CVE-2026-5325

A vulnerability was determined in SourceCodester Simple Customer Relationship Management System 1.0. This issue affects some unknown processing of the file /create-ticket.php of the component Create Ticket. This manipulation of the argument Description causes cross site scripting. Remote...

CVE-2025-5325

A vulnerability has been found in zhilink 智互联深圳科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /adpweb/a/ica/api/service/rfa/testService. The manipulation leads to improper neutralization of...

CVE-2008-5325

Multiple cross-site scripting XSS vulnerabilities in CQ Web in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Linux Distros Unpatched Vulnerability : CVE-2011-5325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working...

RHEL 8 : firefox (RHSA-2024:5325)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:5325 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: Firefox:...

CVE-2024-5325

creationtimestamp| type| source ---|---|--- 2024-07-12 16:04:56+00:00| seen| https://t.me/cvedetector/722...

CVE-2024-5325

The vulnerability CVE-2024-5325 affects Form Vibes – Database Manager for Forms (WordPress plugin). It is a SQL Injection via the fv_export_data parameter in all versions up to 1.4.10, caused by insufficient escaping and lack of prepared statements. Authenticated users with Subscriber+ privileges...

CVE-2024-5325 Form Vibes <= 1.4.10 - Authenticated (Subscriber+) SQL Injection via fv_export_data

The Form Vibes plugin for WordPress is vulnerable to SQL Injection via the ‘fvexportdata’ parameter in all versions up to, and including, 1.4.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-5325 Form Vibes <= 1.4.10 - Authenticated (Subscriber+) SQL Injection via fv_export_data

The Form Vibes plugin for WordPress is vulnerable to SQL Injection via the ‘fvexportdata’ parameter in all versions up to, and including, 1.4.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

WordPress Form Vibes – Database Manager for Forms Plugin <= 1.4.10 is vulnerable to SQL Injection

Software Form Vibes – Database Manager for Forms Type Plugin Vulnerable versions = 1.4.10 Fixed in 1.4.11 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-5325 Patch priority High CVSS severity High 8.5 Developer WPVibes PSID ede7aa3d2234 Credits Peter Thaleikis Required...

CGA-7R4H-PMV2-5325

Bulletin has no description...

CVE-2023-5325

creationtimestamp| type| source ---|---|--- 2023-12-17 08:36:44+00:00| seen| https://t.me/ctinow/155535...

CVE-2023-5325

The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS...

CVE-2023-5325 Woocommerce Vietnam Checkout < 2.0.6 - Unauthenticated Stored XSS

The Woocommerce Vietnam Checkout WordPress plugin before 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS...

CVE-2023-5325

CVE-2023-5325 affects the WooCommerce Vietnam Checkout WordPress plugin prior to version 2.0.6. The root cause is lack of escaping/cleanup of the custom shipping phone field on the checkout form, causing unauthenticated stored XSS. Public PoC details and descriptions across multiple sources confi...

K66504414: Foomatic vulnerability CVE-2010-5325

Security Advisory Description Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service memory corruption and crash or possibly execute arbitrary code via a long job title. CVE-2010-5325 Impact There ...

SUSE CVE-2016-5325

CRLF injection vulnerability in the ServerResponsewriteHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the reason argument...

CVE-2019-5325

creationtimestamp| type| source ---|---|--- 2023-01-06 18:20:09+00:00| seen| https://t.me/cibsecurity/56057...

CVE-2019-5325

Rejected reason: CVE was unused by HPE...

SUSE: Security Advisory (SUSE-SU-2022:4253-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...