20 matches found
CVE-2025-63724
SQL injection SQL-i vulnerability in SVX Portal 2.7A via crafted POST request to admin/updatesetings.php...
CVE-2025-63725
Reflected Cross-Site Scripting XSS vulnerability in SVX Portal 2.7A via the id parameter to Recivers.php...
CVE-2025-63725
Reflected Cross-Site Scripting XSS vulnerability in SVX Portal 2.7A via the id parameter to Recivers.php...
CVE-2025-63725
Reflected Cross-Site Scripting XSS vulnerability in SVX Portal 2.7A via the id parameter to Recivers.php...
CVE-2025-63724
SQL injection SQL-i vulnerability in SVX Portal 2.7A via crafted POST request to admin/updatesetings.php...
CVE-2025-63724
SQL injection SQL-i vulnerability in SVX Portal 2.7A via crafted POST request to admin/updatesetings.php...
CVE-2025-63725
Reflected Cross-Site Scripting XSS vulnerability in SVX Portal 2.7A via the id parameter to Recivers.php...
PT-2025-46995
Name of the Vulnerable Software and Affected Versions SVX Portal version 2.7A Description A SQL injection flaw exists in SVX Portal version 2.7A. This issue is triggered by a specially crafted POST request sent to the /admin/update setings.php endpoint. Successful exploitation could allow an...
CVE-2025-63725
Reflected Cross-Site Scripting XSS vulnerability in SVX Portal 2.7A via the id parameter to Recivers.php...
CVE-2025-63724
SQL injection SQL-i vulnerability in SVX Portal 2.7A via crafted POST request to admin/updatesetings.php...
CVE-2025-63724
SVX Portal 2.7A has a SQL injection in the admin/update_setings.php endpoint triggered by crafted POST requests. The vulnerability affects the portal’s server-side handling of input and can lead to unauthorized query manipulation. References from multiple sources corroborate the issue for version...
CVE-2025-63725
SVX Portal 2.7A contains a reflected Cross-Site Scripting (XSS) vulnerability in Recivers.php via the id parameter. The connected documents consistently describe an XSS flaw triggered by unvalidated/manipulable input in the id parameter, enabling script injection in pages rendered to victims. Imp...
CVE-2025-61532
Cross Site Scripting vulnerability in SVX Portal v.2.7A to execute arbitrary code via the TG parameter on lastheardpage.php component...
CVE-2025-61532
Cross Site Scripting vulnerability in SVX Portal v.2.7A to execute arbitrary code via the TG parameter on lastheardpage.php component...
CVE-2025-61532
Cross Site Scripting vulnerability in SVX Portal v.2.7A to execute arbitrary code via the TG parameter on lastheardpage.php component...
CVE-2025-61532
CVE-2025-61532 describes a Cross Site Scripting vulnerability in SVX Portal v2.7A affecting the last_heard_page.php component, exploitable via the TG parameter to execute arbitrary code. The issue is documented across multiple feeds (NVD, Red Hat, CNNVD, CVE records) with an impact described as a...
PT-2025-41392
Name of the Vulnerable Software and Affected Versions SVX Portal version 2.7A Description A Cross Site Scripting issue exists in SVX Portal version 2.7A that allows for the execution of arbitrary code. The issue is located in the last heard page.php component and involves the TG parameter...
CVE-2025-61532
Cross Site Scripting vulnerability in SVX Portal v.2.7A to execute arbitrary code via the TG parameter on lastheardpage.php component...
EUVD-2025-33355
Cross Site Scripting vulnerability in SVX Portal v.2.7A to execute arbitrary code via the TG parameter on lastheardpage.php component...
CVE-2025-61532
Cross Site Scripting vulnerability in SVX Portal v.2.7A to execute arbitrary code via the TG parameter on lastheardpage.php component...