CVE-2026-4550

A vulnerability has been found in code-projects Simple Gym Management System up to 1.0. This affects an unknown part of the file /gym/func.php. Such manipulation of the argument Trainerid/fname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...

CVE-2026-4550 code-projects Simple Gym Management System func.php sql injection

A vulnerability has been found in code-projects Simple Gym Management System up to 1.0. This affects an unknown part of the file /gym/func.php. Such manipulation of the argument Trainerid/fname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...

EUVD-2026-4550

The All-in-One Video Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxcallbackstoreusermeta function in versions 4.1.0 to 4.6.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, ...

CVE-2022-4550

The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...

CVE-2025-4550

creationtimestamp| type| source ---|---|--- 2025-05-12 00:41:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lowqemadh62o 2025-05-12 01:00:37+00:00| published-proof-of-concept| Telegram/4kUQu822de1LPDuRg3vLxdeTbImmKLi3r7rk6aSaj04RHg 2025-05-12 01:53:52+00:00| seen|...

CVE-2025-4550

A vulnerability, which was classified as critical, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the file /admin/pass-details.php. The manipulation of the argument pid leads to sql injection. The attack may be initiated...

CVE-2025-4550 PHPGurukul Apartment Visitors Management System pass-details.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the file /admin/pass-details.php. The manipulation of the argument pid leads to sql injection. The attack may be initiated...

CVE-2025-4550 PHPGurukul Apartment Visitors Management System pass-details.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the file /admin/pass-details.php. The manipulation of the argument pid leads to sql injection. The attack may be initiated...

CVE-2024-4550

A potential buffer overflow vulnerability was reported in some Lenovo ThinkSystem and ThinkStation products that could allow a local attacker with elevated privileges to execute arbitrary code...

CVE-2014-4550

creationtimestamp| type| source ---|---|--- 2024-03-18 08:41:52+00:00| seen| https://t.me/ctinow/210264...

CVE-2023-4550

OpenText AppBuilder (Windows/Linux) is affected by CVE-2023-4550 due to improper input validation, enabling an unauthenticated or authenticated user to read arbitrary files on the server via a vulnerable AppBuilder page. Affected versions are 21.2 through 23.2. Remediation guidance in connected s...

CVE-2023-4550 Unauthenticated Arbitrary File Read

Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. Thi...

CVE-2018-4550

Rejected reason: This candidate is unused by its CNA...

Oracle Linux 7 : docker-engine (ELSA-2019-4550)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4550 advisory. - apply fix for runc CVE-2019-5736 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

WordPress User Activity Plugin <= 1.0.1 is vulnerable to Content Spoofing

Software User Activity Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A6: Security Misconfiguration Classification Content Spoofing CVE CVE-2022-4550 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ff21fa6bc6ad Credits rezaduty Required privilege...

CVE-2022-4550

The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...

CVE-2022-4550

The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...

CVE-2022-4550 User Activity <= 1.0.1 - IP Spoofing

The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...

CVE-2022-4550

CVE-2022-4550 concerns the WordPress plugin “User Activity” up to version 1.0.1. The vulnerability arises because the plugin checks HTTP headers such as X-Forwarded-For to obtain the request IP address, which can allow IP spoofing. The documented impact (per NVD) indicates a high severity (CVSS v...

CVE-2022-4550 User Activity <= 1.0.1 - IP Spoofing

The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing...