MINI-WW2J-3969-8P2G

Bulletin has no description...

CVE-2026-3969

A vulnerability was detected in FeMiner wms up to 1.0. This impacts an unknown function of the file /wms-master/src/basic/depart/departaddbg.php of the component Basic Organizational Structure Module. Performing a manipulation of the argument Name results in sql injection. The attack may be...

EUVD-2026-3969

Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogistic blogistic allows Using Malicious Files.This issue affects Blogistic: from n/a through = 1.0.5...

CVE-2022-3969

A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this...

CVE-2021-3969

A Time of Check Time of Use TOCTOU vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3that could allow a local attacker to elevate privileges...

CVE-2025-3969

creationtimestamp| type| source ---|---|--- 2025-04-27 12:10:01+00:00| seen| https://bsky.app/profile/potato.software/post/3lns7t7mrx22f 2025-04-27 13:09:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13618 2025-04-27 14:38:59+00:00| seen| https://t.me/cvedetector/238...

CVE-2025-3969 codeprojects News Publishing Site Dashboard Edit Category Page edit-category.php unrestricted upload

A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0. It has been rated as critical. This issue affects some unknown processing of the file /edit-category.php of the component Edit Category Page. The manipulation of the argument categoryimage leads to unrestricted upload...

CVE-2025-3969

CVE-2025-3969 concerns the Codeprojects News Publishing Site Dashboard 1.0. The vulnerability is in the Edit Category Page’s /edit-category.php where manipulating the category_image argument leads to unrestricted file uploads. This could enable remote attackers to upload arbitrary files, with pot...

CVE-2025-3969 codeprojects News Publishing Site Dashboard Edit Category Page edit-category.php unrestricted upload

A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0. It has been rated as critical. This issue affects some unknown processing of the file /edit-category.php of the component Edit Category Page. The manipulation of the argument categoryimage leads to unrestricted upload...

CVE-2024-3969

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload...

Debian: Security Advisory (DLA-3969-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3969

CVE-2024-3969 affects OpenText iManager 3.2.6.0200 and is described as an XML External Entity (XXE) injection vulnerability that could lead to remote code execution by parsing untrusted XML payloads. The public records indicate a CVSSv3.1 base score of 9.8 (CRITICAL) with network attack vector, n...

CVE-2024-3969 XML External Entity injection vulnerability in iManager

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload...

CVE-2024-3969 XML External Entity injection vulnerability in iManager

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload...

Janitza UMG Power Quality Measuring Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-3969)

Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to obtain sensitive network-connection information via a request to UDP port 1 1234 or 2 1235. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVE...

CVE-2023-3969

CVE-2023-3969 affects GZ Scripts Availability Booking Calendar PHP 1.0. The vulnerability lies in the HTTP POST Request Handler (index.php) where manipulation of the promo_code argument enables cross-site scripting. Exploitation is described as remote with the public disclosure of the exploit. Af...

SUSE CVE-2014-3969

Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors...

CVE-2022-3969 OpenKM FileUtils.java getFileExtension temp file

A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this...

CVE-2022-3969

OpenKM up to 6.3.11 contains a vulnerability in getFileExtension (src/main/java/com/openkm/util/FileUtils.java) that can lead to an insecure temporary file. Root cause: manipulation of file extension handling. The fix is upgrading to OpenKM 6.3.12, with patch c069e4d73ab8864345c25119d8459495f4545...

CVE-2021-3969

TOCTOU vulnerability CVE-2021-3969 affects Lenovo System Interface Foundation’s IMController before version 1.1.20.3, enabling local privilege elevation due to a race condition in Time of Check/Time of Use. Impact is local privilege escalation with partial confidentiality/integrity/availability i...