CVE-2026-1830 Quick Playground <= 1.3.1 - Missing Authorization to Unauthenticated Arbitrary File Upload

The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient authorization checks on REST API endpoints that expose a sync code and allow arbitrary file uploads. This makes it possible for unauthenticated...

CVE-2026-1830

creationtimestamp| type| source ---|---|--- 2026-04-08 20:16:03+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-1830 2026-04-09 04:30:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mizxwyinu42y 2026-04-09 04:30:30+00:00| seen|...

CVE-2025-1830

A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as problematic. This issue affects some unknown processing of the component Customer Information Handler. The manipulation of the argument Customer Name leads to cross site scripting. The attack may be initiated remotely. The...

EUVD-2014-3747

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2013-1830

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not enforce the forceloginforprofiles setting, which...

CVE-2020-1830

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. This...

CVE-2012-1830

Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555...

blog.mb-1830.com Cross Site Scripting vulnerability OBB-4038608

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2025-1830

creationtimestamp| type| source ---|---|--- 2025-03-02 20:28:54+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6109 2025-03-02 22:47:43+00:00| seen| https://t.me/cvedetector/19270 2025-03-02 23:38:59+00:00| seen|...

CVE-2025-1830

A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as problematic. This issue affects some unknown processing of the component Customer Information Handler. The manipulation of the argument Customer Name leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2025-1830 zj1983 zz Customer Information cross site scripting

A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as problematic. This issue affects some unknown processing of the component Customer Information Handler. The manipulation of the argument Customer Name leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2025-1830 zj1983 zz Customer Information cross site scripting

A vulnerability was found in zj1983 zz up to 2024-8. It has been rated as problematic. This issue affects some unknown processing of the component Customer Information Handler. The manipulation of the argument Customer Name leads to cross site scripting. The attack may be initiated remotely. The...

CVE-2025-1830

CVE-2025-1830 affects zj1983 zz up to 2024-08, specifically the Customer Information Handler component. The vulnerability arises from manipulation of the Customer Name argument, enabling cross-site scripting (XSS). Attack may be remote; several sources note that the exploit has been disclosed pub...

openSUSE Security Advisory (SUSE-SU-2024:1830-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-1830 code-projects Library System lost-password.php sql injection

A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file Source/librarian/user/student/lost-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched...

Amazon Linux AMI : libtiff (ALAS-2023-1830)

The version of libtiff installed on the remote host is prior to 4.0.3-35.45. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1830 advisory. LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a...

Amazon Linux 2 : golang, --advisory ALAS2-2022-1830 (ALAS-2022-1830)

The version of golang installed on the remote host is prior to 1.18.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1830 advisory. A null pointer dereference vulnerability was found in golang. When using the library's ssh server without specifying an...

CVE-2022-1830

CVE-2022-1830 affects the WordPress plugin Amazon Einzeltitellinks (versions ≤ 1.3.3). The root cause is absence of CSRF protection when updating settings, allowing an authenticated admin to perform changes via CSRF and triggering Stored XSS due to insufficient sanitisation/escaping. Exploitation...

openSUSE: Security Advisory for MozillaFirefox (SUSE-SU-2022:1830-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle Linux 8 : postgresql:10 (ELSA-2022-1830)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1830 advisory. 10.19-2 - Add missing files into file section of server package postgresql-setup v8.6 newly provides postgresql-upgrade Tenable has extracted the preceding...