CVE-2026-4169

A security flaw has been discovered in Tecnick TCExam up to 16.6.0. Affected is the function Fxmlexportusers of the file admin/code/tcexmlusers.php of the component XML Export. Performing a manipulation results in cross site scripting. Remote exploitation of the attack is possible. There are stil...

CVE-2026-4169

The CVE-2026-4169 entry describes a cross-site scripting vulnerability in Tecnick TCExam up to version 16.6.0, specifically in the XML Export component: the function F_xml_export_users inside admin/code/tce_xml_users.php. Exploitation requires manipulating input and is noted as remotely explorabl...

MiracleLinux 4 : kernel-2.6.32-71.18.1.el6 (AXSA:2011-80:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-80:02 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

CVE-2022-4169

The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the processpolylangthemetranslationwploaded function. This makes it possible for unauthenticated attackers to update plugin and theme...

CVE-2009-4169

Cross-site scripting XSS vulnerability in wp-cumulus.php in the WP-Cumulus Plug-in before 1.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2025-4169

creationtimestamp| type| source ---|---|--- 2025-05-16 03:34:27+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16614 2025-05-16 05:07:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpbb3ufkmy22...

WordPress Posts per Cat plugin <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Posts per Cat versions = 1.4.2...

Exploit for Improper Access Control in Ruijie Rg-Ew1200G_Firmware

Ruijie-RG-EW1200G CVE-2023-4169CVE-2023-3306CVE-2023-4415 1...

CVE-2023-4169

creationtimestamp| type| source ---|---|--- 2023-08-05 22:11:53+00:00| seen| https://t.me/cibsecurity/67815 2023-10-17 16:52:19+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5470 2023-10-20 11:06:20+00:00| seen| https://t.me/CyberSecurityTechnologies/9230 2023-10-22 17:46:15+00:00...

CVE-2023-4169

The CVE-2023-4169 entry affects Ruijie RG-EW1200G model 1.0(1)B1P5. Affected component: /api/sys/set_passwd in Administrator Password Handler. Root cause: improper access controls allow an attacker to reset the administrator password remotely. Impact: attacker can take full control of the router ...

CVE-2022-4169

creationtimestamp| type| source ---|---|--- 2022-11-28 20:48:51+00:00| seen| https://t.me/cibsecurity/53594...

CVE-2022-4169

The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the processpolylangthemetranslationwploaded function. This makes it possible for unauthenticated attackers to update plugin and theme...

CVE-2022-4169 Theme and plugin translation for Polylang <= 3.2.16 - Missing Authorization

The Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the processpolylangthemetranslationwploaded function. This makes it possible for unauthenticated attackers to update plugin and theme...

CVE-2022-4169

The CVE-2022-4169 issue affects the Polylang WordPress plugin (Theme and plugin translation) up to and including version 3.2.16. The root cause is missing capability checks in the function process_polylang_theme_translation_wp_loaded(), enabling authorization bypass and allowing unauthenticated a...

CVE-2015-4169

CVE-2015-4169 entry is rejected and does not represent an active vulnerability.

CVE-2015-4169

...

CVE-2021-4169 Cross-site Scripting (XSS) - Reflected in livehelperchat/livehelperchat

livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

CVE-2021-4169

CVE-2021-4169 affects livehelperchat. The vulnerability is an Improper Neutralization of Input During Web Page Generation (XSS) in livehelperchat. Open sources describe reflected/DOM-based XSS vectors enabling injection via user input, with impact limited to client-side script execution and poten...

openSUSE 15 Security Update : go1.16 (openSUSE-SU-2021:4169-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:4169-1 advisory. - golang: net/http: limit growth of header canonicalization cache CVE-2021-44716 - golang: syscall: don't close fd 0 on ForkExec error...

Security Bulletin: This Power System update is being released to address CVE-2019-4169

Summary POWER9: In response to an IPMI implementation error, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2019-4169. Vulnerability Details CVEID: CVE-2019-4169 DESCRIPTION: IBM Open Power Firmware could allow access to BMC v...