Security Vulnerabilities
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-13
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-13
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Prior to 25.7.0, there is a reflected-XSS in `report_this` function in `librenms/includes/functions.php`. The `report_this` function had improper filtering (`htmlentities` function was incorrectly use in a href environment), which caused the `project_issues` parameter to trigger an XSS vulnerability. This vulnerability is fixed in 25.7.0.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-10-13
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-13
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-13
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-13
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-13
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary data from the database.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-13
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, the log parameter in configuracao_geral.php is vulnerable to Reflected Cross-Site Scripting (XSS). An attacker can inject arbitrary JavaScript, which executes in the victim’s browser. This vulnerability is fixed in 3.5.1.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-10-13
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.0, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the /pet/profile_pet.php?id_pet= endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the id_pet parameter. This vulnerability is fixed in 3.5.0.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-10-13