CVE-2026-25250

creationtimestamp| type| source ---|---|--- 2026-04-14 15:49:19+00:00| seen| https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review 2026-04-15 06:53:38+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0119 2026-04-15 12:00:08+00:00| seen|...

CVE-2018-25250

MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that execute when users...

CVE-2018-25250 MyBB Last User's Threads in Profile Plugin 1.2 Persistent XSS

MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. Attackers can create threads with script payloads in the subject field that execute when users...

CVE-2025-25250

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability CWE-200 in FortiOS version 7.6.0, version 7.4.7 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions SSL-VPN web-mode may allow an authenticated user to access full SSL-VPN settings via crafted URL...

CVE-2025-25250

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability CWE-200 in FortiOS version 7.6.0, version 7.4.7 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions SSL-VPN web-mode may allow an authenticated user to access full SSL-VPN settings via crafted URL...

CVE-2025-25250

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability CWE-200 in FortiOS version 7.6.0, version 7.4.7 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions SSL-VPN web-mode may allow an authenticated user to access full SSL-VPN settings via crafted URL...

CVE-2025-25250

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability CWE-200 in FortiOS version 7.6.0, version 7.4.7 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions SSL-VPN web-mode may allow an authenticated user to access full SSL-VPN settings via crafted URL...

CVE-2025-25250

FortiOS contains an Information Disclosure vulnerability (CWE-200) affecting SSL-VPN web-mode that can allow an authenticated user to view full SSL-VPN settings via a crafted URL. Affected versions include FortiOS 7.6.0, 7.4.7 and earlier, and all 7.2/7.0/6.4 releases. CVSSv3.1 base score 4.3 (Ne...

CVE-2024-25250

SQL Injection vulnerability in code-projects Agro-School Management System 1.0 allows attackers to run arbitrary code via the Login page...

CVE-2024-25250

SQL Injection vulnerability in code-projects Agro-School Management System 1.0 allows attackers to run arbitrary code via the Login page...

CVE-2024-25250

CVE-2024-25250 describes an SQL injection in the Agro-School Management System (v1.0) Login page that can lead to arbitrary code execution. Affected component: Login handling; root cause: unsafe SQL handling through user input. Impact per the entry: high confidentiality, integrity, and availabili...

CVE-2022-25250

When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions may allow an attacker to send a certain command to a specific port without authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to sh...

CVE-2022-25250 PTC Axeda agent and Axeda Desktop Server Missing Authentication For Critical Function

When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions may allow an attacker to send a certain command to a specific port without authentication. Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to sh...

CVE-2022-25250

CVE-2022-25250 affects PTC Axeda agent (all versions) and Axeda Desktop Server for Windows (all versions). It is a missing authentication for a critical function vulnerability that allows a remote unauthenticated attacker to send a command to a port and shutdown a service (CVE-25250, CVSS v3.1 ba...

CVE-2021-25250

The CVE-2021-25250 issue affects Trend Micro Apex One, Apex One as a Service, and OfficeScan XG SP1, with the vulnerable component identified as the ApexOne Security Agent. The root cause is an improper access control that sets incorrect permissions on a sensitive file, enabling a local attacker ...

CVE-2020-25250

CVE-2020-25250 affects Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below, and 20.3.10.1000 and below. The issue allows client applications to write arbitrary data to the server logs. The connected documents do not provide exploit details, affecte...