CVE-2026-3489

creationtimestamp| type| source ---|---|--- 2026-04-16 13:05:02+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjmhxikp3s26 2026-04-16 13:15:15+00:00| seen| Telegram/AxxdIKwHC80bdVPCpOjpFf-JZoQD5Wyx830mnikToRUE...

CVE-2022-3489

The WP Hide WordPress plugin through 0.0.2 does not have authorisation and CSRF checks in place when updating the customwpadminslug settings, allowing unauthenticated attackers to update it with a crafted request...

CVE-2010-3489

Cross-site scripting XSS vulnerability in netautor/napro4/home/login2.php in CMS Digital Workroom formerly Netautor Professional 5.5.0 allows remote attackers to inject arbitrary web script or HTML via the goback parameter...

CVE-2025-3489

A vulnerability was found in Nababur Simple-User-Management-System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument name/username leads to cross site scripting. The attack may be launched...

CVE-2025-3489

creationtimestamp| type| source ---|---|--- 2025-04-10 05:32:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmgrododrw2z 2025-04-10 06:59:46+00:00| seen| https://t.me/cvedetector/22614...

CVE-2025-3489

A vulnerability was found in Nababur Simple-User-Management-System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument name/username leads to cross site scripting. The attack may be launched...

CVE-2025-3489

A vulnerability was found in Nababur Simple-User-Management-System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument name/username leads to cross site scripting. The attack may be launched...

CVE-2025-3489 Nababur Simple-User-Management-System register.php cross site scripting

A vulnerability was found in Nababur Simple-User-Management-System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument name/username leads to cross site scripting. The attack may be launched...

CVE-2025-3489

CVE-2025-3489 affects Nababur Simple-User-Management-System 1.0. The issue is in the file /register.php where manipulation of the name/username argument leads to cross-site scripting. The attack can be launched remotely and the exploit has been publicly disclosed. Multiple sources corroborate the...

CGA-W942-3489-9M4X

Bulletin has no description...

CVE-2024-3489

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the Countdown Expired Title in all versions up to, and including, 2.6.9.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

WordPress Exclusive Addons Elementor Plugin <= 2.6.9.4 is vulnerable to Cross Site Scripting (XSS)

Software Exclusive Addons Elementor Type Plugin Vulnerable versions = 2.6.9.4 Fixed in 2.6.9.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3489 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a90bfeef5229 Credits Webbernau...

CVE-2023-3489

creationtimestamp| type| source ---|---|--- 2023-08-31 07:12:48+00:00| seen| https://t.me/cibsecurity/69506...

CVE-2023-3489 firmwaredownload command could log servers passwords in clear text

The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS...

CVE-2023-3489 firmwaredownload command could log servers passwords in clear text

The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a downgrade from Fabric OS v9.2.0 to any earlier version of Fabric OS...

CVE-2023-3489

The vulnerability CVE-2023-3489 affects Brocade Fabric OS (Firmwaredownload command) and occurs when downgrading from v9.2.0 to earlier versions . The issue is that the command can log the FTP/SFTP/SCP server password in clear text in the SupportSave file, exposing credentials. This behavior is d...

Debian: Security Advisory (DLA-3489-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K32525759: Linux kernel vulnerability CVE-2021-3489

Security Advisory Description The eBPF RINGBUF bpfringbufreserve function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fix...

SUSE CVE-2012-3489

The xmlparse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content tha...

CVE-2022-3489 WP Hide <= 0.0.2 - Unauthenticated Settings Update

The WP Hide WordPress plugin through 0.0.2 does not have authorisation and CSRF checks in place when updating the customwpadminslug settings, allowing unauthenticated attackers to update it with a crafted request...