DiracX-Web is a web application that provides an interface to interact with the DiracX services. Prior to version 0.1.0-a8, an attacker can forge a request that they can pass to redirect an authenticated user to another arbitrary website. In the login page, DiracX-Web has a `redirect` field which is the location where the server will redirect the user. This URI is not verified, and can be an arbitrary URI. Paired with a parameter pollution, an attacker can hide their malicious URI. This could be used for phishing, and extract new data (such as redirecting to a new "log in" page, and asking another time credentials). Version 0.1.0-a8 fixes this vulnerability.

CVE Database V5

Detailed information about CVE-2025-54066: CWE-601: URL Redirection to Untrusted Site ('Open Redirect') in DIRACGrid diracx-web affecting DIRACGrid diracx-web. 

CVE-2025-54066: CWE-601: URL Redirection to Untrusted Site ('Open Redirect') in DIRACGrid diracx-web - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-54066: CWE-601: URL Redirection to Untrusted Site ('Open Redirect') in DIRACGrid diracx-web

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the `idatendido_familiares` parameter of the `/html/funcionario/dependente_editarDoc.php` endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as table names and sensitive data. Version 3.4.6 fixes the issue.

CVE-2025-54061 is a critical SQL Injection vulnerability affecting the open-source web management software WeGIA, developed by LabRedesCefetRJ. WeGIA is primarily targeted at Portuguese-speaking charitable institutions, providing web-based management tools. The vulnerability exists in versions prior to 3.4.6 and is located in the 'idatendido_familiares' parameter of the '/html/funcionario/dependente_editarDoc.php' endpoint. This parameter is improperly sanitized, allowing an attacker to inject malicious SQL commands. Exploiting this flaw enables attackers to manipulate backend SQL queries, potentially extracting sensitive database information such as table names and confidential data stored within the system. The vulnerability is classified under CWE-89, indicating improper neutralization of special elements used in SQL commands. The CVSS 4.0 base score of 9.4 reflects its critical severity, with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:L), and no user interaction (UI:N). The vulnerability impacts confidentiality, integrity, and availability at a high level, with scope and security requirements also rated high. Although no known exploits are currently reported in the wild, the ease of exploitation and critical impact make it a significant threat. Version 3.4.6 of WeGIA addresses and fixes this vulnerability, and users are strongly advised to upgrade to this or later versions to mitigate risk.

Detailed information about CVE-2025-54061: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA

CVE-2025-54061: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-54061: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA

Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. The common Rucio helm-charts for the `rucio-server`, `rucio-ui`, and `rucio-webui` define the log format for the apache access log of these components. The `X-Rucio-Auth-Token`, which is part of each request header sent to Rucio, is part of this log format. Thus, each access log line potentially exposes the credentials (Internal Rucio token, or JWT in case of OIDC authentication) of the user. Due to the length of the token (Especially for a JWT) the tokens are often truncated, and thus not usable as credential; nevertheless, the (partial) credential should not be part of the logfile. The impact of this issue is amplified if the access logs are made available to a larger group of people than the instance administrators themselves. An updated release has been supplied for the `rucio-server`, `rucio-ui` and `rucio-webui` helm-chart. The change was also retrofitted for the currently supported Rucio LTS releases. The patched versions are rucio-server 37.0.2, 35.0.1, and 32.0.1; rucio-ui 37.0.4, 35.0.1, and 32.0.2; and rucio-webui 37.0.2, 35.1.1, and 32.0.1. As a workaround, one may update the `logFormat` variable and remove the `X-Rucio-Auth-Token`.

CVE-2025-54064 is a medium-severity vulnerability affecting the Rucio software framework's helm-chart configurations for the rucio-server, rucio-ui, and rucio-webui components. Rucio is widely used for managing and accessing large volumes of scientific data, often in research and academic environments. The vulnerability arises from the inclusion of the X-Rucio-Auth-Token HTTP header in the Apache access log format defined by the helm-charts. This header carries sensitive authentication credentials, either internal Rucio tokens or JWTs in the case of OIDC authentication. Logging these tokens exposes sensitive credential information in plaintext within access logs. Although JWT tokens are often truncated due to their length, partial tokens still represent sensitive information that should not be logged. The risk is heightened if access logs are accessible to personnel beyond trusted administrators, potentially leading to unauthorized access or token misuse. The vulnerability affects multiple versions of the rucio-server, rucio-ui, and rucio-webui prior to patched releases (rucio-server 32.0.1, 35.0.1, 37.0.2; rucio-ui 32.0.2, 35.1.1, 37.0.4; rucio-webui 32.0.1, 35.1.1, 37.0.2). The issue is classified under CWE-532 (Insertion of Sensitive Information into Log File). The CVSS 4.0 base score is 6.9, reflecting a medium severity with network attack vector, no privileges or user interaction required, and limited confidentiality impact. No known exploits are reported in the wild as of publication. Mitigation involves updating to patched helm-chart versions or manually removing the X-Rucio-Auth-Token from the log format configuration to prevent sensitive token logging.

Detailed information about CVE-2025-54064: CWE-532: Insertion of Sensitive Information into Log File in rucio helm-charts affecting rucio helm-charts. Get real-

CVE-2025-54064: CWE-532: Insertion of Sensitive Information into Log File in rucio helm-charts - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-54064: CWE-532: Insertion of Sensitive Information into Log File in rucio helm-charts

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the `/html/funcionario/profile_dependente.php` endpoint, specifically in the `id_dependente` parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. Version 3.4.6 fixes the issue.

CVE-2025-54062 is a critical SQL Injection vulnerability affecting the WeGIA web management platform developed by LabRedesCefetRJ. WeGIA is an open-source web manager primarily targeting Portuguese-speaking charitable institutions. The vulnerability exists in versions prior to 3.4.6, specifically in the /html/funcionario/profile_dependente.php endpoint within the id_dependente parameter. Improper neutralization of special elements in this parameter allows an attacker to inject arbitrary SQL commands. This can lead to unauthorized data access, data modification, or deletion, thereby compromising the confidentiality, integrity, and availability of the backend database. The vulnerability requires no user interaction and can be exploited remotely over the network with low attack complexity and no privileges required, as indicated by the CVSS 4.0 vector AV:N/AC:L/PR:L/UI:N. The vulnerability affects a critical component of the application that manages dependent profiles, which likely contains sensitive personal and organizational data. Although no known exploits are currently reported in the wild, the high CVSS score of 9.4 reflects the severe potential impact. The issue is resolved in version 3.4.6 of WeGIA, which properly sanitizes the id_dependente parameter to prevent SQL Injection attacks.

Detailed information about CVE-2025-54062: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA

CVE-2025-54062: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-54062: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA

A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a specially crafted message to the UDP port 9256, an attacker can overwrite the structured exception handler (SEH) due to insufficient bounds checking on user-supplied input leading to remote code execution.

Detailed information about CVE-2025-34127: CWE-121 Stack-based Buffer Overflow in Achat Software Achat Chat Server affecting Achat Software Achat Chat Server. G

CVE-2025-34127: CWE-121 Stack-based Buffer Overflow in Achat Software Achat Chat Server

CVE-2025-34127: CWE-121 Stack-based Buffer Overflow in Achat Software Achat Chat Server

Description

Technical Details

Related Threats

CVE-2025-54066: CWE-601: URL Redirection to Untrusted Site ('Open Redirect') in DIRACGrid diracx-web

CVE-2025-54061: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA

CVE-2025-54064: CWE-532: Insertion of Sensitive Information into Log File in rucio helm-charts

CVE-2025-54062: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA

CVE-2025-54060: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility