CVE-2025-5177 – Realce Tecnologia Queue Ticket Kiosk Cross-Site Scripting Vulnerability

May 26, 2025

CVE ID : CVE-2025-5177

Published : May 26, 2025, 10:15 a.m. | 1 hour, 52 minutes ago

Description : A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. It has been rated as problematic. This issue affects some unknown processing of the file /adm/index.php of the component Admin Login Page. The manipulation of the argument Usuário leads to cross site scripting. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5178 – Realce Tecnologia Queue Ticket Kiosk Unrestricted File Upload Vulnerability

Next Article CVE-2025-4057 – ActiveMQ Artemis Password Regeneration Vulnerability

Highlights

CVE-2024-13858 – Buddyboss Platform Stored Cross-Site Scripting Vulnerability

May 2, 2025

CVE ID : CVE-2024-13858

Published : May 2, 2025, 7:15 a.m. | 2 hours, 4 minutes ago

Description : The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘invitee_name’ parameter in all versions up to, and including, 2.8.50 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 2.8.41.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Kong AI Gateway 3.11 introduces new method for reducing token costs

Native vs hybrid vs cross-platform: Resolving the trilemma

JetBrains updates Junie, Gemini API adds embedding model, and more – Daily News Digest

Distribution Release: Rescuezilla 2.6.1

GitHub Availability Report: June 2025

My favorite Bose products are on sale plus an extra 25% discount – if you buy refurbished

Microsoft saved $500 million using AI — after slashing over 15,000 jobs in 2025

The details of TC39’s last meeting

The details of TC39’s last meeting

Vector Search Embeddings and RAG

Python Meets Power Automate: Trigger via URL

Distribution Release: Rescuezilla 2.6.1

Distribution Release: Rescuezilla 2.6.1

InvenTree – inventory management system

Best Free and Open Source Alternatives to Autodesk Fusion

CVE-2025-5177 – Realce Tecnologia Queue Ticket Kiosk Cross-Site Scripting Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

I’ve had a ton of fun playing Skin Deep, but I hope the developers fix the game’s crashing problems

The Elder Scrolls 4: Oblivion Remastered — Xbox Game Pass, platforms, and everything you need to know

NZXT’s latest PC case is the one I’ve been dreaming about, but it might not be right for you

CVE-2025-37833 – Linux Niu PCI-MSIX Touch Entry Data Vulnerability

CVE-2024-13858 – Buddyboss Platform Stored Cross-Site Scripting Vulnerability

CVE-2025-32927 – Chimpstudio FoodBakery Deserialization of Untrusted Data Object Injection Vulnerability

As game prices rise, this excellent Hall Effect controller just dropped in price

A Web Designer, Complete Guide

CVE-2025-5177 – Realce Tecnologia Queue Ticket Kiosk Cross-Site Scripting Vulnerability

Related Posts