CVE-2025-5177 – Realce Tecnologia Queue Ticket Kiosk Cross-Site Scripting Vulnerability

May 26, 2025

CVE ID : CVE-2025-5177

Published : May 26, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. It has been rated as problematic. This issue affects some unknown processing of the file /adm/index.php of the component Admin Login Page. The manipulation of the argument Usuário leads to cross site scripting. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5178 – Realce Tecnologia Queue Ticket Kiosk Unrestricted File Upload Vulnerability

Next Article CVE-2025-4057 – ActiveMQ Artemis Password Regeneration Vulnerability

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences

From Zero to MCP: Simplifying AI Integrations with xmcp

Distribution Release: Linux Mint 22.2

Coded Smorgasbord: Basically, a Smorgasbord

Drupal 11’s AI Features: What They Actually Mean for Your Team

Drupal 11’s AI Features: What They Actually Mean for Your Team

Why Data Governance Matters More Than Ever in 2025?

Perficient Included in the IDC Market Glance for Digital Business Professional Services, 3Q25

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

CVE-2025-5177 – Realce Tecnologia Queue Ticket Kiosk Cross-Site Scripting Vulnerability

Critical Linux UDisks Daemon Vulnerability (CVE-2025-8067) Exposes Privileged Data to Local Attackers

Google Slapped with $381 Million Fine in France Over Gmail Ads, Cookie Consent Missteps

NVIDIA’s RTX 5060 is here, but don’t expect to read any real reviews

Microsoft warns its Quick Assist app could expose Windows and macOS users to AI-driven tech support scams and “scareware”

CVE-2025-4692 – ABUP Cloud Update Platform JWT Privilege Escalation Vulnerability

CVE-2025-7324 – IrfanView CADImage Plugin DXF File Parsing Out-Of-

CVE-2025-40671 – AES Multimedia Gestnet SQL Injection

CVE-2025-6982 – TP-Link Archer C50 Hard-coded Credentials Vulnerability

Linux Mint 22.2 Beta Released, This is What’s New

CVE-2025-46814 – FastAPI Guard HTTP Header Injection Vulnerability

CVE-2025-5177 – Realce Tecnologia Queue Ticket Kiosk Cross-Site Scripting Vulnerability

Related Posts