CVE-2025-12916

A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3.0. Impacted is an unknown function of the file /fort/portallogin of the component Frontend. This manipulation of the argument loginUrl causes command injection. The attack may be initiated remotely. T...

CVE-2025-12916

A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3.0. Impacted is an unknown function of the file /fort/portallogin of the component Frontend. This manipulation of the argument loginUrl causes command injection. The attack may be initiated remotely. T...

PT-2025-45573

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Security Management System versions prior to 3.0.11 Description A command injection issue exists in the Sangfor Operation and Maintenance Security Management System. The issue is related to the manipulation of...

EUVD-2025-33714

The Kiwire Captive Portal contains a reflected cross-site scripting XSS vulnerability within the login-url parameter, allowing for Javascript execution...

PT-2025-31870 · Exrick +1 · Exrick Xboot +1

Name of the Vulnerable Software and Affected Versions: Exrick xboot versions through 3.3.4 Description: A critical vulnerability exists in Exrick xboot related to the Swagger component. The issue involves server-side request forgery SSRF resulting from the manipulation of the loginUrl argument...

CMSUno 1.6.2 Remote Code Execution

Exploit Title: CMSUno 1.6.2 - 'user' Remote Code Execution Authenticated Google Dork: N/A Date: 2020.09.30 Exploit Author: Fatih Çelik Vendor Homepage: https://github.com/boiteasite/cmsuno/ Software Link: https://github.com/boiteasite/cmsuno/ Blog:...