Exploit for CVE-2026-4350

CVE-2026-4350 - Perfmatters WordPress Arbitrary File Deletion...

CVE-2026-4350

creationtimestamp| type| source ---|---|--- 2026-04-03 08:59:58+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mile7cwvmq2r 2026-04-03 09:15:39+00:00| published-proof-of-concept| Telegram/NBs63VM2nQ9UbXE-D7ue-jsugZ5lhQP4O69jnOBlFC7zlLQ 2026-04-07 22:30:07+00:00| seen|...

CVE-2026-4350

The Perfmatters plugin for WordPress is vulnerable to arbitrary file deletion via path traversal in all versions up to, and including, 2.5.9.1. This is due to the PMCS::actionhandler method processing the $GET'delete' parameter without any sanitization, authorization check, or nonce verification...

GO-2026-4350 Argo Workflows affected by stored XSS in the artifact directory listing in github.com/argoproj/argo-workflows

Argo Workflows affected by stored XSS in the artifact directory listing in github.com/argoproj/argo-workflows...

EUVD-2026-4350

Missing Authorization vulnerability in Ecwid by Lightspeed Ecommerce Shopping Cart Ecwid Shopping Cart ecwid-shopping-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ecwid Shopping Cart: from n/a through = 7.0.5...

CVE-2009-4350

SQL injection vulnerability in index.php in Arctic Issue Tracker 2.1.1 allows remote attackers to execute arbitrary SQL commands via the 1 matchingsid or 2 matchingstitle parameters in a Login action to an unspecified program, or 3 the matchingsid parameter in a search action to index.php, a...

DLA-4350-1 tika - security update

Bulletin has no description...

CVE-2022-4350

A vulnerability, which was classified as problematic, was found in Mingsoft MCMS 5.2.8. Affected is an unknown function of the file search.do. The manipulation of the argument contenttitle leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed ...

CVE-2025-4350

creationtimestamp| type| source ---|---|--- 2025-05-06 12:20:54+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15095 2025-05-06 14:21:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loj3eolgt62w 2025-05-06 14:30:23+00:00| published-proof-of-concept|...

Linux Distros Unpatched Vulnerability : CVE-2013-4350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended...

Security update for installation-images

This update updates installation-images and tftpboot images to contain the latest shim for secure boot. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...

Yaws Web Server Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Yaws Web Server Directory Traversal", 'Description' = %q This module exploits a directory traversal bug in Yaws v1.9.1 or less. The module can on...

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0234-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA61310 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Audio can be exploited to cause denial of servi...

Chromium: CVE-2023-4350 Inappropriate implementation in Fullscreen

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Debian: Security Advisory (DSA-5479-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-5479-1 : chromium - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5479 advisory. Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. For...

CVE-2023-4350

creationtimestamp| type| source ---|---|--- 2023-08-17 15:06:22+00:00| seen| https://t.me/truesecator/4742...

CVE-2023-4350

Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...

CVE-2023-4350

Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...