CVE-2026-4119

creationtimestamp| type| source ---|---|--- 2026-04-22 09:00:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116447538532151230 2026-04-22 09:00:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mk353qm3xy2m 2026-04-22 11:16:16+00:00| published-proof-of-concept|...

EUVD-2026-4119

Dell Unisphere for PowerMax, versions 10.2.0.x, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...

CVE-2022-4119

The Image Optimizer, Resizer and CDN WordPress plugin before 6.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2021-4119

bookstack is vulnerable to Improper Access Control...

CVE-2011-4119

caml-light = 0.75 uses mktemp insecurely, and also does unsafe things in /tmp during make install...

CVE-2025-4119

creationtimestamp| type| source ---|---|--- 2025-04-30 17:55:22+00:00| seen| https://t.me/cvedetector/24120...

Debian: Security Advisory (DLA-4119-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2013-4119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service NULL pointer dereference and application crash by disconnecting before...

RHEL 7 : freerdp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - freerdp: Out-of-bounds write in rdprecvtpktpdu CVE-2017-2835 - FreeRDP before 1.1.0-beta1 allows remote...

Academy LMS 6.0 - Reflected XSS

Exploit Title: Academy LMS 6.0 - Reflected XSS Exploit Author: CraCkEr Date: 22/07/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Version: 6.0 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE:...

Academy LMS 6.0 - Reflected XSS Vulnerability

Exploit Title: Academy LMS 6.0 - Reflected XSS Exploit Author: CraCkEr Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Version: 6.0 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4119 Greetin...

CVE-2023-4119

creationtimestamp| type| source ---|---|--- 2023-08-03 12:40:09+00:00| seen| https://t.me/cibsecurity/67640...

CVE-2023-4119

Academy LMS 6.0 is affected by CVE-2023-4119: an XSS vulnerability in /academy/home/courses due to manipulation of query and sort_by parameters. The issue is remote-executable in the sense of script injection and is documented with practical proof (Exploit-DB) that shows /academy/home/courses?que...

Academy LMS 6.0 Cross Site Scripting

Exploit Title: Academy LMS 6.0 - Reflected XSS Exploit Author: CraCkEr Date: 22/07/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4119...

CVE-2022-4119

creationtimestamp| type| source ---|---|--- 2023-01-04 11:55:25+00:00| seen| https://t.me/cibsecurity/55749...

CVE-2022-4119 Image Optimizer, Resizer and CDN < 6.8.1 - Admin+ Stored XSS

The Image Optimizer, Resizer and CDN WordPress plugin before 6.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2022-4119

The CVE-2022-4119 entry concerns the WordPress plugin Image Optimizer, Resizer and CDN, prior to version 6.8.1. The vulnerability arises because the plugin does not adequately sanitize and escape certain settings, enabling Stored XSS by high-privilege users (such as admins) even when unfiltered_h...

BookStackApp BookStack Improper Access Control (CVE-2021-4119)

An improper access control vulnerability exists in BookStackApp BookStack. Successful exploitation of this vulnerability could allow a remote attacker to read sensitive files on the affected system...

CVE-2021-4119

creationtimestamp| type| source ---|---|--- 2021-12-15 22:40:22+00:00| seen| https://t.me/cibsecurity/34095...

CVE-2021-4119

bookstack is vulnerable to Improper Access Control...