CVE-2025-5127 – FLIR AX8 Cross-Site Scripting Vulnerability

May 24, 2025

CVE ID : CVE-2025-5127

Published : May 24, 2025, 4:15 p.m. | 4 hours, 39 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in FLIR AX8 up to 1.46.16. This issue affects some unknown processing of the file /prod.php. The manipulation of the argument cmd leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5128 – ScriptAndTools Real-Estate-website-in-PHP SQL Injection Vulnerability

Next Article RefreshOS is a distribution built on the robust foundation of Debian

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

Google Pixel 10 Pro vs. iPhone 16 Pro: I’ve used both handsets, and there’s a clear winner

Master these 48 Windows keyboard shortcuts and finish work early

Why the Pixel 10 is making this longtime iPhone user reconsider their next phone

Google Pixel 10 Pro Fold vs. Samsung Galaxy Z Fold 7: I compared both Androids, and here’s the winner

PERFIXION 2025: Powering AI Ideas

PERFIXION 2025: Powering AI Ideas

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

Reports say Windows 11 update is bricking drives — is yours on the list?

Razer finally remembered I don’t live in China, so now we can all get this cool Gengar gaming headset

CVE-2025-5127 – FLIR AX8 Cross-Site Scripting Vulnerability

Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot

CVE-2025-8208 – Spexo Addons for Elementor WordPress Stored Cross-Site Scripting

Hackers Started Exploiting CitrixBleed 2 Vulnerability Before Public PoC Disclosure

CVE-2025-4883 – D-Link DI-8100 ASP Context Buffer Overflow

CVE-2025-5865 – RT-Thread Parameter Handler Memory Corruption Vulnerability

CVE-2025-46814 – FastAPI Guard HTTP Header Injection Vulnerability

I tested DJI’s latest flagship drone, and it’s straight from the future (with one caveat)

I’ve enjoyed FBC: Firebreak in preview, and I’m looking forward to more sticky notes, leeches, and showers this summer

CVE-2025-50108 – Oracle Hyperion Financial Reporting Workspace HTTP Unauthorized Access and Data Modification

CVE-2025-4723 – iSourcecode Placement Management System SQL Injection Vulnerability

CVE-2025-5127 – FLIR AX8 Cross-Site Scripting Vulnerability

Related Posts