
* Modify or delete data.
* Possibly gain complete control of the system, depending on database permissions.
**Affected Software:** qianfox FoxCMS versions 1.2.0 to 1.2.5.
**How to Fix:** Upgrade to a patched version of FoxCMS (if available). Otherwise, sanitize the `ids` input
in the `batchCope` function of `Download.php` to prevent SQL injection. Input validation is vital for all web
applications to prevent exploitation of these vulnerabilities.
**Technical Details:** The vulnerability is a SQL injection (CWE-89) in the `batchCope` function located
in the `app/admin/controller/Download.php` file. Attackers can remotely exploit this by manipulating the
`ids` parameter. An exploit is publicly available.
7. undefined
CVSS: 0 | Published: undefined
Threat Score: 0 | Priority: Ø=ßâ Low
Summary: CVE-2025-7522 is a **SQL Injection** vulnerability in the **PHPGurukul Vehicle Parking
Management System version 1.13**. Specifically, the vulnerability exists in the `/admin/bwdates-reports-
details.php` file. An attacker can remotely inject malicious SQL code by manipulating the `fromdate` or
`todate` parameters. Successful exploitation allows the attacker to potentially read, modify, or delete data
in the database. An exploit for this vulnerability is publicly available. This is rated as a Medium severity
vulnerability, but is considered Critical by VulDB. Logged in Users are required to exploit this.
8. GHSA-rx3w-2qmr-89cv
CVSS: 0 | Published: undefined
Threat Score: 0 | Priority: Ø=ßâ Low
Summary: **Summary:**
The "Online Appointment Booking System 1.0" software has a critical security flaw: a type of attack called
"SQL injection." Specifically, by manipulating the `cidval` parameter when accessing the `/getDay.php`
file, attackers can inject malicious SQL code into the database. This lets them potentially read, modify, or
even delete data. This attack can be done remotely without needing to log in. Exploit code is already
publicly available.
**For Security Analysts:**
* **Impact:** Remote, unauthenticated SQL injection vulnerability. Potential for data breach,
modification, or deletion.
* **Affected System:** code-projects Online Appointment Booking System 1.0.
* **Location:** `/getDay.php` handling of `cidval` parameter.
* **Remediation:** Patch the application immediately to sanitize user inputs and prevent SQL injection.
Consider a web application firewall (WAF) as a temporary mitigation.
* **Exploit Available:** There is public exploit code, so attacks are likely.
�**For Developers:**
* **Vulnerability:** SQL injection in `/getDay.php` due to improper sanitization of the `cidval` parameter.
* **Root Cause:** Untrusted user input is directly incorporated into an SQL query.
* **Fix:** Implement robust input validation and sanitization on the `cidval` parameter in `/getDay.php`.
Use parameterized queries or prepared statements to prevent SQL injection. Avoid concatenating user-
supplied data directly into SQL queries.
* **Testing:** Thoroughly test the fix with various SQL injection payloads to ensure complete mitigation.
9. GHSA-mr57-cxp2-x968
CVSS: 0 | Published: undefined
Threat Score: 0 | Priority: Ø=ßâ Low
Summary: **Simple Summary:**
The PHPGurukul Vehicle Parking Management System version 1.13 has a security flaw that allows
attackers to inject malicious SQL code. This flaw is located in the `/admin/index.php` file, specifically
when handling the "Username" input. An attacker can exploit this remotely (without needing to be on the
same network) to potentially read, modify, or delete data in the database. A proof-of-concept exploit is
publicly available, meaning attackers can easily exploit this.
**For Security Analysts:**
* **Vulnerability:** SQL Injection
* **Affected System:** PHPGurukul Vehicle Parking Management System 1.13
* **Location:** `/admin/index.php` (Username parameter)
* **Impact:** Remote attackers can execute arbitrary SQL queries. This could lead to data breaches,
modification of data, or denial of service.
* **Severity:** Critical (based on description, though CVSS scores are moderate). Pay attention to the
easily available exploit.
* **Action:** Immediately investigate and patch the vulnerability. Consider implementing input validation
and parameterized queries to prevent SQL injection attacks. Monitor systems for suspicious database
activity.
**For Developers:**
* **Problem:** The application isn't properly sanitizing user input when handling the "Username" in `/
admin/index.php`. This allows attackers to inject SQL code directly into the database query.
* **Solution:**
* **Input Validation:** Strictly validate all user inputs to ensure they conform to expected formats.
* **Parameterized Queries (Prepared Statements):** Use parameterized queries or prepared
statements to separate SQL code from user-provided data. This prevents the database from interpreting
user input as part of the SQL query.
* **Least Privilege Principle:** Ensure the database user account used by the application has only
the necessary privileges. Avoid using the "root" or "admin" account for the application's database
connection.
* **Escaping (Less Preferred):** As a last resort, carefully escape all user input before using it in SQL
queries. However, parameterized queries are the recommended approach.
* **Urgency:** This is a critical vulnerability with a publicly available exploit. Address it immediately to
prevent potential security breaches.
10. GHSA-7c9q-cg82-f2w3
CVSS: 0 | Published: undefined
Threat Score: 0 | Priority: Ø=ßâ Low
Summary: **Summary for Security Analysts and Developers:**
�The PHPGurukul Vehicle Parking Management System version 1.13 has a SQL injection vulnerability. An
attacker who is logged in as an administrator can inject malicious SQL code by manipulating the `del`
argument in the `/admin/manage-category.php` file. This allows the attacker to potentially read, modify, or
delete data in the database. The exploit is publicly known and easy to execute remotely. You should
patch or mitigate this vulnerability immediately.
