Lucene search
K

142 matches found

Cvelist
Cvelist
added 2025/10/10 11:3 a.m.8 views

CVE-2025-11190 CVE-2025-11190

The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website...

0.00325EPSS
Exploits0References1
CVE
CVE
added 2025/10/10 11:3 a.m.9 views

CVE-2025-11190

CVE-2025-11190 affects the Kiwire Captive Portal (SynchroWeb). The issue is an open redirection in the login-url parameter that can redirect users to an attacker‑controlled website. Public details consistently describe this as a login flow redirection vulnerability without additional exploit info...

5.4CVSS6.5AI score0.00325EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/10/10 11:3 a.m.7 views

CVE-2025-11189 CVE-2025-11189

The Kiwire Captive Portal contains a reflected cross-site scripting XSS vulnerability within the login-url parameter, allowing for Javascript execution...

0.00371EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/10 11:3 a.m.2 views

CVE-2025-11189 CVE-2025-11189

The Kiwire Captive Portal contains a reflected cross-site scripting XSS vulnerability within the login-url parameter, allowing for Javascript execution...

5.6AI score0.00371EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/10 12:0 a.m.4 views

Kiwire Captive Portal 安全漏洞

Kiwire Captive Portal is a login authentication page from Kiwire Malaysia. A security vulnerability exists in Kiwire Captive Portal that stems from an open redirection issue with the login-url parameter, which could result in users being redirected to an attacker-controlled website...

5.4CVSS6.9AI score0.00325EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/10 12:0 a.m.4 views

Kiwire Captive Portal 安全漏洞

Kiwire Captive Portal is a login authentication page from Kiwire Malaysia. A security vulnerability exists in Kiwire Captive Portal, which stems from the presence of reflective cross-site scripting in the login-url parameter, which could lead to the execution of Javascript code...

7.3CVSS6.5AI score0.00371EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.5 views

PT-2025-41542

Name of the Vulnerable Software and Affected Versions Kiwire Captive Portal affected versions not specified Description The software contains a reflected cross-site scripting XSS issue within the login-url parameter. This allows for Javascript execution. The issue is present in the login...

7.3CVSS5.7AI score0.00371EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.5 views

PT-2025-41543

Name of the Vulnerable Software and Affected Versions Kiwire Captive Portal affected versions not specified Description The software contains an open redirection issue. An attacker can redirect users to a website controlled by the attacker through manipulation of the login-url parameter. The...

5.4CVSS6.2AI score0.00325EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-10585

Malware in sbrugna...

6.1CVSS6.2AI score0.01135EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-30502

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00266EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28001

Malicious code in bioql PyPI...

4.7CVSS5AI score0.00364EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-24883

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00412EPSS
Exploits2References1
OSV
OSV
added 2025/10/02 3:15 p.m.8 views

CVE-2025-59770

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS5.9AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2025/10/02 3:15 p.m.20 views

CVE-2025-59755

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.9CVSS0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/02 2:39 p.m.3 views

CVE-2025-59769 Multiple vulnerabilities in AndSoft's e-TMS

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

5.1CVSS6.1AI score0.00181EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/02 2:34 p.m.23 views

CVE-2025-59759 Multiple vulnerabilities in AndSoft's e-TMS

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

5.1CVSS0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/02 2:30 p.m.11 views

CVE-2025-59757 Multiple vulnerabilities in AndSoft's e-TMS

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

5.1CVSS6.1AI score0.00181EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/02 2:27 p.m.9 views

CVE-2025-59755 Multiple vulnerabilities in AndSoft's e-TMS

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.9CVSS0.00181EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/09/26 1:2 p.m.8 views

Rancher CLI SAML authentication is vulnerable to phishing attacks

Impact A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher’s authentication tokens. Rancher Manager...

8CVSS6.8AI score0.00217EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.4 views

PT-2025-39664

Name of the Vulnerable Software and Affected Versions Rancher Manager versions prior to 2.9.12 Rancher Manager versions prior to 2.10.10 Rancher Manager versions prior to 2.11.6 Rancher Manager versions prior to 2.12.2 Description Rancher Manager is susceptible to phishing attacks targeting SAML...

9.9CVSS6.5AI score0.02829EPSS
Exploits11References49
Rows per page
Query Builder