CVE-2025-27358 – mndpsingh287 Frontend File Manager Basic XSS Vulnerability

July 4, 2025

CVE ID : CVE-2025-27358

Published : July 4, 2025, 9:15 a.m. | 2 hours, 37 minutes ago

Description : Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in mndpsingh287 Frontend File Manager allows Code Injection. This issue affects Frontend File Manager: from n/a through 23.2.

Severity: 4.6 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-28951 – CreedAlly Bulk Featured Image Unrestricted File Upload Vulnerability

Next Article CVE-2025-24748 – LambertGroup All In One Slider Responsive SQL Injection

Highlights

CVE-2025-5868 – RT-Thread Array Index Validation Vulnerability

June 9, 2025

CVE ID : CVE-2025-5868

Published : June 9, 2025, 8:15 a.m. | 1 hour, 23 minutes ago

Description : A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function sys_thread_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index.

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2025-27358 – mndpsingh287 Frontend File Manager Basic XSS Vulnerability

CVE-2025-24748 – LambertGroup All In One Slider Responsive SQL Injection

CVE-2025-28951 – CreedAlly Bulk Featured Image Unrestricted File Upload Vulnerability

Our next-generation model: Gemini 1.5

Raspberry Pi 5 Desktop Mini PC: Increase Swap Memory Size

CVE-2025-1331 – IBM CICS TX Buffer Overflow Vulnerability

CVE-2025-37796 – “Linux Kernel WiFi at76c50x Use After Free”

CVE-2025-5868 – RT-Thread Array Index Validation Vulnerability

Fostering An Accessibility Culture

CVE-2025-46614 – Snowflake ODBC Driver Information Disclosure

CVE-2025-6321 – PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

CVE-2025-27358 – mndpsingh287 Frontend File Manager Basic XSS Vulnerability

Related Posts