CVE-2026-4596 projectworlds Lawyer Management System lawyers.php cross site scripting

A vulnerability was identified in projectworlds Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyers.php. The manipulation of the argument firstName leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and...

CVE-2026-4596 projectworlds Lawyer Management System lawyers.php cross site scripting

A vulnerability was identified in projectworlds Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyers.php. The manipulation of the argument firstName leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and...

CVE-2026-4596

creationtimestamp| type| source ---|---|--- 2026-03-23 19:16:27+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4596 2026-03-23 20:11:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhqul4shqg2v...

EUVD-2026-4596

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Salesforce Marketing Cloud Engagement CloudPagesUrl module allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026...

CVE-2024-4596

A vulnerability was found in Kimai up to 2.15.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Session Handler. The manipulation of the argument PHPSESSIONID leads to information disclosure. The attack may be launched remotely. The complexity ...

CVE-2022-4596

A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be...

CVE-2010-4596

Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request...

Exploit for CVE-2023-4596

CVE-2023-4596 !made-with-Pythonhttps://img.shields.io/bad...

SUSE: Security Advisory (SUSE-SU-2023:4596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-4596

Rejected reason: This candidate is unused by its CNA...

CVE-2023-4596

creationtimestamp| type| source ---|---|--- 2023-08-30 22:45:52+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5043 2023-08-30 23:34:12+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5044 2023-09-03 09:03:18+00:00| published-proof-of-concept|...

CVE-2023-4596 Forminator <= 1.24.6 - Unauthenticated Arbitrary File Upload

The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the uploadpostimage function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload...

CVE-2023-4596

CVE-2023-4596 — WordPress Forminator plugin Arbitrary File Upload Affected software: WordPress Forminator plugin (all environments using WordPress) up to version 1.24.6. Root cause: Vulnerability arises from file type validation occurring after a file has been uploaded in upload_post_image(), ena...

WordPress Forminator Plugin <= 1.24.6 is vulnerable to Arbitrary File Upload

Software Forminator Type Plugin Vulnerable versions = 1.24.6 Fixed in 1.25.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-4596 Patch priority High CVSS severity High 9.8 Developer WPMU DEV PSID c13bf0eea10b Credits mehmet Required privilege Unauthenticated Publishe...

CVE-2022-4596

creationtimestamp| type| source ---|---|--- 2022-12-18 14:40:46+00:00| seen| https://t.me/cibsecurity/54821...

CVE-2022-4596 Shoplazza Add Blog Post cross site scripting

A vulnerability, which was classified as problematic, has been found in Shoplazza 1.1. This issue affects some unknown processing of the file /admin/api/admin/articles/ of the component Add Blog Post Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be...

CVE-2022-4596

Shoplazza 1.1 contains a cross-site scripting vulnerability in the Add Blog Post Handler. The issue arises from manipulating the Title argument for the endpoint /admin/api/admin/articles/, which can be exploited remotely and has public PoC material. Public advisories in multiple sources confirm t...

RHEL 8 : binutils (RHSA-2021:4596)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4596 advisory. The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar...

CVE-2020-4596

CVE-2020-4596 affects IBM Security Guardium Insights 2.0.2. The description from NVD indicates the vulnerability arises from weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Connected records corroborate the impact on this produ...

Ubuntu 20.04 LTS : Tomcat vulnerabilities (USN-4596-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4596-1 advisory. It was discovered that Tomcat did not properly manage HTTP/2 streams. An attacker could possibly use this to cause Tomcat to consume resources, resulting...