CVE-2026-4624

creationtimestamp| type| source ---|---|--- 2026-03-24 04:09:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhrpdcwogj2p...

CVE-2026-4624

SourceCodester Online Library Management System 1.0 contains a SQL injection in the Parameter Handler’s /home.php (unknown function) triggered by manipulating the searchField argument. The vulnerability is exploitable remotely and the exploit is publicly available. The CVE notes a medium to high ...

EUVD-2018-4624

Malware in sbrugna...

CGA-4624-6J54-V75M

Bulletin has no description...

CVE-2005-4624

The mjoin function in channel.c for PTnet ircd 1.5 and 1.6 allows remote attackers to cause a denial of service memory exhaustion that triggers a daemon restart via a large number of requests to join a "charmed channel" such as PTnet, PTnoticias and .log, which causes ircd to open the channel eve...

CGA-4624-4R82-XRMQ

Bulletin has no description...

Rocky Linux 9 : thunderbird (RLSA-2024:4624)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4624 advisory. Mozilla: Race condition in permission assignment CVE-2024-6601 Mozilla: Memory corruption in thread creation CVE-2024-6603 Mozilla: Memory safety bugs...

AlmaLinux 9 : thunderbird (ALSA-2024:4624)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:4624 advisory. Mozilla: Race condition in permission assignment CVE-2024-6601 Mozilla: Memory corruption in thread creation CVE-2024-6603 Mozilla: Memory safety bugs fix...

Oracle Linux 9 : thunderbird (ELSA-2024-4624)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4624 advisory. 115.13.0-3.0.1 - Add Oracle prefs 115.13.0 - Add OpenELA debranding 115.13.0-3 - Update to 115.13.0 build5 115.13.0-2 - Update to 115.13.0 build3...

RHEL 9 : thunderbird (RHSA-2024:4624)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:4624 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Mozilla: Race condition in permission assignment CVE-2024-660...

CVE-2024-4624

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugins for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eaelexttoctitletag’ parameter in versions up to, and including, 5.9.20 due to insufficient input sanitization and output...

WordPress Essential Addons for Elementor Plugin <= 5.9.20 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.20 Fixed in 5.9.21 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4624 Patch priority Low CVSS severity Low 6.5 Developer WPDeveloper PSID 3528751a7ce0 Credits wesley wcra...

CVE-2023-4624

creationtimestamp| type| source ---|---|--- 2023-08-30 16:12:13+00:00| seen| https://t.me/cibsecurity/69418...

CVE-2023-4624

CVE-2023-4624: SSRF in BookStack (bookstackapp/bookstack) prior to v23.08. The issue is a server-side request forgery in the application’s handling of requests, enabling the server to be coerced into making unintended outbound requests. Affected product: BookStack software; vulnerable component/f...

CVE-2022-4624

The GS Logo Slider WordPress plugin before 3.3.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privile...

CVE-2022-4624

The GS Logo Slider WordPress plugin before 3.3.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privile...

CVE-2022-4624 GS Logo Slider < 3.3.8 - Contributor+ Stored XSS in Shortcode

The GS Logo Slider WordPress plugin before 3.3.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privile...

CVE-2022-4624 GS Logo Slider < 3.3.8 - Contributor+ Stored XSS in Shortcode

The GS Logo Slider WordPress plugin before 3.3.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privile...

CVE-2022-4624

The CVE-2022-4624 entry concerns the WordPress plugin GS Logo Slider, affected versions prior to 3.3.8. The vulnerability arises because the plugin does not validate/escape certain shortcode attributes before output, enabling Stored XSS that can be triggered by low-privilege users (Contributor) a...

WordPress GS Logo Slider Plugin < 3.3.8 is vulnerable to Cross Site Scripting (XSS)

Software GS Logo Slider Type Plugin Vulnerable versions 3.3.8 Fixed in 3.3.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4624 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID cf767b7a3829 Credits István Márton Require...