CVE-2025-1842 | FITSTATS Technologies AthleteMonitoring up to 20250302 /login.php username cross site scripting

Inserito da Angelo Barbosa | Mar 2, 2025 | CVE

A vulnerability classified as problematic was found in FITSTATS Technologies AthleteMonitoring up to 20250302. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username leads to cross site scripting.

This vulnerability was named CVE-2025-1842. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-1842 | FITSTATS Technologies AthleteMonitoring up to 20250302 /login.php username cross site scripting

Post correlati

CVE-2024-48814 | Silverpeas 6.4.1 findbywhereclause ViewType sql injection

CVE-2024-9592 | Easy PayPal Gift Certificate Plugin up to 1.2.3 on WordPress wpppgc_plugin_options cross-site request forgery

CVE-2024-5343 | robosoft Photo Gallery, Images, Slider in Rbs Image Gallery Plugin rbs_ajax_create_article/rbs_ajax_reset_views cross-site request forgery

CVE-2024-12214 | hoststreamsell WooCommerce HSS Extension for Streaming Video Plugin cross site scripting