85 matches found
MINI-M4MJ-4377-2QMW
Bulletin has no description...
CVE-2026-4377
creationtimestamp| type| source ---|---|--- 2026-05-28 04:55:00+00:00| seen| https://cert.pl/en/posts/2026/05/CVE-2026-4377 2026-05-28 14:43:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmwb2kmmpq2p...
MINI-27V9-4377-JVQP
Bulletin has no description...
EUVD-2026-4377
Missing Authorization vulnerability in monetagwp Monetag Official Plugin monetag-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Monetag Official Plugin: from n/a through = 1.1.3...
ECHO-4377-3F2B-771F
Bulletin has no description...
CVE-2022-4377
A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched...
CVE-2021-4377
The Doneren met Mollie plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.8.5 via the dmmexportdonations function which is called via the adminpostdmmexport hook due to missing capability checks. This can allow authenticated attackers to extract a CS...
CVE-2025-4377
Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem. Logview is accessible on Pro Cloud Server Configuration interface. This issue affects Pr...
CVE-2025-4377
Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem. Logview is accessible on Pro Cloud Server Configuration interface. This issue affects Pr...
CVE-2025-4377
Sparx Systems Pro Cloud Server is affected by CVE-2025-4377 due to an Improper Limitation of a Pathname in logview.php, enabling a Path Traversal that allows reading arbitrary files on the filesystem. The issue affects Pro Cloud Server versions earlier than 6.0.165 and is exposed via the Pro Clou...
CVE-2025-4377 Path traversal vulnerability in Sparx Pro Cloud Server WebEA webconfig in logview.php
Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem. Logview is accessible on Pro Cloud Server Configuration interface. This issue affects Pr...
CVE-2025-4377 Path traversal vulnerability in Sparx Pro Cloud Server WebEA webconfig in logview.php
Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem. Logview is accessible on Pro Cloud Server Configuration interface. This issue affects Pr...
CGA-8V3F-VP8M-4377
Bulletin has no description...
CVE-2024-4377
The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-4377
The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-4377 DOP Shortcodes <= 1.2 - Contributor+ Stored XSS via Shortcode
The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-4377
CVE-2024-4377 affects the DOP Shortcodes WordPress plugin (versions
CVE-2024-4377 DOP Shortcodes <= 1.2 - Contributor+ Stored XSS via Shortcode
The DOP Shortcodes WordPress plugin through 1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
WordPress DOP Shortcodes Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)
Software DOP Shortcodes Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4377 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 358272ad2236 Credits Bob Matyas Required privilege...
Oracle Linux 9 : kernel (ELSA-2023-4377)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4377 advisory. - Fix KVM: x86/mmu: Fix race condition in directpagefault Orabug: 35673032 CVE-2022-45869 - prlimit: doprlimit needs to have a speculation check...