74 matches found
CVE-2026-4649
creationtimestamp| type| source ---|---|--- 2026-03-24 10:38:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhsezsopuz2x 2026-03-25 03:00:10+00:00| seen| https://www.knime.com/security/advisoriesCVE-2026-4649...
CVE-2023-4649
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1...
MINI-PFHG-4649-F72H
Bulletin has no description...
EUVD-2018-4649
Malware in sbrugna...
CVE-2022-4649
The WP Extended Search WordPress plugin before 2.1.2 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
CVE-2025-4649
Improper Handling of Exceptional Conditions vulnerability in Centreon web allows Privilege Escalation. ACL are not correctly taken into account in the display of the "event logs" page. This page requiring, high privileges, will display all available logs. This issue affects web: from 24.10.3 befo...
CVE-2025-4649 ACL are not correctly taken into account in the display of the "event logs" page. This page requiring, high privileges, will display all available logs.
Improper Handling of Exceptional Conditions vulnerability in Centreon web allows Privilege Escalation. ACL are not correctly taken into account in the display of the "event logs" page. This page requiring, high privileges, will display all available logs. This issue affects web: from 24.10.3 befo...
Oracle Linux 8 : thunderbird (ELSA-2025-4649)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-4649 advisory. 128.9.2-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file - Force use of gcc-toolset-13 due to clang dependency 128.9.2 - Add...
CVE-2024-4649
creationtimestamp| type| source ---|---|--- 2025-02-19 19:14:02+00:00| seen| Telegram/M910QfYbDwFQ8Vu1PqGJKDnExhhLKSQcbFGEi-C955JB2lQ...
CVE-2024-4649
A vulnerability classified as problematic has been found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/studentexammarkinsertform1.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the...
CVE-2024-4649
A vulnerability classified as problematic has been found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/studentexammarkinsertform1.php. The manipulation of the argument page leads to cross site scripting. It is possible to initiate the...
CVE-2018-4649
Rejected reason: This candidate is unused by its CNA...
CVE-2023-4649
creationtimestamp| type| source ---|---|--- 2023-08-31 09:42:40+00:00| seen| https://t.me/cibsecurity/69511...
CVE-2023-4649
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4649 Session Fixation in instantsoft/icms2
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4649
CVE-2023-4649 affects instantsoft/icms2 prior to 2.16.1. The issue is a session fixation vulnerability caused by the authentication cookie not being renewed after a successful login. Impact is described as limited confidentiality/integrity exposure (per CVSS data). Remediation: upgrade to icms2 2...
CVE-2023-4649 Session Fixation in instantsoft/icms2
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2023-4649 Session Fixation in instantsoft/icms2
Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1...
CVE-2022-4649 WP Extended Search < 2.1.2 - Contributor+ Stored XSS via Shortcode
The WP Extended Search WordPress plugin before 2.1.2 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
CVE-2022-4649
CVE-2022-4649 affects the WordPress plugin “WP Extended Search” (before 2.1.2). The vulnerability is a failure to validate and escape a shortcode attribute, enabling a Stored Cross-Site Scripting (XSS) attack. Impact can be executed by users with as little as Contributor privileges (attack requir...