CVE-2026-3912

Injection vulnerabilities due to validation/sanitisation of user-supplied input in ActiveMatrix BusinessWorks and Enterprise Administrator allows information disclosure, including exposure of accessible local files and host system details, and may allow manipulation of application behaviour...

CVE-2026-3912

creationtimestamp| type| source ---|---|--- 2026-03-24 22:44:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhtnm24gdn2g...

Exploit for CVE-2024-3912

Why? Publishing because Mirai are a bunch of irrit...

EUVD-2026-3912

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Pets Land petsland allows PHP Local File Inclusion.This issue affects Pets Land: from n/a through = 1.2.8...

EUVD-2025-5924

Malicious code in bioql PyPI...

ECHO-3912-D237-1B7D

Bulletin has no description...

CVE-2022-3912

The User Registration WordPress plugin before 2.2.4.1 does not properly restrict the files to be uploaded via an AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload PHP files for example...

CVE-2009-3912

Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F encoded dot dot slash in the album parameter...

WordPress WS Form LITE plugin <= 1.10.35 - Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability

Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability discovered by Amin Beheshti in WordPress Plugin WS Form LITE versions = 1.10.35...

CVE-2025-3912

creationtimestamp| type| source ---|---|--- 2025-04-25 12:09:54+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13408 2025-04-25 13:19:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnncrofgdb2g 2025-04-25 15:00:28+00:00| seen| https://t.me/cvedetector/23749...

CVE-2025-3912 WS Form LITE – Drag & Drop Contact Form Builder for WordPress <= 1.10.35 - Missing Authorization to Unauthenticated Sensitive Information Exposure

The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getconfig' function in all versions up to, and including, 1.10.35. This makes it possible for unauthenticated attackers to...

CVE-2025-3912 WS Form LITE – Drag & Drop Contact Form Builder for WordPress <= 1.10.35 - Missing Authorization to Unauthenticated Sensitive Information Exposure

The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getconfig' function in all versions up to, and including, 1.10.35. This makes it possible for unauthenticated attackers to...

PT-2025-9021 · Draytek · Draytek Vigor 2862/2926 +9

Name of the Vulnerable Software and Affected Versions: Draytek Vigor 165/166 versions prior to 4.2.6 Draytek Vigor 2620/LTE200 versions prior to 3.9.8.8 Draytek Vigor 2860/2925 versions prior to 3.9.7 Draytek Vigor 2862/2926 versions prior to 3.9.9.4 Draytek Vigor 2133/2762/2832 versions prior to...

Debian: Security Advisory (DLA-3912-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : go -- net/http: denial of service due to improper 100-continue handling (b0374722-3912-11ef-a77e-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b0374722-3912-11ef-a77e-901b0e9408dc advisory. The Go project reports: net/http: denial of service due to improper 100-continue handling The net/http...

CVE-2024-3912

CVE-2024-3912 affects certain ASUS routers, described as an arbitrary firmware upload vulnerability that allows an unauthenticated remote attacker to upload files and execute system commands. Public details confirm a high-severity issue (CVSS v3.1 base score 9.8) with network access, no user inte...

CVE-2022-3912 User Registration < 2.2.4.1 - Subscriber+ Arbitrary File Upload

The User Registration WordPress plugin before 2.2.4.1 does not properly restrict the files to be uploaded via an AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload PHP files for example...

SUSE: Security Advisory (SUSE-SU-2022:3912-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5041-1] cfrpki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5041-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 11, 2022 https://www.debian.org/security/faq -...

CVE-2021-3912

creationtimestamp| type| source ---|---|--- 2021-11-12 00:38:09+00:00| seen| https://t.me/cibsecurity/32264...