CVE-2025-5177 – Realce Tecnologia Queue Ticket Kiosk Cross-Site Scripting Vulnerability

May 26, 2025

CVE ID : CVE-2025-5177

Published : May 26, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. It has been rated as problematic. This issue affects some unknown processing of the file /adm/index.php of the component Admin Login Page. The manipulation of the argument Usuário leads to cross site scripting. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5178 – Realce Tecnologia Queue Ticket Kiosk Unrestricted File Upload Vulnerability

Next Article CVE-2025-4057 – ActiveMQ Artemis Password Regeneration Vulnerability

Highlights

CVE-2025-4541 – LmxCMS SQL Injection Vulnerability

May 11, 2025

CVE ID : CVE-2025-4541

Published : May 11, 2025, 4:15 p.m. | 4 hours, 14 minutes ago

Description : A vulnerability classified as critical has been found in LmxCMS 1.41. Affected is the function manageZt of the file cadminZtAction.class.php of the component POST Request Handler. The manipulation of the argument sortid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Kong AI Gateway 3.11 introduces new method for reducing token costs

Native vs hybrid vs cross-platform: Resolving the trilemma

JetBrains updates Junie, Gemini API adds embedding model, and more – Daily News Digest

Cyberpunk 2077 Update 2.3 is bringing more vehicle customization, photo mode options, and one amazing new feature — launching this week

The cheapest place to get my games just got even cheaper — get an extra 10% off while you can

Destiny 2: The Edge of Fate reviews open ‘Mixed’ on Steam, with a player count only a fraction of The Final Shape’s — I’m surprised it’s this low after a new expansion

A rare opportunity is here to get an HP gaming laptop for only $500 — NVIDIA RTX graphics and a 144Hz display at a bargain price

The details of TC39’s last meeting

The details of TC39’s last meeting

Vector Search Embeddings and RAG

Python Meets Power Automate: Trigger via URL

FOSS Weekly #25.29: End of Ubuntu 24.10, AUR Issue, Terminal Tips, Screenshot Editing and More Linux Stuff

FOSS Weekly #25.29: End of Ubuntu 24.10, AUR Issue, Terminal Tips, Screenshot Editing and More Linux Stuff

Cyberpunk 2077 Update 2.3 is bringing more vehicle customization, photo mode options, and one amazing new feature — launching this week

The cheapest place to get my games just got even cheaper — get an extra 10% off while you can

CVE-2025-5177 – Realce Tecnologia Queue Ticket Kiosk Cross-Site Scripting Vulnerability

CVE-2025-7712 – The Madara WordPress Core Plugin Unvalidated File Deletion Vulnerability

CVE-2025-7735 – UNIMAX Hospital Information System SQL Injection

CVE-2025-32022 – Finit Urandom Heap Buffer Overwrite Vulnerability

minicom – serial communication program

CVE-2025-5733 – WordPress Modern Events Calendar Lite Full Path Disclosure

Botnet malware: What it is and how to fight it

CVE-2025-4541 – LmxCMS SQL Injection Vulnerability

CVE-2025-4173 – SourceCodester Online Eyewear Shop SQL Injection Vulnerability

Protect your important files in this encrypted, spacious SSD – now $80 off for Prime Day

CVE-2025-48241 – Verge3D Cross-site Scripting (XSS)

CVE-2025-5177 – Realce Tecnologia Queue Ticket Kiosk Cross-Site Scripting Vulnerability

Related Posts