CVE-2019-25398

IPFire 2.21 Core Update 127 contains multiple cross-site scripting vulnerabilities in the ovpnmain.cgi script that allow attackers to inject malicious scripts through VPN configuration parameters. Attackers can submit POST requests with script payloads in parameters like VPNIP, DMTU, ccdname,...

EUVD-2025-25398

Malicious code in bioql PyPI...

CVE-2020-25398

CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality...

CVE-2024-25398

CVE-2024-25398 affects Srelay (the SOCKS proxy and Relay) v0.4.8p3. The provided documents describe a vulnerability where a specially crafted network payload can trigger a denial of service and disrupt the service. The exact root cause, exploitation details, affected components beyond the main bi...

CVE-2022-25398

CVE-2022-25398 concerns Auto Spare Parts Management v1.0, where a SQL injection vulnerability exists in the user parameter. The connected sources consistently state that user-supplied input drives SQL injection, enabling potential unauthorized data access and manipulation with high impact across ...

CVE-2021-25398

CVE-2021-25398 affects Samsung Bixby Voice prior to 3.1.12, described as an intent redirection vulnerability that permits an attacker to access contacts. The connected documents indicate the issue exists in Bixby Voice and is addressed by upgrading to version 3.1.12 or later.

CVE-2020-25398

CVE-2020-25398 affects InterMind iMind Server up to version 3.13.65, via the csv export function. The root cause is CSV Injection in exported CSV data. CVSS-3.1 vector indicates Network attack, high impact to confidentiality, integrity, and availability (base 8.8). Practical exploitation details ...