CVE-2026-42644

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper BetterDocs betterdocs allows Retrieve Embedded Sensitive Data.This issue affects BetterDocs: from n/a through = 4.3.10...

CVE-2026-42644

The CVE-2026-42644 entry concerns WordPress WPDeveloper BetterDocs plugin versions up to 4.3.10, with a vulnerability described as Exposure of Sensitive System Information to an Unauthorized Control Sphere and the ability to Retrieve Embedded Sensitive Data. Connected documents provide limited de...

CVE-2026-22806

vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to versions 4.6.0, 4.5.4, 4.4.2, and 4.3.10, when an access key is created with a limited scope, the scope can be bypassed to access resources outside of it. However, the user...

CVE-2024-39675

A vulnerability has been identified in RUGGEDCOM RMC30 All versions V4.3.10, RUGGEDCOM RMC30NC All versions V4.3.10, RUGGEDCOM RP110 All versions V4.3.10, RUGGEDCOM RP110NC All versions V4.3.10, RUGGEDCOM RS400 All versions V4.3.10, RUGGEDCOM RS400NC All versions V4.3.10, RUGGEDCOM RS401 All...

EUVD-2017-2526

Malware in sbrugna...

EUVD-2024-2344

Malicious code in bioql PyPI...

RHBA-2020:2396 Red Hat Bug Fix Advisory: Red Hat Virtualization Engine security, bug fix 4.3.10

Bulletin has no description...

CVE-2024-38529 Admidio Vulnerable to RCE via Arbitrary File Upload in Message Attachment

Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.3.10, there is a Remote Code Execution Vulnerability in the Message module of the Admidio Application, where it is possible to upload a PHP file in the attachment. The...

Admidio 安全漏洞

Admidio is an open source member management system from the Admidio team. The system supports features such as member lists, event management, guestbooks, photo albums and downloads. A security vulnerability exists in Admidio versions prior to 4.3.10, which stems from the presence of a remote cod...

PT-2024-5487 · Admidio · Admidio

Name of the Vulnerable Software and Affected Versions: Admidio versions prior to 4.3.10 Description: A Remote Code Execution issue exists in the Message module of the Admidio Application. This is due to the lack of file extension verification, allowing malicious files to be uploaded to the server...

CS-Cart Unauthenticated XXE Vulnerability

CS-Cart is a PHP and MySQL based e-commerce software system developed by CS-Cart team. The system supports third-party software extensions, customized promotional strategies, product filtering definitions and more. A security vulnerability exists in several pages of CS-Cart version 4.3.10, which...

CS-Cart 4.3.10 - XML External Entity Injection Vulnerability

Exploit for php platform in category web applications Software : CS-Cart Ahmed sultan 0x4148 "; echo rawurlencodebase64encode$xml; ? change YOURHOST to your server address , use the output in the following POST request Action - HOST/cs-cart/index.php?dispatch=twigmo.post Data -...

CVE-2006-0097

Stack-based buffer overflow in the createnamedpipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long 1 arghost or 2 argunixsocket argument, as demonstrated by a long named pipe variable in the host argument to the...

DEBIAN-CVE-2014-2441

Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.32, 4.2.24, and 4.3.10 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver WDDM for Windows guests...

CVE-2008-4448

Cross-site request forgery CSRF vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to perform unauthorized actions as an administrator, including file deletion and creation, via a link or IMG tag to the 1 overkill, 2 futils, or 3 edit actions...

CVE-2008-4447

Cross-site scripting XSS vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via 1 the fn parameter during a dload action, 2 the mask parameter during a search action, and 3 the tab parameter during a sysinfo...

Cross site scripting

Cross-site scripting XSS vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via 1 the fn parameter during a dload action, 2 the mask parameter during a search action, and 3 the tab parameter during a sysinfo...

CVE-2008-4447

CVE-2008-4447 is a documented XSS vulnerability in Positive Software H-Sphere WebShell 4.3.10, exploitable via (1) fn in dload, (2) mask in search, or (3) tab in sysinfo within actions.php. The connected sources confirm the affected product/version and the vulnerable parameters, establishing a cr...

H-Sphere WebShell 4.3.10 - actions.php Multiple Cross-Site Scripting Vulnerabilities

H-Sphere WebShell 4.3.10 - actions.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/31524/info H-Sphere WebShell is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may...

PHPHoo3 < 5.2.6 - 'viewCat' SQL Injection

Viva IslaM Viva IslaM Remote SQL injection Vulnerability phpHoo3 V 4.4.8 - 4.3.9 - 4.3.10 - 5.2.6 - phpHoo3.php viewCat AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM && WwW.AtsDp.CoM/f Email : [email protected] SYRiAN Arab HACkErS -: Exploites for versions :- V4.4.8...