PT-2026-7820

CVE-2026-25973 - "Apache HTTP Server Cross-Site Request Forgery" CVE ID : CVE-2026-25973 Published : 2026年2月10日 05:16 | 1 小时，59 分钟 ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2021-25973

In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. “guest” role users can self-register even when the admin does not allow. This happens due to front-end restriction only...

CVE-2025-25973

CVE-2025-25973 affects Ppress v0.0.9 where a stored XSS flaw exists in the "related recommendations" feature. The vulnerability arises from crafted input to article.title, article.category, and article.tags, enabling a remote attacker to execute arbitrary code. Affected component is the related r...

OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation Vulnerabilities

OpenOLAT versions 18.1.4 and below and versions 18.1.5 and below suffer from multiple persistent cross site scripting vulnerabilities. ======================================================================= title: Multiple Stored Cross-Site Scripting Vulnerabilities product: OpenOLAT Frentix GmbH...

CVE-2024-25973

creationtimestamp| type| source ---|---|--- 2024-02-20 09:26:07+00:00| seen| https://t.me/ctinow/188246 2024-02-20 09:31:45+00:00| seen| https://t.me/ctinow/188249 2024-02-21 06:50:56+00:00| seen| https://t.me/arpsyndicate/3698 2025-02-12 19:08:25+00:00| seen|...

CVE-2024-25973

Summary: CVE-2024-25973 affects OpenOLAT LMS by Frentix GmbH. The issue comprises multiple stored XSS vulnerabilities that can be triggered when users with specific permissions (group creation/edit, catalog sub-category creation/renaming, or curriculum creation) enter unfiltered input in name fie...

CVE-2024-25973 Multiple Stored Cross-Site Scripting Vulnerabilities

The Frentix GmbH OpenOlat LMS is affected by multiple stored Cross-Site Scripting XSS vulnerabilities. An attacker with rights to create or edit groups can create a course with a name that contains an XSS payload. Furthermore, attackers with the permissions to create or rename a catalog...

CVE-2023-25973

creationtimestamp| type| source ---|---|--- 2023-03-13 17:23:18+00:00| seen| https://t.me/cibsecurity/59891...

CVE-2023-25973

Cross-Site Request Forgery CSRF vulnerability in Lucian Apostol Auto Affiliate Links plugin = 6.3.0.2 versions...

CVE-2023-25973 WordPress Auto Affiliate Links Plugin <= 6.3.0.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Lucian Apostol Auto Affiliate Links plugin = 6.3.0.2 versions...

CVE-2023-25973

CVE-2023-25973 is a CSRF vulnerability in the WordPress plugin Lucian Apostol Auto Affiliate Links, affecting versions

CVE-2023-25973 WordPress Auto Affiliate Links Plugin <= 6.3.0.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Lucian Apostol Auto Affiliate Links plugin = 6.3.0.2 versions...

CVE-2022-25973

All versions of package mc-kill-port are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port argument...

CVE-2022-25973 Arbitrary Command Execution

All versions of package mc-kill-port are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port argument...

CVE-2022-25973

mc-kill-port is vulnerable to Arbitrary Command Execution via the kill function due to missing sanitization of the port argument. Affected versions (as described across multiple sources) expose an exploit path where an attacker can inject commands through the port parameter, enabling local comman...

CVE-2021-25973 Publify - Improper Authorization Leads to Guest Signup Restriction Bypass

In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. “guest” role users can self-register even when the admin does not allow. This happens due to front-end restriction only...

CVE-2021-25973

Affected software: Publify (versions 9.0.0.pre1–9.2.4). Vulnerability type: Improper Access Control allowing a guest user to self-register even when the admin disallows it, resulting from front-end restriction rather than server-side controls. Impact (as described): Guest users can create account...

CVE-2026-25973

...

CVE-2026-25973

CVE-2026-25973 is rejected/not used; this CVE ID does not represent an active vulnerability entry.