CVE-2026-4013 SourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorization

A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file addadmin.php. Such manipulation leads to improper authorization. The attack may be launched remotely...

CVE-2026-4013

A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file addadmin.php. Such manipulation leads to improper authorization. The attack may be launched remotely...

CVE-2026-4013

CVE-2026-4013 affects SourceCodester Web-based Pharmacy Product Management System 1.0. The vulnerability is tied to an issue in an unknown function of the file add_admin.php, enabling improper authorization and potentially allowing remote exploitation. The CVSS metrics indicate a MEDIUM severity ...

CVE-2026-4013

creationtimestamp| type| source ---|---|--- 2026-03-12 07:16:11+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4013 2026-03-12 09:14:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgu2qwbuni2d...

CVE-2018-4013

creationtimestamp| type| source ---|---|--- 2026-03-04 21:17:54+00:00| seen| https://gist.github.com/OxBat/68c6985e8109c209a2842933de844b8b...

EUVD-2026-4013

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CleverReach® CleverReach® WP cleverreach-wp allows SQL Injection.This issue affects CleverReach® WP: from n/a through = 1.5.22...

CVE-2009-4013

Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving 1 control field names, 2 control field values, and 3 control file...

CVE-2023-4013

The GDPR Cookie Compliance CCPA, DSGVO, Cookie Consent WordPress plugin before 4.12.5 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks...

CVE-2022-4013

A vulnerability classified as problematic was found in Hospital Management Center. Affected by this vulnerability is an unknown functionality of the file appointment.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to t...

CVE-2012-4013

The WebView class in the Cybozu KUNAI Browser for Remote Service application beta for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL...

CVE-2025-4013

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. It is possible to launch the attack remotely. The explo...

CVE-2025-4013

creationtimestamp| type| source ---|---|--- 2025-04-28 09:41:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnuhxjlscs2v 2025-04-28 10:10:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13671 2025-04-28 13:13:32+00:00| seen|...

CVE-2025-4013

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. It is possible to launch the attack remotely. The explo...

CVE-2025-4013

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. It is possible to launch the attack remotely. The explo...

CVE-2025-4013 PHPGurukul Art Gallery Management System aboutus.php sql injection

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. It is possible to launch the attack remotely. The explo...

CVE-2025-4013 PHPGurukul Art Gallery Management System aboutus.php sql injection

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. It is possible to launch the attack remotely. The explo...

CVE-2024-4013

A bug exists in the API, meshnodepoweroff, which fails to copy the contents of the Replay Protection List RPL from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning...

CVE-2024-4013

The CVE-2024-4013 entry describes a bug in the API function mesh_node_power_off() where Replay Protection List (RPL) contents are not copied from RAM to NVM before shutdown. This prevents preservation of RPL state and enables replay of unsaved messages. The entry notes a renaming from Gecko SDK t...

CVE-2023-4013 GDPR Cookie Compliance < 4.12.5 - License Update/Deactivation via CSRF

The GDPR Cookie Compliance CCPA, DSGVO, Cookie Consent WordPress plugin before 4.12.5 does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks...

Debian: Security Advisory (DSA-1979-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...