MINI-V883-652M-4488

Bulletin has no description...

MINI-9445-4488-QMJ7

Bulletin has no description...

Debian: Security Advisory (DLA-4488-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2026-4488

Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Framelink Figma MCP Server. Authentication is not required to exploit this vulnerability. The specific...

Linux Distros Unpatched Vulnerability : CVE-2013-4488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. CVE-2013-4488 Note that...

CVE-2012-4488

The Location module 6.x before 6.x-3.2 and 7.x before 7.x-3.0-alpha1 for Drupal does not properly check user or node access permissions, which allows remote attackers to read node or user results via the location search page...

CVE-2025-4488

A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletepackage. The manipulation of the argument ID leads to sql injection. The attack can be launched...

CVE-2025-4488

creationtimestamp| type| source ---|---|--- 2025-05-09 20:26:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15846 2025-05-09 22:06:54+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lorber5ptfi2 2025-05-09...

CVE-2025-4488

A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletepackage. The manipulation of the argument ID leads to sql injection. The attack can be launched...

CVE-2025-4488 itsourcecode Gym Management System ajax.php sql injection

A vulnerability was found in itsourcecode Gym Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=deletepackage. The manipulation of the argument ID leads to sql injection. The attack can be launched...

Linux Distros Unpatched Vulnerability : CVE-2016-4488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service segmentation fault and crash via a crafted binary, related to...

GHSA-H33Q-MHMP-8P67 Vyper has a double eval in For List Iter

Multiple evaluation of a single expression is possible in the iterator target of a for loop. While the iterator expression cannot produce multiple writes, it can consume side effects produced in the loop body e.g. read a storage variable updated in the loop body and thus lead to unexpected progra...

CVE-2024-4488 Royal Elementor Addons and Templates <= 1.3.976 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Royal Elementor Addons and Templates for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘inlinelist’ parameter in versions up to, and including, 1.3.976 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

RHEL 6 : gcc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gcc: Exploitable buffer overflow CVE-2016-2226 - Use-after-free vulnerability in libiberty allows remote...

SUSE: Security Advisory (SUSE-SU-2023:4488-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4488 Dropbox Folder Share <= 1.9.7 - Unauthenticated Local File Inclusion

The Dropbox Folder Share for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.9.7 via the editor-view.php file. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. Thi...

CVE-2023-4488

CVE-2023-4488 refers to the Dropbox Folder Share for WordPress. Connected sources confirm an unauthenticated Local File Inclusion (LFI) via editor-view.php affecting versions up to and including 1.9.7, enabling attackers to include/execute arbitrary PHP files on the server. Impact statements indi...

CVE-2018-4488

Rejected reason: This candidate is unused by its CNA...

WordPress Dropbox Folder Share Plugin <= 1.9.7 is vulnerable to Local File Inclusion

Software Dropbox Folder Share Type Plugin Vulnerable versions = 1.9.7 Fixed in N/A OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-4488 Patch priority Low CVSS severity Low 9.8 Developer Claim ownership PSID 097b8d11ce41 Credits Marco Wotschka Required privilege...

CVE-2022-4488

The Widgets on Pages WordPress plugin before 1.8.0 does not validate and escape its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege use...