GO-2025-4117 File Browser is Vulnerable to Insecure Direct Object Reference (IDOR) in Share Deletion Function in github.com/filebrowser/filebrowser

File Browser is Vulnerable to Insecure Direct Object Reference IDOR in Share Deletion Function in github.com/filebrowser/filebrowser...

Linux Distros Unpatched Vulnerability : CVE-2018-4117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes...

CVE-2025-4117

Summary: CVE-2025-4117 affects Netgear JWNR2000v2, firmware 1.0.0.11, via the sub_41A914 function. The vulnerability arises when the host argument is manipulated, failing to properly validate input length and causing a buffer overflow. This is documented across multiple sources (including NVD, CN...

Debian: Security Advisory (DLA-4117-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-4117-1 atop - security update

Bulletin has no description...

CVE-2024-4117

A vulnerability was found in Tenda W15E 15.11.0.14 and classified as critical. Affected by this issue is the function formDelPortMapping of the file /goform/DelPortMapping. The manipulation of the argument portMappingIndex leads to stack-based buffer overflow. The attack may be launched remotely...

CVE-2022-4117

creationtimestamp| type| source ---|---|--- 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-01-31 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-31 2025-02-10 00:00:00+00:00| exploited| The Shadowserver...

CVE-2024-4117 Tenda W15E DelPortMapping formDelPortMapping stack-based overflow

A vulnerability was found in Tenda W15E 15.11.0.14 and classified as critical. Affected by this issue is the function formDelPortMapping of the file /goform/DelPortMapping. The manipulation of the argument portMappingIndex leads to stack-based buffer overflow. The attack may be launched remotely...

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'WatchGuard XTM Firebox Unauthenticated Remote Command Execution', 'Description' = %q This module exploits a buffer overflow at the...

VulnCheck KEV: CVE-2022-4117

The IWS WordPress plugin through 1.0 does not properly escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection...

PHPJabbers Rental Property Booking 2.0 - Reflected XSS Vulnerability

Exploit Title: PHPJabbers Rental Property Booking 2.0 - Reflected XSS Exploit Author: CraCkEr Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/rental-property-booking-calendar/ Version: 2.0 Tested on: Windows 10 Pro Impact: Manipulate the...

PHPJabbers Rental Property Booking 2.0 - Reflected XSS

Exploit Title: PHPJabbers Rental Property Booking 2.0 - Reflected XSS Exploit Author: CraCkEr Date: 22/07/2023 Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/rental-property-booking-calendar/ Version: 2.0 Tested on: Windows 10 Pro Impact:...

CVE-2023-4117

creationtimestamp| type| source ---|---|--- 2023-08-03 12:39:58+00:00| seen| https://t.me/cibsecurity/67631...

CVE-2023-4117

CVE-2023-4117 covers a cross-site scripting vulnerability in PHP Jabbers Rental Property Booking 2.0. Public details identify an issue in an unknown function of the file /index.php where manipulating the GET parameter index triggers RXSS. Reported attack vector indicates remote exploitation is po...

CVE-2023-4117 PHP Jabbers Rental Property Booking index.php cross site scripting

A vulnerability, which was classified as problematic, has been found in PHP Jabbers Rental Property Booking 2.0. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack may be launched remotely...

PHPJabbers Rental Property Booking 2.0 Cross Site Scripting

Exploit Title: PHPJabbers Rental Property Booking 2.0 - Reflected XSS Exploit Author: CraCkEr Date: 22/07/2023 Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/rental-property-booking-calendar/ Tested on: Windows 10 Pro Impact: Manipulate t...

CVE-2022-4117

The CVE-2022-4117 issue affects the WordPress IWS Geo Form Fields plugin (versions up to 1.0). The root cause is improper escaping of a parameter used in a SQL statement within an unauthenticated AJAX action, enabling unauthenticated SQL injection. The Nuclei/template and related sources describe...

Mageia: Security Advisory (MGASA-2018-0343)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-4117

yetiforcecrm is vulnerable to Business Logic Errors...

CVE-2021-4117

CVE-2021-4117 affects Yetiforcecrm / YetiForceCRM. Multiple connected sources describe a business logic error related to weight handling in the product data, with explicit notes that the weight value can be negative and that the issue stems from processing/validation logic. CVE entries and adviso...