70 matches found
CVE-2025-4521
creationtimestamp| type| source ---|---|--- 2026-02-19 17:16:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfa3vuahhi2d 2026-02-19 17:16:50+00:00| seen| https://mastodon.social/ap/users/115755483699003887/statuses/116098424956279178...
CVE-2022-4521
A vulnerability classified as problematic has been found in WSO2 carbon-registry up to 4.8.6. This affects an unknown part of the component Request Parameter Handler. The manipulation of the argument parentPath/path/username/path/profilemenu leads to cross site scripting. It is possible to initia...
CVE-2024-4521
creationtimestamp| type| source ---|---|--- 2025-02-19 19:13:56+00:00| seen| Telegram/UVZ-rbCRozarI6X83bx3ZB571XH1Lyg8zeyB81k4UfysW4g...
CVE-2024-4521
A vulnerability classified as problematic has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teachersalarydetails2.php. The manipulation of the argument index leads to cross site scripting. It is possible to launch the...
CVE-2019-4521
creationtimestamp| type| source ---|---|--- 2024-03-09 12:41:09+00:00| seen| https://t.me/ctinow/203916...
CVE-2020-4521
creationtimestamp| type| source ---|---|--- 2024-01-06 13:12:55+00:00| seen| https://t.me/arpsyndicate/2538...
WordPress Import XML and RSS Feeds Plugin < 2.1.5 is vulnerable to Remote Code Execution (RCE)
Software Import XML and RSS Feeds Type Plugin Vulnerable versions 2.1.5 Fixed in 2.1.5 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-4521 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 84e300ce2ae3 Credits Enrico Marcolini Required...
CVE-2023-4521
The Import XML and RSS Feeds WordPress plugin before 2.1.5 contains a web shell, allowing unauthenticated attackers to perform RCE. The plugin/vendor was not compromised and the files are the result of running a PoC for a previously reported issue...
CVE-2023-4521
The CVE-2023-4521 entry concerns the Import XML and RSS Feeds WordPress plugin. Affected versions prior to 2.1.5 allow unauthenticated RCE via a web shell; the vulnerability arises from PoC files being left behind and not deleted when releasing version 2.1.5. The plugin/vendor themselves were not...
CVE-2023-4521 Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE
The Import XML and RSS Feeds WordPress plugin before 2.1.5 contains a web shell, allowing unauthenticated attackers to perform RCE. The plugin/vendor was not compromised and the files are the result of running a PoC for a previously reported issue...
Security Bulletin: IBM Security Verify Governance is vulnerable to remote attacks to execute arbitrary code on the system [CVE-2013-4521, CVE-2013-2165 and CVE-2018-14667]
Summary IBM Security Verify Governance is vulnerable to remote attacks to execute arbitrary code on the system CVE-2013-4521. IBM Security Verify Governance is vulnerable to remote attacks caused by an error related to the handling of deserialization CVE-2013-2165. IBM Security Verify Governance ...
SUSE CVE-2015-4521
The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via unknown vectors...
Security Bulletin: Multiple Vulnerabilities discovered in libraries used by TCRtoolkit in ITNM
Summary Multiple vulnerabilities CVE-2009-4521; CVE-2015-0250; CVE-2017-5662; CVE-2018-8013; CVE-2019-17566; CVE-2020-11987; CVE-2009-4269; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2009-4521; CVE-2021-41033 found in TCRtoolkit component present in IBM Tivoli Network Manager...
CVE-2022-4521
creationtimestamp| type| source ---|---|--- 2022-12-16 00:23:52+00:00| seen| https://t.me/cibsecurity/54653...
CVE-2022-4521
A vulnerability classified as problematic has been found in WSO2 carbon-registry up to 4.8.6. This affects an unknown part of the component Request Parameter Handler. The manipulation of the argument parentPath/path/username/path/profilemenu leads to cross site scripting. It is possible to initia...
CVE-2022-4521
CVE-2022-4521 affects WSO2 carbon-registry prior to 4.8.7. The issue is a Cross‑Site Scripting vulnerability in the Request Parameter Handler, where manipulation of arguments such as parentPath/path/username/path/profile_menu enables remote JavaScript execution due to insufficient input encoding....
Security Bulletin: IBM Maximo Asset Management is vulnerable to Java Deserialization (CVE-2020-4521)
Summary IBM Maximo Asset Management is vulnerable to Java Deserialization. Vulnerability Details CVEID:CVE-2020-4521 DESCRIPTION: IBM Maximo Asset Management could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. By sendin...
SUSE: Security Advisory (SUSE-SU-2015:1703-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1680-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-4521-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...