CVE-2025-52776 – Thanhtungtnt Video List Manager Cross-site Scripting

July 4, 2025

CVE ID : CVE-2025-52776

Published : July 4, 2025, 12:15 p.m. | 2 hours ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in thanhtungtnt Video List Manager allows Stored XSS. This issue affects Video List Manager: from n/a through 1.7.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-50039 – VG WORT METIS Missing Authorization Vulnerability

Next Article CVE-2025-52805 – Leyka Path Traversal PHP Local File Inclusion Vulnerability

Highlights

CVE-2025-4724 – iSourcecode Placement Management System SQL Injection Vulnerability

May 15, 2025

CVE ID : CVE-2025-4724

Published : May 15, 2025, 10:15 p.m. | 2 hours, 42 minutes ago

Description : A vulnerability, which was classified as critical, has been found in itsourcecode Placement Management System 1.0. Affected by this issue is some unknown functionality of the file /student_profile.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Just days after joining Game Pass, the Xbox PC edition of Call of Duty: WW2 is taken offline for “an issue”

Xbox layoffs and game cuts wreak havoc on talented developers and the company’s future portfolio — Weekend discussion 💬

Microsoft plans to revamp Recall in Windows 11 with these new features

This 4K OLED monitor has stereo speakers that follow you — but it’s missing something “imPORTant”

Flaget – new small 5kB CLI argument parser

Flaget – new small 5kB CLI argument parser

The dog days of JavaScript summer

Databricks Lakebase – Database Branching in Action

Just days after joining Game Pass, the Xbox PC edition of Call of Duty: WW2 is taken offline for “an issue”

Just days after joining Game Pass, the Xbox PC edition of Call of Duty: WW2 is taken offline for “an issue”

Xbox layoffs and game cuts wreak havoc on talented developers and the company’s future portfolio — Weekend discussion 💬

Microsoft plans to revamp Recall in Windows 11 with these new features

CVE-2025-52776 – Thanhtungtnt Video List Manager Cross-site Scripting

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

Overwatch 2 developers at Blizzard Entertainment form union under Microsoft

I tried the new Gemini button in Google Photos – and classic search is officially history

CVE-2025-5902 – TOTOLINK T10 Buffer Overflow in POST Request Handler

Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs

CVE-2025-4724 – iSourcecode Placement Management System SQL Injection Vulnerability

22 Best Free and Open Source Linux Chemistry Tools

CVE-2025-5832 – Pioneer DMH-WT7600NEX Code Execution Vulnerability

CVE-2025-52717 – LifterLMS SQL Injection

CVE-2025-52776 – Thanhtungtnt Video List Manager Cross-site Scripting

Related Posts