CVE-2026-6025

creationtimestamp| type| source ---|---|--- 2026-04-10 06:04:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj4noo4i2t2i 2026-04-10 07:00:24+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mj4qrxqgo72p 2026-04-10 07:17:31+00:00| seen|...

CVE-2026-6025 Totolink A7100RU CGI cstecgi.cgi setSyslogCfg os command injection

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The...

CVE-2026-6025

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The...

Debian: Security Advisory (DSA-6025-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-6025

creationtimestamp| type| source ---|---|--- 2025-08-15 03:01:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lwfuhlskyj24...

CVE-2025-6025

CVE-2025-6025 concerns the Order Tip for WooCommerce plugin (WordPress) with unauthenticated input validation failure on the data-tip attribute, affecting all versions up to 1.5.4. The issue enables callers to submit tip values (including negative amounts) that can yield unauthorized discounts, p...

WordPress Order Tip for WooCommerce plugin <= 1.5.4 - Unauthenticated Tip Manipulation to Negative Value Leading to Unauthorized Discounts vulnerability

Unauthenticated Tip Manipulation to Negative Value Leading to Unauthorized Discounts vulnerability discovered by t.t.brothers in WordPress Plugin Order Tip for WooCommerce versions = 1.5.4...

CVE-2024-6025

The Quiz and Survey Master QSM WordPress plugin before 9.0.5 does not sanitise and escape some of its Quiz settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks...

CVE-2019-6025

Open redirect vulnerability in Movable Type series Movable Type 7 r.4602 7.1.3 and earlier Movable Type 7, Movable Type 6.5.0 and 6.5.1 Movable Type 6.5, Movable Type 6.3.9 and earlier Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x, Movable Type Advanced 7 r.4602 7.1.3 and earlier Movable Type 7, Movabl...

CVE-2006-6025

creationtimestamp| type| source ---|---|--- 2025-04-03 16:35:08+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10269...

CVE-2024-6025

creationtimestamp| type| source ---|---|--- 2024-07-11 08:42:03+00:00| seen| https://t.me/cvedetector/637...

CVE-2024-6025

The Quiz and Survey Master QSM WordPress plugin before 9.0.5 does not sanitise and escape some of its Quiz settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks...

CVE-2024-6025

The Quiz and Survey Master QSM WordPress plugin before 9.0.5 does not sanitise and escape some of its Quiz settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks...

CVE-2024-6025 Quiz and Survey Master < 9.0.5 - Contributor+ Stored XSS

The Quiz and Survey Master QSM WordPress plugin before 9.0.5 does not sanitise and escape some of its Quiz settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks...

CVE-2024-6025 Quiz and Survey Master < 9.0.5 - Contributor+ Stored XSS

The Quiz and Survey Master QSM WordPress plugin before 9.0.5 does not sanitise and escape some of its Quiz settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks...

WordPress Quiz And Survey Master Plugin < 9.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Quiz And Survey Master Type Plugin Vulnerable versions 9.0.5 Fixed in 9.0.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6025 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 041e8eaa0b85 Credits Dmitrii Ignatyev...

CVE-2019-6025

creationtimestamp| type| source ---|---|--- 2024-03-17 10:16:14+00:00| seen| https://t.me/ctinow/209837...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6025-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6025-1 advisory. It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local...

CVE-2019-6025

CVE-2019-6025 describes an open redirect vulnerability in Movable Type and related products. A specially crafted URL can cause users to be redirected to arbitrary sites, enabling phishing. Affected: Movable Type 7 (r.4602/7.1.3) and earlier across MT 6.x, MT Advanced 6.x/7.x, MT Premium variants....

CVE-2018-14262

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getU...