50 matches found
CVE-2026-4595
creationtimestamp| type| source ---|---|--- 2026-03-23 21:04:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhqxk3yyb22i...
CVE-2026-4595
A vulnerability was determined in code-projects Exam Form Submission 1.0. This vulnerability affects unknown code of the file /admin/updates6.php. Executing a manipulation of the argument sname can lead to cross site scripting. The attack can be launched remotely. The exploit has been publicly...
EUVD-2026-4595
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Salesforce Marketing Cloud Engagement CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules allows Web Services Protocol Manipulation. This issue affects Marketing Cloud...
CVE-2025-4595
creationtimestamp| type| source ---|---|--- 2025-05-31 07:11:57+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqh6zaibdj42...
CVE-2025-4595 FastSpring <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The FastSpring plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fastspring/block-fastspringblocks-complete-product-catalog' block in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping on the 'color' attribute. Thi...
WordPress FastSpring plugin <= 3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Chuck in WordPress Plugin FastSpring versions = 3.0.1...
CVE-2022-4595
A vulnerability classified as problematic has been found in django-openipam. This affects an unknown part of the file openipam/report/templates/report/exposedhosts.html. The manipulation of the argument description leads to cross site scripting. It is possible to initiate the attack remotely. The...
CVE-2010-4595
The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services HTTP-AS, which allows remote attackers to bypass intended access restrictions via an HTTP request that contains a disallowed User-Agent header...
CVE-2011-4595
Pretty-Link WordPress plugin 1.5.2 has XSS...
CVE-2024-4595
A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is the function locate of the file function.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2024-4595 SEMCMS function.php locate sql injection
A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is the function locate of the file function.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
SUSE: Security Advisory (SUSE-SU-2023:4595-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-4595
An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end o...
CVE-2023-4595
CVE-2023-4595 affects BVRP Software SLmail (Avanquest SLmail) server, specifically version 5.5.0.4433. The vulnerability is an information-disclosure flaw permitting a remote attacker to retrieve sensitive server-held files (credentials, configuration, application files) by appending certain URL ...
CVE-2022-4595
creationtimestamp| type| source ---|---|--- 2022-12-18 14:40:44+00:00| seen| https://t.me/cibsecurity/54819...
CVE-2022-4595 django-openipam exposed_hosts.html cross site scripting
A vulnerability classified as problematic has been found in django-openipam. This affects an unknown part of the file openipam/report/templates/report/exposedhosts.html. The manipulation of the argument description leads to cross site scripting. It is possible to initiate the attack remotely. The...
CVE-2022-4595
The CVE-2022-4595 issue affects django-openipam, specifically an XSS vulnerability in the template openipam/report/templates/report/exposed_hosts.html. The root cause is described as manipulation of the description argument, enabling cross-site scripting. Impact is remote initiation of an attack ...
Oracle Linux 8 : binutils (ELSA-2021-4595)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4595 advisory. 2.30-108.0.2.1 - Forward-port Oracle patches from 2.30-108.0.2 to 2.30-108.0.2.1 - Reviewed-by: Jose E. Marchesi 2.30-108.0.2 - Forward-port the following updat...
RHEL 8 : binutils (RHSA-2021:4595)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4595 advisory. The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar...
CVE-2020-4595
IBM Security Guardium Insights 2.0.2 is affected by a cryptographic weakness where weaker-than-expected algorithms could allow an attacker to decrypt highly sensitive information. The vulnerability is tied to Guardium Insights 2.0.2 (Vulnerable component: cryptographic implementation) and could e...