MINI-56R2-5X35-2896

Bulletin has no description...

CVE-2026-2896

A weakness has been identified in funadmin up to 7.1.0-rc4. This affects the function setConfig of the file app/backend/controller/Ajax.php of the component Configuration Handler. Executing a manipulation can lead to improper authorization. The attack can be executed remotely. The exploit has bee...

CVE-2026-2896

creationtimestamp| type| source ---|---|--- 2026-02-22 04:34:56+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mfgcqlespt2b 2026-02-24 18:20:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfmrs2dnbe2a...

CVE-2026-2896

A weakness has been identified in funadmin up to 7.1.0-rc4. This affects the function setConfig of the file app/backend/controller/Ajax.php of the component Configuration Handler. Executing a manipulation can lead to improper authorization. The attack can be executed remotely. The exploit has bee...

CVE-2026-2896 funadmin Configuration Ajax.php setConfig improper authorization

A weakness has been identified in funadmin up to 7.1.0-rc4. This affects the function setConfig of the file app/backend/controller/Ajax.php of the component Configuration Handler. Executing a manipulation can lead to improper authorization. The attack can be executed remotely. The exploit has bee...

EUVD-2026-2896

Markdown Explorer 0.1.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious code through file uploads and editor inputs. Attackers can upload markdown files with embedded JavaScript payloads to execute remote commands and potentially gain system access...

MiracleLinux 4 : cups-1.4.2-44.AXS4 (AXSA:2012-67:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-67:01 advisory. The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. It has been developed by Easy Software Products to promote a...

MiracleLinux 3 : cups-1.3.7-30.0.1.AXS3 (AXSA:2012-265:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-265:01 advisory. The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. It has been developed by Easy Software Products to promote a...

CVE-2019-2896

Vulnerability in the MICROS Relate CRM Software product of Oracle Retail Applications component: Internal Operations. Supported versions that are affected are 7.1.0, 15.0.0, 16.0.0, 17.0.0, and 18.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP...

Linux Distros Unpatched Vulnerability : CVE-2020-2896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.19 and prior. Easi...

CVE-2025-2896

creationtimestamp| type| source ---|---|--- 2025-06-01 12:29:36+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqkbadd47vz2 2025-06-01 16:25:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqkogek2qp2k...

CVE-2023-2896

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processduplicateproduct function. This makes it possible for unauthenticated attackers to duplicate products via a...

CVE-2022-2896

creationtimestamp| type| source ---|---|--- 2025-04-16 17:57:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12127...

Linux Distros Unpatched Vulnerability : CVE-2011-2896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gifreadlzw function in...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2896-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2896-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were...

CVE-2019-2896

creationtimestamp| type| source ---|---|--- 2024-01-15 12:37:15+00:00| seen| https://t.me/ctinow/168313...

CVE-2023-2896 WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_duplicate_product

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processduplicateproduct function. This makes it possible for unauthenticated attackers to duplicate products via a...

CVE-2023-2896

CVE-2023-2896 affects the WP EasyCart WordPress plugin up to version 5.4.8. Root cause: missing or incorrect nonce validation in the process_duplicate_product function, enabling CSRF where unauthenticated attackers can induce a site admin to duplicate products via forged requests. Impact per sour...

CVE-2023-2896 WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_duplicate_product

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processduplicateproduct function. This makes it possible for unauthenticated attackers to duplicate products via a...

WordPress WP EasyCart Plugin <= 5.4.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP EasyCart Type Plugin Vulnerable versions = 5.4.8 Fixed in 5.4.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-2896 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 38d3a2d175fc Credits Alex Thomas Required...