CVE-2025-11332 CmsEasy URL view.php cross site scripting

A vulnerability was determined in CmsEasy up to 7.7.7. This affects an unknown function in the library lib/inc/view.php of the component URL Handler. Executing a manipulation of the argument PHPSELF can lead to cross site scripting. The attack may be launched remotely. The exploit has been public...

PT-2017-14831 · Tin +2 · Tin +2

Name of the Vulnerable Software and Affected Versions: TIN version 2.4.1 Description: The issue concerns the tools/url handler.pl script in TIN, which does not validate strings before launching the program specified by the BROWSER environment variable. This might allow remote attackers to conduct...