CVE-2026-4136

creationtimestamp| type| source ---|---|--- 2026-03-20 06:19:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhhupsk52h2k...

CVE-2025-4136

creationtimestamp| type| source ---|---|--- 2025-04-30 21:55:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo2rxiziqb2h 2025-05-01 00:37:01+00:00| seen| https://t.me/cvedetector/24160...

CVE-2025-4136

A vulnerability was found in Weitong Mall 1.0.0. It has been classified as critical. This affects an unknown part of the component Sale Endpoint. The manipulation of the argument ID leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2025-4136 Weitong Mall Sale Endpoint improper authorization

A vulnerability was found in Weitong Mall 1.0.0. It has been classified as critical. This affects an unknown part of the component Sale Endpoint. The manipulation of the argument ID leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2025-4136 Weitong Mall Sale Endpoint improper authorization

A vulnerability was found in Weitong Mall 1.0.0. It has been classified as critical. This affects an unknown part of the component Sale Endpoint. The manipulation of the argument ID leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to...

Linux Distros Unpatched Vulnerability : CVE-2021-4136

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-4136 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL...

CVE-2022-4136

Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method...

RHEL 9 : vim (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - vim: buffer overflow CVE-2020-20703 - vim: Heap based buffer overflow in findfile.c CVE-2021-3973 - vim i...

Oracle Linux 5 : conga (ELSA-2007-0640)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2007-0640 advisory. 0.10.0-6.el5.0.1 - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. 0.10.0-6 - Fixed bz253783 - Fixed bz253914 conga doesn't allo...

CrafterCMS 4.0.2 Cross Site Scripting Vulnerability

--------------------------------------------------------------------------- CrafterCMS = 4.0.2 Multiple Reflected Cross-Site Scripting Vulnerabilities --------------------------------------------------------------------------- - Software Link: https://craftercms.org - Affected Versions: Version...

CrafterCMS 4.0.2 Cross Site Scripting

--------------------------------------------------------------------------- CrafterCMS = 4.0.2 Multiple Reflected Cross-Site Scripting Vulnerabilities --------------------------------------------------------------------------- - Software Link: https://craftercms.org - Affected Versions: Version...

CVE-2023-4136

creationtimestamp| type| source ---|---|--- 2023-08-03 18:40:02+00:00| seen| https://t.me/cibsecurity/67683 2025-06-02 16:52:14+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-4136.yaml 2025-06-04 21:02:24+00:00| seen|...

org.craftercms:crafter-studio (>=4.0.1 <=4.0.2) potentially affected by CVE-2023-4136 via org.craftercms:crafter-engine (>=4.0.1 <=4.0.2)

org.craftercms:crafter-engine MAVEN version =4.0.1, =4.0.1, =4.0.2 Source cves: CVE-2023-4136 Source advisory: OSV:GHSA-JFM4-3VV3-FM4V...

org.craftercms:crafter-studio (>=4.0.1 <=4.0.2) potentially affected by CVE-2023-4136 via org.craftercms:crafter-engine (>=4.0.1 <=4.0.2)

org.craftercms:crafter-engine MAVEN version =4.0.1, =4.0.1, =4.0.2 Source cves: CVE-2023-4136 Source advisory: SNYK:JAVA-ORGCRAFTERCMS-8722255...

org.craftercms:crafter-studio (>=3.1.0 <=3.1.27E) potentially affected by CVE-2023-4136 via org.craftercms:crafter-engine (>=3.1.0 <=3.1.27E)

org.craftercms:crafter-engine MAVEN version =3.1.0, =3.1.0, =3.1.27E Source cves: CVE-2023-4136 Source advisory: OSV:GHSA-JFM4-3VV3-FM4V...

CVE-2023-4136

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27...

CVE-2023-4136

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27...

CVE-2023-4136

CrafterCMS Engine is vulnerable to reflected XSS (CVE-2023-4136). The nuclei template shows exploitation via the transformerName parameter in the /api/1/site/url/transform endpoint, enabling an unauthenticated attacker to inject arbitrary JavaScript in the user context and potentially steal crede...

CVE-2023-4136 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Crafter Engine

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through 3.1.27...

Debian: Security Advisory (DSA-1964-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...