CVE-2025-4075 – VMSMan Cross Site Scripting Vulnerability

April 29, 2025

CVE ID : CVE-2025-4075

Published : April 29, 2025, 6:15 p.m. | 52 minutes ago

Description : A vulnerability was found in VMSMan up to 20250416. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument Email with the input “> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4076 – LB-LINK BL-AC3600 Password Handler Command Injection Vulnerability

Next Article CVE-2025-4074 – PHPGurukul Curfew e-Pass Management System SQL Injection Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

“Bing was not as bad as I thought it was” — search engine gets backhanded compliment as experts explore why people use Google

EA cancels Titanfall incubation project, lays off staff at Apex Legends and Star Wars Jedi developer Respawn Entertainment

“Fear not—we are cooking!” Helldivers 2 devs say there’s “exciting news to come” and a new Warbond in May as we defeat the Illuminate, which surely means it’s about to invade for real and kill us all

The Game Pass hit STALKER 2 just got a huge Xbox award, and I can’t think of a game more deserving

Solution Highlight – Oracle Revenue Management / SSP – Part 1

Solution Highlight – Oracle Revenue Management / SSP – Part 1

Community News: Latest PECL Releases (04.29.2025)

Using Sitecore Connect and OpenAI: A Practical Example for Page Metadata Enhancement

“Bing was not as bad as I thought it was” — search engine gets backhanded compliment as experts explore why people use Google

“Bing was not as bad as I thought it was” — search engine gets backhanded compliment as experts explore why people use Google

EA cancels Titanfall incubation project, lays off staff at Apex Legends and Star Wars Jedi developer Respawn Entertainment

“Fear not—we are cooking!” Helldivers 2 devs say there’s “exciting news to come” and a new Warbond in May as we defeat the Illuminate, which surely means it’s about to invade for real and kill us all

CVE-2025-4075 – VMSMan Cross Site Scripting Vulnerability

CISA Sounds the Alarm: Broadcom and Commvault Flaws Under Active Exploitation! ️

Avast Antivirus Vulnerability Let Attackers Escalate Privileges

Easy way to upload, transform and deliver files and images

Distribution Release: OpenMandriva Lx 6.0

Some of Call of Duty: Warzone’s biggest players use this weapon optic, so I tried it — it totally changed the game

This AI Paper by Reka AI Introduces Vibe-Eval: A Comprehensive Suite for Evaluating AI Multimodal Models

Cloudflare DNS Resolver Hit by BGP Hijack

This gorgeous mid-sized gaming tower showcases the best from HP OMEN desktops

Can LLMs Design Good Questions Based on Context? This AI Paper Evaluates Questions Generated by LLMs from Context, Comparing Them to Human-Generated Questions

Flight – fast, simple, extensible framework for PHP

CVE-2025-4075 – VMSMan Cross Site Scripting Vulnerability

Related Posts