VYPR

SVXportal

by SVXportal

CVEs (5)

  • CVE-2025-61532MedOct 9, 2025
    risk 0.40cvss 6.1epss 0.00

    Cross Site Scripting vulnerability in SVX Portal v.2.7A to execute arbitrary code via the TG parameter on last_heard_page.php component

  • CVE-2026-27506Feb 20, 2026
    risk 0.00cvss epss 0.00

    SVXportal version 2.5 and prior contain a stored cross-site scripting vulnerability in the user profile update workflow (user_settings.php submitting to admin/update_user.php). Authenticated users can store malicious HTML/JavaScript in fields such as Firstname, lastname, email,…

  • CVE-2026-27505Feb 20, 2026
    risk 0.00cvss epss 0.00

    SVXportal version 2.5 and prior contain a stored cross-site scripting vulnerability in the user registration workflow (index.php submitting to admin/user_action.php). User-supplied fields such as Firstname, lastname, and email are stored in the backend database without adequate…

  • CVE-2026-27504Feb 20, 2026
    risk 0.00cvss epss 0.00

    SVXportal version 2.5 and prior contain a reflected cross-site scripting vulnerability in radiomobile_front.php via the stationid query parameter. When an authenticated administrator views a crafted URL, the application embeds the unsanitized parameter value into a hidden input…

  • CVE-2026-27503Feb 20, 2026
    risk 0.00cvss epss 0.00

    SVXportal version 2.5 and prior contain a reflected cross-site scripting vulnerability in admin/log.php via the search query parameter. When an authenticated administrator views a crafted URL, the application embeds the unsanitized parameter value directly into an HTML input…

VYPR — Vulnerability Intelligence