PT-2026-7823

CVE-2026-25976 - Apache HTTP Server Denial of Service CVE ID : CVE-2026-25976 Published : 2026年2月10日 05:16 | 1 小时，59 分钟 ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2025-7994

Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

CVE-2024-25976

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

CVE-2022-25976

Improper input validation in the IntelR VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2021-25976

In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery CSRF when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known...

CVE-2024-25976

creationtimestamp| type| source ---|---|--- 2025-03-17 20:47:08+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7852...

CVE-2024-25976

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

CVE-2024-25976

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

CVE-2024-25976 Reflected Cross-Site-Scripting (XSS)

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

CVE-2024-25976

The CVE-2024-25976 entry refers to HAWKI (HAWK Digital Environments)—a university teaching interface. When LDAP authentication is enabled, the application reflects the value of $_SERVER['PHP_SELF'] in login.php, enabling reflected XSS that allows arbitrary JavaScript execution in the victim’s bro...

CVE-2024-25976 Reflected Cross-Site-Scripting (XSS)

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: HAWKI Interaction Design Team at the University of Applied Sciences and Arts in Hildesheim/Germany vulnerable version: 1.0.0-beta.1,...

CVE-2023-25976

Cross-Site Request Forgery CSRF vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin = 1.2.2 versions...

CVE-2023-25976

CVE-2023-25976 concerns the WordPress plugin “CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin” (versions

CVE-2023-25976 WordPress Integration for Contact Form 7 and Zoho CRM, Bigin Plugin <= 1.2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin = 1.2.2 versions...

CVE-2022-25976

creationtimestamp| type| source ---|---|--- 2023-05-10 18:28:51+00:00| seen| https://t.me/cibsecurity/63791...

CVE-2022-25976

Intel VROC software prior to version 7.7.6.1003 is affected by CVE-2022-25976 due to improper input validation, potentially enabling denial of service by an authenticated, local user. Impact is described as availability loss (high) with local access, low attack complexity and required privileges....

CVE-2021-25976 Piranha CMS - Site-wide Cross-Site Request Forgery (CSRF)

In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery CSRF when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known...

CVE-2026-25976

CVE-2026-25976 entry is rejected/not used.