MiracleLinux 4 : squid34-3.4.14-15.0.1.AXS4 (AXSA:2021-1659:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1659:01 advisory. squid: improper input validation may allow a trusted client to perform HTTP request smuggling CVE-2020-25097 Tenable has extracted the preceding description...

MiracleLinux 4 : squid-3.1.23-24.0.1.AXS4 (AXSA:2021-1658:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1658:02 advisory. squid: improper input validation may allow a trusted client to perform HTTP request smuggling CVE-2020-25097 Tenable has extracted the preceding description...

Linux Distros Unpatched Vulnerability : CVE-2019-25097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown functionality of the component...

CVE-2024-25097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeNcode LLC TNC PDF viewer allows Stored XSS.This issue affects TNC PDF viewer: from n/a through 2.8.0...

CVE-2021-25097

The LabTools WordPress plugin through 1.0 does not have proper authorisation and CSRF check in place when deleting publications, allowing any authenticated users, such as subscriber to delete arbitrary publication...

CVE-2018-25097

A vulnerability, which was classified as problematic, was found in Acumos Design Studio up to 2.0.7. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.0.8 is able to address this issue. The name of...

CVE-2019-25097

A vulnerability was found in soerennb eXtplorer up to 2.1.12 and classified as critical. Affected by this issue is some unknown functionality of the component Directory Content Handler. The manipulation leads to path traversal. Upgrading to version 2.1.13 is able to address this issue. The name o...

CVE-2025-25097

creationtimestamp| type| source ---|---|--- 2025-02-07 10:16:27+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhlenfyi2f2x 2025-02-07 11:15:46+00:00| seen| https://infosec.exchange/users/cve/statuses/113962316282731942...

CVE-2025-25097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kwiliarty External Video For Everybody external-video-for-everybody allows Stored XSS.This issue affects External Video For Everybody: from n/a through = 2.1.1...

CVE-2025-25097 WordPress External "Video for Everybody" plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kwiliarty External Video For Everybody allows Stored XSS. This issue affects External Video For Everybody: from n/a through 2.1.1...

CVE-2025-25097

CVE-2025-25097 is a stored XSS vulnerability in the WordPress plugin External Video For Everybody

CVE-2025-25097 WordPress External "Video for Everybody" plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kwiliarty External Video For Everybody external-video-for-everybody allows Stored XSS.This issue affects External Video For Everybody: from n/a through = 2.1.1...

CVE-2024-25097

creationtimestamp| type| source ---|---|--- 2024-03-13 17:37:19+00:00| seen| https://t.me/ctinow/206949...

CVE-2024-25097

CVE-2024-25097 describes a Stored XSS vulnerability in the WordPress plugin TNC PDF viewer (ThemeNcode) up to version 2.8.0, caused by improper input neutralization during web page generation. The issue affects the TNC PDF viewer before 2.9.0 and could allow attackers to store and execute malicio...

CVE-2024-25097 WordPress TNC PDF viewer Plugin <= 2.8.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeNcode LLC TNC PDF viewer allows Stored XSS.This issue affects TNC PDF viewer: from n/a through 2.8.0...

WordPress TNC PDF viewer Plugin <= 2.8.0 is vulnerable to Cross Site Scripting (XSS)

Software TNC PDF viewer Type Plugin Vulnerable versions = 2.8.0 Fixed in 2.9.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-25097 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 29d45cd3f947 Credits Ngô Thiên An ancorn from VNPT-VCI...

CVE-2018-25097

creationtimestamp| type| source ---|---|--- 2024-01-02 17:26:27+00:00| seen| https://t.me/ctinow/161911 2024-01-03 01:35:54+00:00| seen| https://t.me/cibsecurity/74184 2024-01-22 10:41:28+00:00| seen| https://t.me/ctinow/171079...

CVE-2018-25097

CVE-2018-25097 affects Acumos Design Studio up to version 2.0.7. The issue is a cross-site scripting vulnerability arising from an unknown function, which can be exploited remotely. The advisory consistently indicates that upgrading to version 2.0.8 mitigates the issue, with the patch identified ...

CVE-2023-25097

Milesight UR32L (v32.3.0.5) exposes a buffer-overflow vulnerability in the vtysh_ubus binary (set_qos path, attach_class/class_name) due to unsafe sprintf usage. The issue can be triggered by high-privileged, network-accessing attackers via crafted HTTP requests, potentially enabling arbitrary co...

CVE-2023-25097

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...