CVE-2025-5661 – “Traffic Offense Reporting System XSS Vulnerability”

June 5, 2025

CVE ID : CVE-2025-5661

Published : June 5, 2025, 2:15 p.m. | 53 minutes ago

Description : A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part of the file /save-settings.php of the component Setting Handler. The manipulation of the argument site_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5663 – PHPGurukul Auto Taxi Stand Management System SQL Injection Vulnerability

Next Article CVE-2025-5382 – Devolutions Server Access Control Bypass

Highlights

CVE-2025-34069 – Kerio Control Authentication Bypass through Insecure Proxy Configuration

July 2, 2025

CVE ID : CVE-2025-34069

Published : July 2, 2025, 2:15 p.m. | 1 hour, 1 minute ago

Description : An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent, bypassing firewall restrictions and exposing internal management endpoints. This enables unauthenticated attackers to access the GFIAgent service on ports 7995 and 7996, retrieve the appliance UUID, and issue administrative requests via the proxy. Exploitation results in full administrative access to the Kerio Control appliance.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

I finally gave NotebookLM my full attention – and it really is a total game changer

Google Chrome for iOS now lets you switch between personal and work accounts

How the Trump administration changed AI: A timeline

Download your photos before AT&T shuts down its cloud storage service permanently

Laravel Live Denmark

Laravel Live Denmark

The July 2025 Laravel Worldwide Meetup is Today

Livewire Security Vulnerability

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Halo and Half-Life combine in wild new mod, bringing two of my favorite games together in one — here’s how to play, and how it works

Surprise! The iconic Roblox ‘oof’ sound is back — the beloved meme makes “a comeback so good it hurts” after three years of licensing issues

CVE-2025-5661 – “Traffic Offense Reporting System XSS Vulnerability”

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

CVE-2025-5493 – Baison Channel Middleware SQL Injection

SphereView – image viewer

CVE-2025-5516 – TOTOLINK X2000R Cross-Site Scripting Vulnerability

Evaluating Enterprise-Grade AI Assistants: A Benchmark for Complex, Voice-Driven Workflows

CVE-2025-34069 – Kerio Control Authentication Bypass through Insecure Proxy Configuration

Hashes – simple hash algorithm identification

AI isn’t replacing UX, it’s upgrading it

CVE-2025-26845 – Znuny Eval Injection Vulnerability

CVE-2025-5661 – “Traffic Offense Reporting System XSS Vulnerability”

Related Posts