2 matches found
CVE-2025-40991
creationtimestamp| type| source ---|---|--- 2025-10-02 10:59:49+00:00| seen| Telegram/U83XvyizqxYZmogsZl1HaLingCo1GHGZcAVnICTmestIR10...
CVE-2025-40991 Stored XSS in Creativeitem Ekushey CRM
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...