Progress Flowmon ADS 跨站脚本漏洞

Progress Flowmon ADS is a network traffic analysis and anomaly detection system developed by the American company Progress. Versions of Progress Flowmon ADS prior to 12.5.5 and 13.0.3 contained a cross-site scripting vulnerability. This vulnerability could lead to unexpected operations when...

CVE-2025-10240 Possibility of unintended actions when a user clicks a malicious link in the Progress Flowmon web application

A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session...

CVE-2025-10240

Progress Flowmon web application prior to version 12.5.5 is vulnerable to an issue where a user who clicks a crafted or malicious link can trigger unintended actions within their existing authenticated session. The CVE entry (CVE-2025-10240) lists a high impact with CVSS 3.1 score 8.8 (AV:N/AC:L/...

PT-2025-41378

Name of the Vulnerable Software and Affected Versions Flowmon versions prior to 12.5.5 Description Flowmon network monitoring solutions are affected by an issue that allows an authenticated administrator to execute additional unintended commands within scripts designed for troubleshooting. This...

PT-2025-41379

Name of the Vulnerable Software and Affected Versions Progress Flowmon versions prior to 12.5.5 Description A flaw exists in the Progress Flowmon web application that allows an attacker to manipulate authenticated users through malicious links. Clicking a crafted link can trigger unintended actio...

vmware_escape

This is an exploit module for VMware Workstation prior to version 12.5.5. The exploit targets a vulnerability in the way VMware handles certain types of memory access, allowing an attacker to execute arbitrary code on the host system. The exploit is designed to be used by an attacker who has gain...