ECHO-CD05-4199-7F7A

Bulletin has no description...

CVE-2026-4199

A vulnerability was identified in bazinga012 mcpcodeexecutor up to 0.3.0. Affected by this issue is the function installDependencies of the file src/index.ts. Such manipulation leads to command injection. The attack can only be performed from a local environment. The exploit is publicly available...

Ubuntu: Security Advisory (USN-7714-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-4199

The Link Library WordPress plugin before 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-4199

creationtimestamp| type| source ---|---|--- 2025-05-03 03:26:31+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loafei2vts42 2025-05-03 06:05:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loaob3zmtn2r 2025-05-03...

CVE-2025-4199 Abundatrade Plugin <= 1.8.02 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Abundatrade Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.02. This is due to missing or incorrect nonce validation on the 'abundatrade' page. This makes it possible for unauthenticated attackers to update settings and inject...

WordPress Abundatrade Plugin plugin <= 1.8.02 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Abundatrade versions = 1.8.02...

CVE-2022-4199

creationtimestamp| type| source ---|---|--- 2025-04-04 18:36:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10521...

Linux Distros Unpatched Vulnerability : CVE-2010-4199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google Chrome before 7.0.517.44 does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote attacke...

WordPress Bulk Posts Editing For WordPress Plugin <= 4.2.3 is vulnerable to Broken Access Control

Software Bulk Posts Editing For WordPress Type Plugin Vulnerable versions = 4.2.3 Fixed in 4.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4199 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 035d66af9f0b Credits Benedictus...

SUSE SLES12 Security Update : nghttp2 (SUSE-SU-2023:4199-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4199-1 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as...

CVE-2023-4199

creationtimestamp| type| source ---|---|--- 2023-08-07 22:18:45+00:00| seen| https://t.me/cibsecurity/67912...

CVE-2023-4199

CVE-2023-4199 affects SourceCodester Inventory Management System 1.0. The vulnerability exists in catagory_data.php and is triggered by manipulating the columns[1][data] parameter, causing an SQL injection. It is exploitable remotely and the exploit has been disclosed publicly (VDB-236289). Publi...

CVE-2023-4199 SourceCodester Inventory Management System catagory_data.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. This affects an unknown part of the file catagorydata.php. The manipulation of the argument columns1data leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2022-4199

The Link Library WordPress plugin before 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4199

CVE-2022-4199 affects the Link Library WordPress plugin (versions prior to 7.4.1). Root cause: the plugin does not sanitise and escape some settings, enabling stored XSS by high-privilege users (e.g., admins), even when unfiltered_html is disallowed (e.g., multisite). Impact: storedCross‑SiteScri...

Ubuntu: Security Advisory (USN-4199-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-4199

creationtimestamp| type| source ---|---|--- 2022-03-07 14:34:37+00:00| seen| https://t.me/cibsecurity/38500...

CVE-2021-4199

Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...

CVE-2021-4199

Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...