CVE-2025-47577: Unrestricted Upload of File with Dangerous Type in TI WooCommerce Wishlist Plugin, 10.0 rating 🔥🔥🔥
Failure to check the types of uploaded files allows attackers to upload a web shell to the server and perform RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/jYyss
👉 Dork: http.body:"plugins/ti-woocommerce-wishlist"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ti-woocommerce-wishlist/ti-woocommerce-wishlist-292-unauthenticated-arbitrary-file-upload
Failure to check the types of uploaded files allows attackers to upload a web shell to the server and perform RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/jYyss
👉 Dork: http.body:"plugins/ti-woocommerce-wishlist"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ti-woocommerce-wishlist/ti-woocommerce-wishlist-292-unauthenticated-arbitrary-file-upload
👍3🔥3❤2👾1
Track Adversary Infrastructure Challenge Recap 🏆
Last week, a major event concluded: the Track Adversary Infrastructure Challenge, which we held together with our colleagues from RST Cloud. Participants gained practical experience, and we were able to draw many conclusions regarding Netlas’s functionality and the improvements needed.
Thank you all for participating, and special congratulations to the winners:
🥇 1st Place (tie): Daisuke Arai
🥇 1st Place (tie): Marc Nebout
🥈 2nd Place: Kishan Lal
🥉 3rd Place: Koushik Pal
👉 You can read a more detailed report on our blog: https://netlas.io/blog/track_advisory_infrastructure_challenge/
Last week, a major event concluded: the Track Adversary Infrastructure Challenge, which we held together with our colleagues from RST Cloud. Participants gained practical experience, and we were able to draw many conclusions regarding Netlas’s functionality and the improvements needed.
Thank you all for participating, and special congratulations to the winners:
🥇 1st Place (tie): Daisuke Arai
🥇 1st Place (tie): Marc Nebout
🥈 2nd Place: Kishan Lal
🥉 3rd Place: Koushik Pal
👉 You can read a more detailed report on our blog: https://netlas.io/blog/track_advisory_infrastructure_challenge/
🔥5🎉2👏1
CVE-2025-49113: RCE in Roundcube Webmail, 9.9 rating 🔥
A vulnerability in Roundcube allows attackers to perform RCE due to the lack of validation of the _from parameter, which leads to PHP objects deserialization.
Search at Netlas.io:
👉 Link: https://nt.ls/9M4Rh
👉 Dork: http.headers.set_cookie:"roundcube_sessid"
Read more: https://fearsoff.org/research/roundcube
A vulnerability in Roundcube allows attackers to perform RCE due to the lack of validation of the _from parameter, which leads to PHP objects deserialization.
Search at Netlas.io:
👉 Link: https://nt.ls/9M4Rh
👉 Dork: http.headers.set_cookie:"roundcube_sessid"
Read more: https://fearsoff.org/research/roundcube
👾3🔥2
🚧 Planned Maintenance 🚧
The application may be unavailable for a period of time❗️
On the weekend of June 7–8, 2025, we will carry out work aimed at improving server stability and quality of service. In case of problems, the application may be unavailable for up to two days. Our team will do everything possible to prevent this.
Please remember to save your work before this time.
The application may be unavailable for a period of time❗️
On the weekend of June 7–8, 2025, we will carry out work aimed at improving server stability and quality of service. In case of problems, the application may be unavailable for up to two days. Our team will do everything possible to prevent this.
Please remember to save your work before this time.
👍2👨💻2👌1
Netlas vs. Urlscan: In-Depth Comparison 🧮
In our new blog post, we stack Netlas against Urlscan to finally answer the question: are these tools similar?
Inside, you’ll discover:
- An in-depth look at each platform’s standout capabilities 🔍
- Similarities and differences between applications ⚖️
- Practical recommendations on when to choose one over the other 🤔
👉 Check it out here: https://netlas.io/blog/netlas_vs_urlscan/
In our new blog post, we stack Netlas against Urlscan to finally answer the question: are these tools similar?
Inside, you’ll discover:
- An in-depth look at each platform’s standout capabilities 🔍
- Similarities and differences between applications ⚖️
- Practical recommendations on when to choose one over the other 🤔
👉 Check it out here: https://netlas.io/blog/netlas_vs_urlscan/
netlas.io
Netlas vs Urlscan: Tools Comparison - Netlas Blog
At first glance, Netlas and Urlscan seem similar, but their core functions and use cases differ greatly. Discover which tool fits your needs.
🔥3👾3
CVE-2025-32756: Buffer Overflow in Fortinet products, 9.8 rating 🔥
Some Fortinet products, including FortiMail, FortiRecorder, and FortiVoice, are vulnerable to a buffer overflow that could allow a remote, unauthenticated attacker to execute arbitrary code or commands.
The vulnerability is not new, but a PoC was recently released!
Search at Netlas.io:
👉 Link: https://nt.ls/nmu5K
👉 Dork: certificate.subject.common_name:"FortiMail" OR certificate.subject.common_name:"FortiRecorder" OR certificate.subject.common_name:"FortiVoice"
Vendor's advisory: https://fortiguard.fortinet.com/psirt/FG-IR-25-254
Some Fortinet products, including FortiMail, FortiRecorder, and FortiVoice, are vulnerable to a buffer overflow that could allow a remote, unauthenticated attacker to execute arbitrary code or commands.
The vulnerability is not new, but a PoC was recently released!
Search at Netlas.io:
👉 Link: https://nt.ls/nmu5K
👉 Dork: certificate.subject.common_name:"FortiMail" OR certificate.subject.common_name:"FortiRecorder" OR certificate.subject.common_name:"FortiVoice"
Vendor's advisory: https://fortiguard.fortinet.com/psirt/FG-IR-25-254
🔥5☃2👾2
CVE-2025-42989: Missing Authorization in SAP NetWeaver, 9.6 rating 🔥
One of the vulnerabilities disclosed in a recent patch allows an authenticated user to escalate their privileges, which could critically impact the integrity and availability of the system.
Search at Netlas.io:
👉 Link: https://nt.ls/lB0fI
👉 Dork: http.body:"This error page was generated by SAP Web Dispatcher!"
Vendor's advisory: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/june-2025.html
One of the vulnerabilities disclosed in a recent patch allows an authenticated user to escalate their privileges, which could critically impact the integrity and availability of the system.
Search at Netlas.io:
👉 Link: https://nt.ls/lB0fI
👉 Dork: http.body:"This error page was generated by SAP Web Dispatcher!"
Vendor's advisory: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/june-2025.html
🔥3👾2
CVE-2025-47110: Cross-site Scripting in Magento (and Adobe Commerce), 9.1 rating 🔥
An XSS vulnerability in Magento and Adobe Commerce allows an attacker to inject code into vulnerable forms and execute it in the victim's browser.
Search at Netlas.io:
👉 Link: https://nt.ls/v6wk6
👉 Dork: tag.name:"magento" AND http.headers.server:"Apache"
Vendor's advisory: https://helpx.adobe.com/security/products/magento/apsb25-50.html
An XSS vulnerability in Magento and Adobe Commerce allows an attacker to inject code into vulnerable forms and execute it in the victim's browser.
Search at Netlas.io:
👉 Link: https://nt.ls/v6wk6
👉 Dork: tag.name:"magento" AND http.headers.server:"Apache"
Vendor's advisory: https://helpx.adobe.com/security/products/magento/apsb25-50.html
🔥3👾3
CVE-2025-4798, -4799: Absolute Path Traversal in DownloadManager WordPress Plugin, 4.9 - 7.2 rating❗️
Vulnerabilities shared with us by the pen tester who found them. Allow attackers to manipulate files on the server, which can lead to RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/DH8EA
👉 Dork: http.body:"plugins/wp-downloadmanager"
More information here: https://youtu.be/QTe3rf0-e7U?si=THZKoKeI1vN-arR7
Vulnerabilities shared with us by the pen tester who found them. Allow attackers to manipulate files on the server, which can lead to RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/DH8EA
👉 Dork: http.body:"plugins/wp-downloadmanager"
More information here: https://youtu.be/QTe3rf0-e7U?si=THZKoKeI1vN-arR7
👾5🔥3
CVE-2025-48976, -48988, -49125: Multiple vulnerabilitites in Apache Tomcat, 7.5 rating❗️
Recent vulnerabilities in Apache Tomcat allow an attacker to perform DoS and gain access to resources through insecure path.
Search at Netlas.io:
👉 Link: https://nt.ls/oAb4X
👉 Dork: http.favicon.hash_sha256:64a3170a912786e9eece7e347b58f36471cb9d0bc790697b216c61050e6b1f08 OR http.headers.server:"Apache-Coyote"
Vendor's advisory: https://lists.apache.org/thread/m66cytbfrty9k7dc4cg6tl1czhsnbywk
Recent vulnerabilities in Apache Tomcat allow an attacker to perform DoS and gain access to resources through insecure path.
Search at Netlas.io:
👉 Link: https://nt.ls/oAb4X
👉 Dork: http.favicon.hash_sha256:64a3170a912786e9eece7e347b58f36471cb9d0bc790697b216c61050e6b1f08 OR http.headers.server:"Apache-Coyote"
Vendor's advisory: https://lists.apache.org/thread/m66cytbfrty9k7dc4cg6tl1czhsnbywk
🔥3👾3👍2
CVE-2025-4278, -5121, 2254 and other: Multiple vulnerabilities in GitLab, 3.7 - 8.7 rating❗️
In recent patch notes, GitLab reported ten vulnerabilities, including HTML injection, XSS, DoS, and more.
Search at Netlas.io:
👉 Link: https://nt.ls/dq6qU
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/06/11/patch-release-gitlab-18-0-2-released/#cve-2025-5121---missing-authorization-issue-impacts-gitlab-ultimate-ee
In recent patch notes, GitLab reported ten vulnerabilities, including HTML injection, XSS, DoS, and more.
Search at Netlas.io:
👉 Link: https://nt.ls/dq6qU
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/06/11/patch-release-gitlab-18-0-2-released/#cve-2025-5121---missing-authorization-issue-impacts-gitlab-ultimate-ee
👾3🔥2
AI‑Powered Attack Surface Mapping 🤖
Artificial intelligence is a topic that has not lost its popularity in recent years. Language models have proven themselves in many areas, including information security.
In our latest article, discover how to leverage AI for comprehensive attack surface discovery, plus get an unbiased comparison of leading models so you can pick the right one for your needs.
👉 Read now: https://netlas.io/blog/ai-driven_attack_surface_discovery/
Artificial intelligence is a topic that has not lost its popularity in recent years. Language models have proven themselves in many areas, including information security.
In our latest article, discover how to leverage AI for comprehensive attack surface discovery, plus get an unbiased comparison of leading models so you can pick the right one for your needs.
👉 Read now: https://netlas.io/blog/ai-driven_attack_surface_discovery/
netlas.io
AI-Driven Attack Surface Discovery - Netlas Blog
Can large language models assist in attack surface mapping? We put them to the test using the Netlas Discovery API in a hands-on classification experiment.
🔥5👍2👾1
CVE-2025-4981: RCE in Mattermost, 9.9 rating 🔥
A recently patched vulnerability in some versions of Mattermost allowed attackers to write files to arbitrary locations on the host system, which could lead to remote code execution.
Search at Netlas.io:
👉 Link: https://nt.ls/zchKc
👉 Dork: http.meta:"mattermost"
Vendor's advisory: https://mattermost.com/security-updates/
A recently patched vulnerability in some versions of Mattermost allowed attackers to write files to arbitrary locations on the host system, which could lead to remote code execution.
Search at Netlas.io:
👉 Link: https://nt.ls/zchKc
👉 Dork: http.meta:"mattermost"
Vendor's advisory: https://mattermost.com/security-updates/
🔥4👾3
CVE-2025-48703: RCE in Centos7 Web Panel, high rating❗️
The vulnerability allows an attacker to bypass the authentication process and perform code injection.
Search at Netlas.io:
👉 Link: https://nt.ls/2pJo7
👉 Dork: http.headers.server:"cwpsrv"
Read more: https://fenrisk.com/rce-centos-webpanel
The vulnerability allows an attacker to bypass the authentication process and perform code injection.
Search at Netlas.io:
👉 Link: https://nt.ls/2pJo7
👉 Dork: http.headers.server:"cwpsrv"
Read more: https://fenrisk.com/rce-centos-webpanel
🔥4👍3❤2👾2
CVE-2025-6543, -5777: Vulnerabilities in NetScaler ADC/Gateway, 9.2 - 9.3 rating 🔥
Fresh vulnerabilities related to file manipulation outside the memory buffer. The first of them allows an attacker to perform DoS, the second - to obtain private data.
Search at Netlas.io:
👉 Link: https://nt.ls/XriYU
👉 Dork: http.noscript:"Netscaler Gateway" OR http.noscript:"Citrix Gateway" OR http.headers.x_powered_by:"Citrix ADC (formerly NetScaler)"
Vendor's advisory: https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788
Fresh vulnerabilities related to file manipulation outside the memory buffer. The first of them allows an attacker to perform DoS, the second - to obtain private data.
Search at Netlas.io:
👉 Link: https://nt.ls/XriYU
👉 Dork: http.noscript:"Netscaler Gateway" OR http.noscript:"Citrix Gateway" OR http.headers.x_powered_by:"Citrix ADC (formerly NetScaler)"
Vendor's advisory: https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788
🔥3👾3👍1
CVE-2025-6709: Improper Input Validation in MongoDB Server, 7.5 rating❗️
Due to insufficient handling of values in JSON input data, MongoDB servers are vulnerable to unauthenticated DoS.
Search at Netlas.io:
👉 Link: https://nt.ls/pVXpg
👉 Dork: mongodb:*
Vendor's advisory: https://jira.mongodb.org/browse/SERVER-106748
Due to insufficient handling of values in JSON input data, MongoDB servers are vulnerable to unauthenticated DoS.
Search at Netlas.io:
👉 Link: https://nt.ls/pVXpg
👉 Dork: mongodb:*
Vendor's advisory: https://jira.mongodb.org/browse/SERVER-106748
🔥4👾2
Dear Netlas Community Members,
We are seeking passionate authors to contribute to our cybersecurity blog. If you’re interested in sharing your expertise and insights, we welcome you to join us 🤝
✍️ What’s in it for you?
• Competitive compensation in USDT — from $200 up to $1000 per article.
• A dedicated author profile to boost your visibility.
• Editorial support from our professional team.
👉 Ready to share your knowledge?
Fill out the form and join the Netlas author team today: https://netlas.io/promo/write_for_netlas/
We are seeking passionate authors to contribute to our cybersecurity blog. If you’re interested in sharing your expertise and insights, we welcome you to join us 🤝
✍️ What’s in it for you?
• Competitive compensation in USDT — from $200 up to $1000 per article.
• A dedicated author profile to boost your visibility.
• Editorial support from our professional team.
👉 Ready to share your knowledge?
Fill out the form and join the Netlas author team today: https://netlas.io/promo/write_for_netlas/
netlas.io
Join as an author - Netlas
Are you a cybersecurity pro? Write about the internet and cybersecurity with the Netlas team.
🔥7
CVE-2025-47812: RCE in Wing FTP Server, 10.0 rating 🔥🔥🔥
NULL byte injection vulnerability allows attacker to take full control of Wing server. PoC is now available!
Search at Netlas.io:
👉 Link: https://nt.ls/dzdTV
👉 Dork: \*.banner:"Wing FTP"
Read more: https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2025-47812.txt
NULL byte injection vulnerability allows attacker to take full control of Wing server. PoC is now available!
Search at Netlas.io:
👉 Link: https://nt.ls/dzdTV
👉 Dork: \*.banner:"Wing FTP"
Read more: https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2025-47812.txt
❤4🔥3👾1
CVE-2025-49826: DoS in Next.js, 7.5 rating❗️
A vulnerability in some versions of the Next.js framework allows attackers to perform cache poisoning, leading to a denial of service.
Search at Netlas.io:
👉 Link: https://nt.ls/raJ1k
👉 Dork: http.headers.x_powered_by:"Next.js"
Read more: https://github.com/vercel/next.js/security/advisories/GHSA-67rr-84xm-4c7r
A vulnerability in some versions of the Next.js framework allows attackers to perform cache poisoning, leading to a denial of service.
Search at Netlas.io:
👉 Link: https://nt.ls/raJ1k
👉 Dork: http.headers.x_powered_by:"Next.js"
Read more: https://github.com/vercel/next.js/security/advisories/GHSA-67rr-84xm-4c7r
🔥3👾1