CVE-2025-61136 | axewater sharewarez 2.4.3 Password Reset url_for injection

October 23, 2025 Yanac

A vulnerability marked as problematic has been reported in axewater sharewarez 2.4.3. Affected is the function url_for of the component Password Reset Handler. The manipulation leads to injection.

This vulnerability is traded as CVE-2025-61136. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-1680 | Moxa TN-4500A/TN-5500A/TN-G4500/TN-G6500 acceptance of extraneous untrusted data with trusted data
CVE-2025-61132 | levlaz braindump 0.4.14 Password Reset url_for injection