CVE-2025-25823

A cross-site scripting XSS vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the article header at /admin/article.php...

CVE-2025-25823

CVE-2025-25823 is an XSS in Emlog Pro v2.5.4. An attacker can inject a crafted payload into the article header at /admin/article.php to execute arbitrary web scripts/HTML. Reported impact per sources: arbitrary script execution, with CVSSv3.1 vector indicating local access, user interaction requi...

CVE-2025-25823

A cross-site scripting XSS vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the article header at /admin/article.php...

CVE-2023-25823

creationtimestamp| type| source ---|---|--- 2023-02-24 00:48:37+00:00| seen| https://t.me/cibsecurity/58831...

anomalib-orobix (>=0.7.0.dev134 <=0.7.0.dev143), cradle-app (>=0.1.0 <=0.1.1) +8 more potentially affected by CVE-2023-25823 via gradio (>=1.7.7 <=3.11.0)

gradio PYPI version =1.7.7, =0.7.0.dev134, =0.1.0, =0.0.1, =2.0.0rc3, =1.7.1, =0.3.0, =1.3.1, =2.2.0, =2.5.2, =3.0.0b0 Source cves: CVE-2023-25823 Source advisory: OSV:PYSEC-2023-16...

anomalib-orobix (>=0.7.0.dev134 <=0.7.0.dev143), cradle-app (>=0.1.0 <=0.1.1) +8 more potentially affected by CVE-2023-25823 via gradio (>=1.7.7 <=3.11.0)

gradio PYPI version =1.7.7, =0.7.0.dev134, =0.1.0, =0.0.1, =2.0.0rc3, =1.7.1, =0.3.0, =1.3.1, =2.2.0, =2.5.2, =3.0.0b0 Source cves: CVE-2023-25823 Source advisory: OSV:GHSA-3X5J-9VWR-8RR5...

CVE-2023-25823 Gradio contains Use of Hard-coded Credentials

Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links i.e. creating a Gradio app and then setting share=True, a private SSH key is sent to any...

CVE-2023-25823

Gradio (Python library) is affected by CVE-2023-25823 in versions prior to 3.13.1, where using share links (share=True) causes a private SSH key to be sent to connected users. This can let an attacker access other users’ shared Gradio demos and, depending on exposure, perform further exploits. Th...

CVE-2022-25823

CVE-2022-25823 affects the Samsung Galaxy Watch Plugin. Prior to version 2.2.05.220126741, the plugin has an information exposure vulnerability that allows attackers to access user information contained in logs. The issue is evidenced across multiple feeds (NVD/Red Hat/CNVD/CVE listings) and is m...

CA BrightStor HSM Buffer Overflow

No description provided by source. $Id: hsmserver.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CA BrightStor - HSM Buffer Overflow (Metasploit)

$Id: hsmserver.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

CA BrightStor HSM Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'CA BrightStor HSM...

CA BrightStor HSM Buffer Overflow

This module exploits one of the multiple stack buffer overflows in Computer Associates BrightStor HSM. By sending a specially crafted request, an attacker could overflow the buffer and execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...