PT-2025-50615

Name of the Vulnerable Software and Affected Versions Foxit PDF and Editor versions prior to 13.2 Foxit PDF and Editor 2025 versions prior to 2025.2 Description An issue exists in Foxit PDF and Editor that may lead to information disclosure or memory corruption. This can occur when opening a...

CVE-2025-59802

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

CVE-2025-55307

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query with a crafted cDIPath parameter e.g., "/" may cause an out-of-bounds read in internal path-parsing logic, potentially leadi...

PT-2025-50745

Name of the Vulnerable Software and Affected Versions Flatboard version 3.2 Description An authenticated administrator can inject malicious scripts in forum information fields, leading to a stored cross-site scripting issue. Attackers can insert JavaScript payloads that execute when other users...

CVE-2025-55311

Foxit PDF Editor CVE-2025-55311 affects Foxit PDF and Editor on Windows/macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and clear the file’s modification status, bypassing digital signature verification and undermining trust in signed PDFs. R...

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor versions prior to 13.2 and 2025 2025.2, which originates from JavaScript modifying the content of annotations and clearing the modification status, potentially bypassing...

CVE-2025-55314

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing...

CVE-2025-55307

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query with a crafted cDIPath parameter e.g., "/" may cause an out-of-bounds read in internal path-parsing logic, potentially leadi...

Microweber 跨站脚本漏洞

Microweber is Microweber open source online store management system that provides drag and drop functionality. The system includes modules for adding products, images and more. A cross-site scripting vulnerability exists in Microweber version 2.0.15, which stems from the presence of stored...

CVE-2025-55312

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereferen...

CVE-2025-55311

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital signature verification b...

CVE-2025-55314

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing...

CVE-2025-55312

CVE-2025-55312 affects Foxit PDF Editor for Windows prior to 13.2 and prior to 2025.2. When pages are deleted via JavaScript, the software may fail to update internal states, leading to dereference of invalid memory during subsequent annotation management. This memory corruption can cause crashes...

CVE-2025-55312

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereferen...

PT-2025-50622

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing...

CVE-2025-55311

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital signature verification b...

PT-2025-50751

Name of the Vulnerable Software and Affected Versions PyroCMS version 3.0.1 Description The software contains a stored cross-site scripting issue in the admin redirects configuration. Attackers can inject malicious scripts by inserting a payload into the 'Redirect From' field. This allows for the...

EUVD-2025-202691

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query with a crafted cDIPath parameter e.g., "/" may cause an out-of-bounds read in internal path-parsing logic, potentially leadi...

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor versions prior to 13.2 and 2025 2025.2, which originates from a specially crafted JavaScript call to search.query that results in an out-of-bounds read, which may lead to...

PT-2025-50617

Name of the Vulnerable Software and Affected Versions Foxit PDF and Editor versions prior to 13.2 Foxit PDF and Editor 2025 versions prior to 2025.2 Description A specially crafted PDF file containing JavaScript can trigger a use-after-free condition. This occurs when the JavaScript code attaches...