CVE-2026-4490

A flaw has been found in Tenda A18 Pro 02.03.02.28. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. This manipulation causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used...

CVE-2026-4490

creationtimestamp| type| source ---|---|--- 2026-03-20 19:00:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhj7a4z6sj2u...

Debian: Security Advisory (DLA-4490-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-4490-1 openssl - security update

Bulletin has no description...

EUVD-2026-4490

Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to exploit this vulnerability in that the...

Linux Distros Unpatched Vulnerability : CVE-2009-4490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - minihttpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly...

CVE-2024-4490

The Elegant Themes Divi theme, Extra theme, and Divi Page Builder plugin for WordPress are vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘title’ parameter in versions up to, and including, 4.25.0 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-4490

creationtimestamp| type| source ---|---|--- 2025-05-09 21:25:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15852 2025-05-09 22:14:47+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lorghk6rc4r2 2025-05-09...

CVE-2025-4490

A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /view-ticket-admin.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-4490

Campcodes Online Food Ordering System 1.0 has a SQL injection vulnerability in /view-ticket-admin.php triggered by manipulating the ID parameter. Exploitation can be remote and does not require authentication. Several sources indicate no patch is publicly available yet; mitigations include avoidi...

CVE-2025-4490 Campcodes Online Food Ordering System view-ticket-admin.php sql injection

A vulnerability classified as critical has been found in Campcodes Online Food Ordering System 1.0. This affects an unknown part of the file /view-ticket-admin.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2023-4490

creationtimestamp| type| source ---|---|--- 2025-04-04 21:02:04+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3llzcteqcrh23 2025-06-05 21:02:25+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lqv7r2bamy2u...

Linux Distros Unpatched Vulnerability : CVE-2016-4490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service segmentation fault and crash via a crafted binary, related t...

RHEL 6 : gcc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gcc: Exploitable buffer overflow CVE-2016-2226 - Use-after-free vulnerability in libiberty allows remote...

WordPress Extra Theme <= 4.25.0 is vulnerable to Cross Site Scripting (XSS)

Software Extra Type Theme Vulnerable versions = 4.25.0 Fixed in 4.25.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4490 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bcfad4f5bb49 Credits Webbernaut Required privilege...

WordPress Divi Theme <= 4.25.0 is vulnerable to Cross Site Scripting (XSS)

Software Divi Type Theme Vulnerable versions = 4.25.0 Fixed in 4.25.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4490 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1cc1a7dd8fd8 Credits Webbernaut Required privilege...

openSUSE: Security Advisory for python (SUSE-SU-2023:4490-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 8 : gnupg2 (RLSA-2020:4490)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4490 advisory. - GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery CSRF vulnerability in dirmngr that can result in Attacker controlled CSRF,...

WordPress WP Job Portal Plugin <= 2.0.5 is vulnerable to SQL Injection

Software WP Job Portal Type Plugin Vulnerable versions = 2.0.5 Fixed in 2.0.6 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-4490 Patch priority High CVSS severity High 9.3 Developer Ahmad PSID 9b020cd17632 Credits Pablo Sanchez Required privilege Unauthenticated Published 2...

CVE-2023-4490

The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users...