CVE-2026-25465

CVE-2026-25465 : CP Multi View Events Calendar (cp-multi-view-calendar) is affected by an authenticated Stored XSS due to improper input neutralization during web page generation. The vulnerability affects CP Multi View Events Calendar versions from n/a up to and including 1.4.35. Successful expl...

CVE-2019-25465

Hisilicon HiIpcam V100R003 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by exploiting directory listing in the cgi-bin directory. Attackers can request the getadslattr.cgi endpoint to retrieve ADSL credentials and netwo...

CVE-2022-25465

Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling...

CVE-2021-25465

An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack...

CVE-2020-25465

Null Pointer Dereference. in xObjectBindingFromExpression at moddable/xs/sources/xsSyntaxical.c:3419 in Moddable SDK before OS200908 causes a denial of service SEGV...

CVE-2023-25465

creationtimestamp| type| source ---|---|--- 2023-09-04 14:16:17+00:00| seen| https://t.me/cibsecurity/69761...

CVE-2023-25465

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy wp tell a friend popup form plugin = 7.1 versions...

CVE-2023-25465

CVE-2023-25465 affects the WordPress plugin wp-tell-a-friend-popup-form (Gopi Ramasamy) for versions <= 7.1. It is an Authenticated (admin+) Stored Cross‑Site Scripting (XSS) vulnerability. Exploitation context and impact are described across multiple sources: Red Hat/NVD entries list an admin...

CVE-2023-25465 WordPress wp tell a friend popup form Plugin <= 7.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy wp tell a friend popup form plugin = 7.1 versions...

WordPress wp tell a friend popup form Plugin <= 7.1 is vulnerable to Cross Site Scripting (XSS)

Software wp tell a friend popup form Type Plugin Vulnerable versions = 7.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25465 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4217bd7c51b8 Credits yuyudhn Require...

CVE-2022-25465

creationtimestamp| type| source ---|---|--- 2022-03-05 07:28:59+00:00| seen| https://t.me/cibsecurity/38490...

CVE-2022-25465

Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling...

CVE-2022-25465

Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling...

CVE-2022-25465

Espruino 2v11 release contains a stack buffer overflow in src/jsvar.c (jsvGetNextSibling). Root cause: a buffer overflow within the JS variable handling path. Documents do not specify exploit vectors, versions beyond 2v11, or concrete remediation; no exploitation details are provided. Remediation...

CVE-2021-25465

creationtimestamp| type| source ---|---|--- 2021-09-09 22:29:53+00:00| seen| https://t.me/cibsecurity/28618...

CVE-2021-25465

An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack...

CVE-2021-25465

The CVE-2021-25465 entry relates to Samsung Themes, affected before version 5.2.01. It describes an improper scheme check that enables a Man-in-the-Middle (MitM) attack. Affected component: Samsung Themes client software. Root cause: flawed scheme validation in network handling. Impact: potential...

CVE-2020-25465

creationtimestamp| type| source ---|---|--- 2020-12-04 20:27:17+00:00| seen| https://t.me/cibsecurity/17163...

CVE-2020-25465

CVE-2020-25465 describes a Null Pointer Dereference in Moddable SDK prior to OS200908, specifically in xObjectBindingFromExpression (moddable/xs/sources/xsSyntaxical.c:3419). The vulnerability leads to a denial of service (SEGV). Affected component: Moddable SDK before OS200908; root cause: null ...