CVE-2024-25099

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David de Boer Paytium: Mollie payment forms & donations allows Stored XSS.This issue affects Paytium: Mollie payment forms & donations: from n/a through 4.4.2...

CVE-2022-25099

A vulnerability in the component /languages/index.php of WBCE CMS v1.5.2 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2025-25099

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in accreteinfosolution Appointment Buddy Widget appointment-buddy-online-appointment-booking-by-accrete allows Cross-Site Scripting XSS.This issue affects Appointment Buddy Widget: from n/a through =...

CVE-2025-25099

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in accreteinfosolution Appointment Buddy Widget appointment-buddy-online-appointment-booking-by-accrete allows Cross-Site Scripting XSS.This issue affects Appointment Buddy Widget: from n/a through =...

CVE-2025-25099

CVE-2025-25099 is a reflected Cross‑Site Scripting vulnerability in the Appointment Buddy Widget by Accrete for WordPress, affecting versions up to 1.2. The issue results from improper neutralization of user input during web page generation, enabling reflected XSS. Public exploitation details are...

CVE-2025-25099 WordPress Appointment Buddy Widget By Accrete plugin <= 1.2. - Reflected Cross-Site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in accreteinfosolution Appointment Buddy Widget allows Reflected XSS. This issue affects Appointment Buddy Widget: from n/a through 1.2...

CVE-2025-25099 WordPress Appointment Buddy Widget By Accrete plugin <= 1.2. - Reflected Cross-Site Scripting vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in accreteinfosolution Appointment Buddy Widget appointment-buddy-online-appointment-booking-by-accrete allows Cross-Site Scripting XSS.This issue affects Appointment Buddy Widget: from n/a through =...

openSUSE 15 Security Update : perl-CryptX (openSUSE-SU-2024:0112-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0112-1 advisory. - In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag. CVE-2018-25099 Note that Nessus h...

openSUSE Security Advisory (openSUSE-SU-2024:0112-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-25099

creationtimestamp| type| source ---|---|--- 2024-03-18 06:26:52+00:00| seen| https://t.me/ctinow/210193 2024-03-18 06:26:57+00:00| seen| https://t.me/ctinow/210198...

CVE-2018-25099

In the CryptX module before 0.062 for Perl, gcmdecryptverify and chacha20poly1305decryptverify do not verify the tag...

CVE-2018-25099

The CVE-2018-25099 issue affects the CryptX Perl module prior to 0.062, where gcm_decrypt_verify() and chacha20poly1305_decrypt_verify() fail to verify the authentication tag. This can lead to input tampering without detection, as summarized in multiple advisories. Public mentions show remediatio...

CVE-2024-25099

creationtimestamp| type| source ---|---|--- 2024-03-13 17:37:20+00:00| seen| https://t.me/ctinow/206950...

CVE-2024-25099 WordPress Paytium: Mollie payment forms & donations Plugin <= 4.4.2 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David de Boer Paytium: Mollie payment forms & donations allows Stored XSS.This issue affects Paytium: Mollie payment forms & donations: from n/a through 4.4.2...

CVE-2024-25099

CVE-2024-25099 concerns the Paytium plugin for WordPress (Paytium: Mollie payment forms & donations). The issue is a stored XSS caused by improper input neutralization during web page generation, affecting Paytium versions up to 4.4.2. A fix exists in version 4.4.3. Public details confirm the vul...

WordPress Paytium Plugin <= 4.4.2 is vulnerable to Cross Site Scripting (XSS)

Software Paytium Type Plugin Vulnerable versions = 4.4.2 Fixed in 4.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-25099 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5a3bcaaed120 Credits Ngô Thiên An ancorn from VNPT-VCI Required...

CVE-2023-25099

creationtimestamp| type| source ---|---|--- 2023-07-06 18:33:46+00:00| seen| https://t.me/cibsecurity/66123...

CVE-2023-25099

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

CVE-2019-25099

creationtimestamp| type| source ---|---|--- 2023-01-06 16:20:10+00:00| seen| https://t.me/cibsecurity/56043...

CVE-2019-25099 Arthmoor QSF-Portal index.php path traversal

A vulnerability classified as critical was found in Arthmoor QSF-Portal. This vulnerability affects unknown code of the file index.php. The manipulation of the argument a leads to path traversal. The patch is identified as ea4f61e23ecb83247d174bc2e2cbab521c751a7d. It is recommended to apply a pat...