CVE-2026-25616

Blesta 3.x through 5.x before 5.13.3 mishandles input validation, aka CORE-5665...

CVE-2025-5665

creationtimestamp| type| source ---|---|--- 2025-06-05 16:00:53+00:00| published-proof-of-concept| Telegram/A-y2hlt3NyCckM2xKlWbOeh88hUhPwc1MHtx9ZiUH06LUZA 2025-06-05 19:04:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lquz5nzjed2s...

CVE-2025-5665 FreeFloat FTP Server XCWD Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component XCWD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public a...

CVE-2023-5665

The Payment Forms for Paystack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2020-5665

Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5UC CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service DoS condition on program execution and communication by sending a specially crafted ARP packet...

CVE-2024-5665

creationtimestamp| type| source ---|---|--- 2025-01-06 15:37:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/168...

CGA-5665-RWQJ-2MVC

Bulletin has no description...

CVE-2024-5665 Login/Signup Popup ( Inline Form + Woocommerce ) 2.7.1 - 2.7.2 - Missing Authorization to Arbitrary Options Exposure

The Login/Signup Popup Inline Form + Woocommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘exportsettings’ function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and...

CVE-2023-5665

creationtimestamp| type| source ---|---|--- 2024-02-08 05:31:37+00:00| seen| https://t.me/ctinow/181160 2024-03-01 23:56:43+00:00| seen| https://t.me/ctinow/198139...

CVE-2023-5665

The Payment Forms for Paystack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2023-5665

The Payment Forms for Paystack plugin for WordPress is affected by a Stored XSS in all versions up to 3.4.1 due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. Exploitation requires attacker with contributor-level permissions to inject scripts, which ...

CVE-2023-5665 Payment Forms for Paystack <= 3.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Payment Forms for Paystack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress Payment Forms for Paystack Plugin <= 3.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Payment Forms for Paystack Type Plugin Vulnerable versions = 3.4.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5665 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3391483ec0bd Credits István Márton...

Ubuntu 16.04 ESM : PCRE vulnerabilities (USN-5665-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5665-1 advisory. It was discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to...

RHEL 8 : mariadb:10.3 (RHSA-2020:5665)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5665 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded ...

CVE-2020-5665

Summary: CVE-2020-5665 affects Mitsubishi Electric MELSEC iQ-F Series FX5U(C) CPU modules with firmware version 1.060 or earlier. The vulnerability arises from an improper check/handling of exceptional conditions (CWE-703), which could allow an attacker to cause a denial-of-service on program exe...

CVE-2019-5665

CVE-2019-5665 affects NVIDIA GPU Display Drivers (Windows and Linux) in the 3D vision component. The root cause is the stereo service failing to validate hard links when opening a file, potentially enabling code execution, denial of service, or privilege escalation. Affected products include NVID...

CVE-2018-5665

The CVE-2018-5665 vulnerability affects the WordPress plugin “responsive-coming-soon-page” (version 1.1.18). The issue is a cross-site scripting (XSS) flaw that can be triggered via the wp-admin/admin.php logo_height parameter, enabling injection of arbitrary script/HTML. NVD reports CVSS 3.0 bas...

CVE-2017-5665

The vulnerability affects libmp3splt 0.9.2, where the splt_cue_export_to_file function in cue.c can be triggered by a crafted file to cause a denial of service via a NULL pointer dereference crash. Connected documents confirm the same issue across various feeds; no remediation details or patched ...

CVE-2017-5665

The spltcueexporttofile function in cue.c in libmp3splt 0.9.2 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted file...