A vulnerability was found in Codecanyon iDentSoft 2.0. It has been classified as critical. This affects an unknown part of the file /clinica/profile/updateSetting of the component Account Setting Page. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-7898 is a vulnerability identified in Codecanyon's iDentSoft version 2.0, specifically within the Account Setting Page component at the endpoint /clinica/profile/updateSetting. The vulnerability arises from improper validation of the 'photo' argument, which allows an attacker to perform an unrestricted file upload. This means that an attacker can remotely upload arbitrary files, potentially including malicious scripts or executables, without proper authentication or user interaction. The vulnerability is remotely exploitable and does not require user interaction, but it does require high privileges (PR:H) according to the CVSS vector, indicating that the attacker must have some level of authenticated access. The CVSS 4.0 base score is 5.1, categorized as medium severity, reflecting limited confidentiality, integrity, and availability impacts due to the requirement of privileges and limited scope. However, unrestricted file upload vulnerabilities are often critical because they can lead to remote code execution, web shell deployment, or further compromise if exploited effectively. The vulnerability affects only version 2.0 of iDentSoft, a software product available on Codecanyon, which is typically used for identity or clinic management solutions. No patches or mitigations have been officially published yet, and no known exploits are currently observed in the wild. The vulnerability disclosure is recent (published July 2025), and the exploit details have been made public, increasing the risk of exploitation by attackers.

CVE Database V5

Detailed information about CVE-2025-7898: Unrestricted Upload in Codecanyon iDentSoft affecting Codecanyon iDentSoft. Get real-time updates, technical details, 

CVE-2025-7898: Unrestricted Upload in Codecanyon iDentSoft - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7898: Unrestricted Upload in Codecanyon iDentSoft

A vulnerability was found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this issue is the function verify_token of the file app/controllers/base.py of the component API Endpoint. The manipulation leads to missing authentication. The attack may be launched remotely.

CVE-2025-7897 is a critical vulnerability identified in the MoneyPrinterTurbo software developed by harry0703, affecting versions 1.2.0 through 1.2.6. The flaw resides in the verify_token function within the app/controllers/base.py file, specifically in the API endpoint component. This vulnerability results in missing authentication controls, allowing an attacker to bypass authentication mechanisms remotely without any privileges or user interaction. The vulnerability is exploitable over the network (AV:N), requires no authentication (PR:N), and no user interaction (UI:N), which significantly increases its risk profile. The impact on confidentiality, integrity, and availability is low to limited (VC:L, VI:L, VA:L), indicating that while the attacker can bypass authentication, the scope of damage per successful exploit may be constrained by other factors within the application. The CVSS 4.0 base score is 6.9, categorized as medium severity. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability's root cause is the inadequate verification of tokens in the API endpoint, which is a critical security control for authenticating and authorizing API requests. Exploitation could allow unauthorized access to API functions, potentially leading to unauthorized data access or manipulation depending on the API's functionality and the privileges granted post-authentication bypass. Given the nature of the product, which appears to be financial or transactional software, unauthorized access could lead to financial fraud, data leakage, or disruption of service.

Detailed information about CVE-2025-7897: Missing Authentication in harry0703 MoneyPrinterTurbo affecting harry0703 MoneyPrinterTurbo. Get real-time updates, te

CVE-2025-7897: Missing Authentication in harry0703 MoneyPrinterTurbo - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7897: Missing Authentication in harry0703 MoneyPrinterTurbo

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

Source: https://securityaffairs.com/180162/hacking/u-s-cisa-adds-fortinet-fortiweb-flaw-to-its-known-exploited-vulnerabilities-catalog.html

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability affecting Fortinet's FortiWeb product to its Known Exploited Vulnerabilities (KEV) catalog. FortiWeb is a web application firewall (WAF) designed to protect web applications from attacks such as SQL injection, cross-site scripting, and other OWASP Top 10 threats. Although specific technical details about the vulnerability are not provided in the source, the inclusion in the KEV catalog indicates that this flaw is actively exploited or poses a significant risk of exploitation. The vulnerability likely allows attackers to bypass security controls or execute unauthorized commands, potentially compromising the confidentiality, integrity, or availability of protected web applications. The absence of a CVSS score and patch details suggests that the vulnerability is newly disclosed or under active investigation. The medium severity rating implies a moderate risk level, possibly due to exploitation complexity or limited impact scope. Given FortiWeb's role as a frontline defense in web security, exploitation could lead to data breaches, service disruptions, or unauthorized access to sensitive systems.

Reddit InfoSec News

Detailed information about U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. Get real-time updates, technical details, and m

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog - Live Threat Intelligence - Threat Radar | OffSeq.com

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

Reddit Discussion: U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack

Source: https://thehackernews.com/2025/07/malware-injected-into-6-npm-packages.html

This threat involves the injection of malware into five npm packages following a successful phishing attack that compromised maintainer tokens. npm (Node Package Manager) is a widely used package manager for JavaScript, hosting millions of packages that developers rely on globally. In this incident, attackers targeted the maintainers of certain npm packages, stealing their authentication tokens through phishing. With these tokens, the attackers gained unauthorized access to the maintainers' accounts and injected malicious code directly into the legitimate packages. This supply chain attack method is particularly dangerous because it leverages trusted software components, making detection difficult and increasing the likelihood of widespread impact. When developers or organizations install or update these compromised packages, the malware executes, potentially leading to data exfiltration, system compromise, or further propagation of malicious code within affected environments. Although there are no specific affected versions listed and no known exploits in the wild yet, the high severity rating reflects the potential for significant damage due to the trust placed in npm packages and the widespread use of JavaScript in modern applications. The attack vector—phishing to steal tokens—highlights the importance of securing developer credentials and access controls. The minimal discussion level and low Reddit score suggest that this is a recent discovery with limited public discourse, but the trusted source (The Hacker News) and newsworthiness assessment confirm its relevance and urgency in the cybersecurity community.

Detailed information about Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack. Get real-time updates, technical details, and

Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack - Live Threat Intelligence - Threat Radar | OffSeq.com

Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack

Reddit Discussion: Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack

A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been rated as problematic. This issue affects some unknown processing of the file /swagger-ui/index.html of the component Swagger UI. The manipulation of the argument configUrl leads to cross site scripting. The attack may be initiated remotely.

Detailed information about CVE-2025-7901: Cross Site Scripting in yangzongzhuan RuoYi affecting yangzongzhuan RuoYi. Get real-time updates, technical details, a

CVE-2025-7901: Cross Site Scripting in yangzongzhuan RuoYi

CVE-2025-7901: Cross Site Scripting in yangzongzhuan RuoYi

Description

Technical Details

Related Threats

CVE-2025-7898: Unrestricted Upload in Codecanyon iDentSoft

CVE-2025-7897: Missing Authentication in harry0703 MoneyPrinterTurbo

CVE-2025-7896: Path Traversal in harry0703 MoneyPrinterTurbo

CVE-2025-46385: CWE-918 Server-Side Request Forgery (SSRF) in Emby Windows

CVE-2025-46384: CWE-434 Unrestricted Upload of File with Dangerous Type in Emby Windows

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility