CVE-2025-7875

A vulnerability classified as critical has been found in Metasoft 美特软件 MetaCRM up to 6.4.2. This affects an unknown part of the file /debug.jsp. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may ...

CVE-2025-7875

The CVE-2025-7875 entry concerns Metasoft MetaCRM (versions up to 6.4.2). The vulnerability affects an unspecified portion of the /debug.jsp file and results in improper authentication, enabling remote initiation of an attack. Public exploitation details exist in the sources, and the vendor was c...

CVE-2014-9412

Multiple cross-site scripting XSS vulnerabilities in NetIQ Access Manager NAM 4.x before 4.1 allow remote attackers to inject arbitrary web script or HTML via 1 an arbitrary parameter to roma/jsp/debug/debug.jsp or 2 an arbitrary parameter in a debug.DumpAll action to nps/servlet/webacc, a...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in jsp/common/system/debug.jsp in IBM Maximo 4.1 and 5.2 allow remote attackers to inject arbitrary web script or HTML via the 1 Accept, 2 Accept-Language, 3 UA-CPU, 4 Accept-Encoding, 5 User-Agent, or 6 Cookie HTTP header. NOTE: the provenance of...

ibmmromaximo-xss.txt

Affected Software/Device: IBM MRO MAXIMO Tested Version: 4.1 , 5.2 Vulnerability: Cross Site Scripting & Information Disclosure Risk: Low / Medium Description: MRO Maximo is a strategic asset and service management system that runs on a number of databases including Oracle, SQL Server and IBM DB2...