CVE-2025-5966 – Zohocorp ManageEngine Exchange Reporter Plus Stored Cross-Site Scripting (XSS)

June 26, 2025

CVE ID : CVE-2025-5966

Published : June 26, 2025, 1:15 p.m. | 1 hour, 29 minutes ago

Description : Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6693 – RT-Thread Device Memory Corruption Vulnerability

Next Article CVE-2025-6562 – Hunt Electronic Hybrid DVR OS Command Injection Vulnerability

Highlights

CVE-2025-6158 – D-Link DIR-665 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability

June 17, 2025

CVE ID : CVE-2025-6158

Published : June 17, 2025, 4:15 a.m. | 2 hours, 9 minutes ago

Description : A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function sub_AC78 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-5966 – Zohocorp ManageEngine Exchange Reporter Plus Stored Cross-Site Scripting (XSS)

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-49443 – Chris McCoy Bacon Ipsum Cross-site Scripting Vulnerability

CVE-2025-53902 – Tuleap Information Disclosure Vulnerability

Last Call: Early Access for NativePHP Ends This Week

Distribution Release: Regata OS 25.0.3

CVE-2025-6158 – D-Link DIR-665 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability

CVE-2025-4579 – WordPress Content Security Plugin Stored Cross-Site Scripting

How to Build an Always Listening Network Connectivity Checker in Flutter using BLoC

The 10 Best WordPress Hosting Options for Small Businesses in 2025

CVE-2025-5966 – Zohocorp ManageEngine Exchange Reporter Plus Stored Cross-Site Scripting (XSS)

Related Posts