Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

Circl
Circladded 2026/05/22 3:55 a.m.4 views

CVE-2026-25608

creationtimestamp| type| source ---|---|--- 2026-05-22 03:55:00+00:00| seen| https://cert.pl/en/posts/2026/05/CVE-2026-25606 2026-05-22 13:23:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmgzrv4iaa2e...

8.7CVSS5.7AI score0.00034EPSS
Exploits0References2
Circl
Circladded 2026/03/22 2:49 p.m.1 views

CVE-2019-25608

creationtimestamp| type| source ---|---|--- 2026-03-22 14:49:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhns4tdse22y...

8.6CVSS5.8AI score0.00018EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 7:13 a.m.7 views

CVE-2024-25608

HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' U+FFFD, which allows remote...

6.1CVSS6.3AI score0.1765EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 4:16 p.m.3 views

CVE-2020-25608

The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL Injection...

7.2CVSS7.5AI score0.00381EPSS
Exploits0
OSV
OSVadded 2024/02/20 10:15 a.m.3 views

CVE-2024-25608

HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' U+FFFD, which allows remote...

6.1CVSS6.4AI score0.1765EPSS
Exploits0References1
NVD
NVDadded 2024/02/20 10:15 a.m.9 views

CVE-2024-25608

HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' U+FFFD, which allows remote...

6.1CVSS6.3AI score0.1765EPSS
Exploits0References1
CVE
CVEadded 2024/02/20 9:26 a.m.72 views

CVE-2024-25608

Summary: The CVE affects Liferay Portal and Liferay DXP versions as described in multiple sources. Root cause: HtmlUtil.escapeRedirect can be bypassed using the Replacement Character (U+FFFD), enabling redirection to arbitrary external URLs. Affected products and versions: Liferay Portal 7.2.0–7....

6.1CVSS6.3AI score0.1765EPSS
Exploits0References1Affected Software2
Cvelist
Cvelistadded 2024/02/20 9:26 a.m.11 views

CVE-2024-25608

HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' U+FFFD, which allows remote...

6.1CVSS6.5AI score0.1765EPSS
Exploits0References1
Circl
Circladded 2023/09/13 4:23 p.m.1 views

CVE-2023-25608

creationtimestamp| type| source ---|---|--- 2023-09-13 16:23:48+00:00| seen| https://t.me/cibsecurity/70381...

6.5CVSS6.3AI score0.00231EPSS
Exploits0References1
OSV
OSVadded 2023/09/13 1:15 p.m.2 views

CVE-2023-25608

An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all...

6.5CVSS5.9AI score
Exploits0References1
CVE
CVEadded 2023/09/13 12:28 p.m.43 views

CVE-2023-25608

CVE-2023-25608 affects Fortinet FortiAP-W2, FortiAP-C, FortiAP, and FortiAP-U products due to incomplete filtering of special elements (CWE-792) in the command line interpreter. An authenticated attacker could read arbitrary files by supplying specially crafted command arguments. Affected version...

6.5CVSS6.5AI score0.00231EPSS
Exploits0References1Affected Software4
NVD
NVDadded 2022/03/23 8:15 p.m.9 views

CVE-2022-25608

Cross-Site Request Forgery CSRF in Yoo Slider – Image Slider & Video Slider WordPress plugin allows attackers to trick authenticated users into unwanted slider duplicate or delete action...

5.4CVSS0.00106EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/03/23 7:46 p.m.13 views

CVE-2022-25608 WordPress Yoo Slider – Image Slider & Video Slider plugin <= 2.0.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to slider Duplicate/Delete

Cross-Site Request Forgery CSRF in Yoo Slider – Image Slider & Video Slider WordPress plugin allows attackers to trick authenticated users into unwanted slider duplicate or delete action...

5.4CVSS5.8AI score0.00106EPSS
Exploits0References2
CVE
CVEadded 2022/03/23 7:46 p.m.84 views

CVE-2022-25608

CVE-2022-25608 concerns a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Yoo Slider plugin, affecting versions up to 2.0.0. The issue allows an attacker to trick authenticated users into performing arbitrary slider actions, specifically duplicating or deleting sliders. Root caus...

5.4CVSS5.4AI score0.00106EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/03/23 7:46 p.m.7 views

CVE-2022-25608 WordPress Yoo Slider – Image Slider & Video Slider plugin <= 2.0.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to slider Duplicate/Delete

Cross-Site Request Forgery CSRF in Yoo Slider – Image Slider & Video Slider WordPress plugin allows attackers to trick authenticated users into unwanted slider duplicate or delete action...

5.4CVSS5.4AI score0.00106EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2022/03/21 9:17 p.m.4 views

CVE-2022-25608

Cross-Site Request Forgery CSRF in Yoo Slider – Image Slider & Video Slider WordPress plugin allows attackers to trick authenticated users into unwanted slider duplicate or delete action...

5.4CVSS5.6AI score0.00106EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2020/12/18 8:15 a.m.0 views

CVE-2020-25608

The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL Injection...

7.2CVSS7.1AI score
Exploits0References1
NVD
NVDadded 2020/12/18 8:15 a.m.13 views

CVE-2020-25608

The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL Injection...

7.2CVSS7.2AI score0.00381EPSS
Exploits0References1
CVE
CVEadded 2020/12/18 7:15 a.m.45 views

CVE-2020-25608

The CVE-2020-25608 entry concerns Mitel MiCollab’s SAS portal (pre-9.2). The connected documents confirm a SQL Injection vulnerability caused by improper input validation, enabling an attacker to access user credentials. Affected component is the SAS portal; root cause is input validation failure...

7.2CVSS7.2AI score0.00381EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2020/12/18 7:15 a.m.12 views

CVE-2020-25608

The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL Injection...

7.2AI score0.00381EPSS
Exploits0References1
Rows per page
Query Builder