MINI-3958-JMH3-H2X9

Bulletin has no description...

CVE-2026-3958 Woahai321 ListSync JSON api_server.py requests.post server-side request forgery

A vulnerability has been found in Woahai321 ListSync up to 0.6.6. This issue affects the function requests.post of the file list-sync-main/apiserver.py of the component JSON Handler. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The...

CGA-3958-9CQJ-J9W6

Bulletin has no description...

EUVD-2026-3958

Missing Authorization vulnerability in FmeAddons Registration & Login with Mobile Phone Number for WooCommerce registration-login-with-mobile-phone-number allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Registration & Login with Mobile Phone Number for...

EUVD-2013-3958

Malware in sbrugna...

CVE-2023-3958

The WP Remote Users Sync plugin for WordPress is vulnerable to Server Side Request Forgery via the 'notifypingremote' AJAX function in versions up to, and including, 1.2.12. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary locatio...

CVE-2020-3958

VMware ESXi 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, VMware Workstation 15.x before 15.5.2 and VMware Fusion 11.x before 11.5.2 contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with...

CVE-2019-3958

Insufficient output sanitization in WallacePOS 1.4.3 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks via a crafted sales transaction...

CVE-2013-3958

The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request...

CVE-2025-3958

A vulnerability was found in withstars Books-Management-System 1.0. It has been classified as problematic. Affected is an unknown function of the file /bookeditdo.html of the component Book Edit Page. The manipulation of the argument Name leads to cross site scripting. It is possible to launch th...

CVE-2025-3958

creationtimestamp| type| source ---|---|--- 2025-04-27 04:09:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13601 2025-04-27 04:40:02+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnrgakkjlek2 2025-04-27...

CVE-2025-3958 withstars Books-Management-System Book Edit Page book_edit_do.html cross site scripting

A vulnerability was found in withstars Books-Management-System 1.0. It has been classified as problematic. Affected is an unknown function of the file /bookeditdo.html of the component Book Edit Page. The manipulation of the argument Name leads to cross site scripting. It is possible to launch th...

CVE-2025-3958

CVE-2025-3958 affects withstars Books-Management-System 1.0. The vulnerability resides in an unknown function of the file /book_edit_do.html in the Book Edit Page, where manipulation of the Name parameter triggers cross-site scripting (XSS). It is described as remotely exploitable and publicly di...

CVE-2025-3958 withstars Books-Management-System Book Edit Page book_edit_do.html cross site scripting

A vulnerability was found in withstars Books-Management-System 1.0. It has been classified as problematic. Affected is an unknown function of the file /bookeditdo.html of the component Book Edit Page. The manipulation of the argument Name leads to cross site scripting. It is possible to launch th...

Debian: Security Advisory (DLA-3958-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:3958-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3958

creationtimestamp| type| source ---|---|--- 2024-08-08 13:53:43+00:00| seen| https://t.me/cvedetector/2786 2024-08-20 04:31:33+00:00| seen| https://t.me/MrVGunz/1259...

CVE-2024-3958 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into...

CVE-2024-3958 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into...

GitLab < 17.0.6 / 17.1 < 17.1.4 / 17.2 < 17.2.2 (CVE-2024-3958)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between...