96 matches found
CVE-2025-4698 PHPGurukul Directory Management System forget-password.php sql injection
A vulnerability classified as critical has been found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/forget-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has...
WordPress ProfilePress Plugin < 4.5.1 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...
CVE-2023-4698
creationtimestamp| type| source ---|---|--- 2024-12-18 12:00:21+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8971...
CVE-2024-4698
The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'showlinetext ' and 'slidebuttonhoveranimation' parameters in versions up to, and including, 10.1.1 due to insufficient input sanitization and output escaping. This makes it possible f...
Exploit for Improper Input Validation in Usememos Memos
CVE-2023-4698 Local File Inclusion LFI in usememos/memos...
CVE-2023-4698 Improper Input Validation in usememos/memos
Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2...
CVE-2023-4698
CVE-2023-4698 affects usememos/memos prior to 0.13.2. The connected exploit doc describes a Local File Inclusion (LFI) via an inadequate validation of InternalPath, enabling access to server files (post-auth or remote code execution risks are implied by LFI in the blog). Public advisories consist...
Important: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...
SUSE CVE-2010-4698
Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of service application crash via a large number of anti-aliasing steps in an argument to the imagepstext function...
CVE-2022-4698
creationtimestamp| type| source ---|---|--- 2022-12-23 18:14:35+00:00| seen| https://t.me/cibsecurity/55247...
CVE-2022-4698
The CVE-2022-4698 entry concerns the WordPress ProfilePress plugin. Affected: ProfilePress plugin for WordPress (versions up to and including 4.5.0). Issue: Stored Cross-Site Scripting via several form fields caused by insufficient input sanitization and output escaping. Impact: Authenticated att...
SUSE: Security Advisory (SUSE-SU-2014:0938-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Dnsmasq regression (USN-4698-2)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4698-2 advisory. USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple...
Security Bulletin: Cross-site scripting vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-4698
Summary IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a cross-site scripting attack. Vulnerability Details CVEID: CVE-2020-4698 DESCRIPTION: IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to stor...
CVE-2020-4698
IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentia...
CVE-2019-4698
IBM Guardium Data Encryption (GDE) 3.0.0.2 is affected by a password-strength requirement weakness: by default, it does not require strong passwords, which could allow an attacker to compromise user accounts. The issue is documented in CVE-2019-4698 and reflected in IBM/third-party sources in the...
CVE-2017-4698
...
CVE-2017-4698
CVE-2017-4698 is rejected/not used and does not represent an active vulnerability entry.
CVE-2006-4698
The CVE-2006-4698 entry is rejected/not used and does not represent an active vulnerability entry.
CVE-2006-4698
...