Aggregator

CVE-2025-6699 | LabRedesCefetRJ WeGIA 3.4.0 Cadastro de Funcionário cadastro_funcionario.php Nome/Sobrenome cross site scripting (EUVD-2025-19205)

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability classified as problematic has been found in LabRedesCefetRJ WeGIA 3.4.0. This affects an unknown part of the file /html/funcionario/cadastro_funcionario.php of the component Cadastro de Funcionário. The manipulation of the argument Nome/Sobrenome leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-6699. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. This is a different issue than CVE-2025-23030. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6698 | LabRedesCefetRJ WeGIA 3.4.0 Adicionar tipo adicionar_tipoSaida.php Insira o novo tipo cross site scripting

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /html/matPat/adicionar_tipoSaida.php of the component Adicionar tipo. The manipulation of the argument Insira o novo tipo leads to cross site scripting. This vulnerability is handled as CVE-2025-6698. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6697 | LabRedesCefetRJ WeGIA 3.4.0 Adicionar tipo adicionar_tipoEntrada.php Insira o novo tipo cross site scripting

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /html/matPat/adicionar_tipoEntrada.php of the component Adicionar tipo. The manipulation of the argument Insira o novo tipo leads to cross site scripting. This vulnerability is known as CVE-2025-6697. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6696 | LabRedesCefetRJ WeGIA 3.4.0 Cadastro de Atendio Cadastro_Atendido.php Nome/Sobrenome cross site scripting (EUVD-2025-19197)

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It has been classified as problematic. Affected is an unknown function of the file /html/atendido/Cadastro_Atendido.php of the component Cadastro de Atendio. The manipulation of the argument Nome/Sobrenome leads to cross site scripting. This vulnerability is traded as CVE-2025-6696. It is possible to launch the attack remotely. Furthermore, there is an exploit available. This is a different issue than CVE-2025-22615. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6695 | LabRedesCefetRJ WeGIA 3.4.0 Additional Categoria adicionar_categoria.php Insira a nova categoria cross site scripting

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0 and classified as problematic. This issue affects some unknown processing of the file /html/matPat/adicionar_categoria.php of the component Additional Categoria. The manipulation of the argument Insira a nova categoria leads to cross site scripting. The identification of this vulnerability is CVE-2025-6695. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6694 | LabRedesCefetRJ WeGIA 3.4.0 Adicionar Unidade adicionar_unidade.php Insira a nova unidade cross site scripting

VulDB Recent Entries
2 months 3 weeks ago
A vulnerability has been found in LabRedesCefetRJ WeGIA 3.4.0 and classified as problematic. This vulnerability affects unknown code of the file /html/matPat/adicionar_unidade.php of the component Adicionar Unidade. The manipulation of the argument Insira a nova unidade leads to cross site scripting. This vulnerability was named CVE-2025-6694. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

Security Affairs
2 months 3 weeks ago
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these […]
Pierluigi Paganini

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

不安全
2 months 3 weeks ago
美国网络安全与基础设施安全局(CISA)将AMI MegaRAC SPx、D-Link DIR-859路由器和Fortinet FortiOS的三个漏洞加入已知被利用的漏洞目录。其中D-Link路由器存在严重路径遍历漏洞,已被用于窃取用户密码等信息。由于设备已过生命周期,厂商不再修复该问题。CISA要求联邦机构于2025年7月前解决这些漏洞以防止攻击。

Managed ad