CVE-1999-0604

An incorrect configuration of the WebStore 1.0 shopping cart CGI program "webstore.cgi" could disclose private information...

WordPress FastDup plugin <= 2.7 - Authenticated (Contributor+) Path Traversal via 'dir_path' REST Parameter vulnerability

Authenticated Contributor+ Path Traversal via 'dirpath' REST Parameter vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin FastDup versions = 2.7...

EUVD-2026-0604

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2021-0604

Malware in sbrugna...

CVE-2024-0604

The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2023-0604

The WP Food Manager WordPress plugin before 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2021-0604

In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

CVE-2025-0604

creationtimestamp| type| source ---|---|--- 2025-01-22 15:17:50+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdnzlrxio27 2025-03-11 00:47:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7075 2025-03-11 04:41:13+00:00| seen|...

CVE-2025-0604 vulnerabilities

Vulnerabilities for packages: keycloak-fips...

Photon OS 3.0: Docker PHSA-2023-3.0-0604

An update of the docker package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0604. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Cisco Unified IP Phone 9900 Series Arbitrary File Upload (CVE-2015-0604)

The web framework on Cisco Unified IP 9900 phones with firmware 9.4.1 and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424. This plugin only works with Tenable.ot. Please visit...

CVE-2024-0604

creationtimestamp| type| source ---|---|--- 2024-03-06 16:16:30+00:00| seen| https://t.me/ctinow/201479 2025-02-13 17:09:07+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4266 2025-02-14 10:08:10+00:00| seen| Telegram/Ohrguig6K9WU-maJvfHBCqJL34ZwO2yCBoEcWJdaog-Kcj3...

CVE-2024-0604

The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-0604 Best WordPress Gallery Plugin – FooGallery <= 2.4.7 -Authenticated(Administrator+) Stored Cross-Site Scripting via settings

The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-0604 Best WordPress Gallery Plugin – FooGallery <= 2.4.7 -Authenticated(Administrator+) Stored Cross-Site Scripting via settings

The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2024-0604

CVE-2024-0604 affects the FooGallery WordPress plugin (versions

WordPress FooGallery Plugin <= 2.4.7 is vulnerable to Cross Site Scripting (XSS)

Software FooGallery Type Plugin Vulnerable versions = 2.4.7 Fixed in 2.4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0604 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID ac989fb0fb91 Credits Akbar Kustirama Required...

Malicious code in wlwz-2312-0604 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2ad1fbd0f24939513ab22226e41c6de9cd2b9cdd56c550df75ee5140c1c21db Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-0604

creationtimestamp| type| source ---|---|--- 2023-08-07 18:13:47+00:00| seen| https://t.me/cibsecurity/67876...

CVE-2023-0604 WP Food Manager < 1.0.4 - Admin+ Stored XSS

The WP Food Manager WordPress plugin before 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...