CVE-2026-4747

creationtimestamp| type| source ---|---|--- 2026-03-26 08:00:36+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116294420808646049 2026-03-26 09:12:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhxb73ufil23 2026-03-27 00:01:20+00:00| seen|...

CVE-2026-4747

Each RPCSECGSS data packet is validated by a routine which checks a signature in the packet. This routine copies a portion of the packet into a stack buffer, but fails to ensure that the buffer is sufficiently large, and a malicious client can trigger a stack overflow. Notably, this does not...

ECHO-4747-0F17-155F

Bulletin has no description...

MiracleLinux 8 : postgresql:10 postgresql-10.23-1.module+el8+1581+24b533d8 (AXSA:2023-4747:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4747:01 advisory. postgresql: Extension scripts replace objects not belonging to the extension. CVE-2022-2625 Tenable has extracted the preceding description block directly fr...

MINI-64R7-4747-GMQ6

Bulletin has no description...

MINI-V4CX-4747-J7XX

Bulletin has no description...

CVE-2022-4747

The Post Category Image With Grid and Slider WordPress plugin before 1.4.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be...

CVE-2025-4747

creationtimestamp| type| source ---|---|--- 2025-05-16 05:34:39+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16631...

CVE-2022-4747

creationtimestamp| type| source ---|---|--- 2025-03-25 18:25:22+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8730...

CVE-2024-4747

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Propovoice Propovoice CRM allows Stored XSS.This issue affects Propovoice CRM: from n/a through 1.7.6.2...

RHEL 8 : edk2 (RHSA-2024:4747)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4747 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU a...

CVE-2024-4747

CVE-2024-4747 affects Propovoice: All-in-One Client Management System (Propovoice CRM) for WordPress. Unauthenticated stored cross-site scripting vulnerability present in Propovoice CRM versions up to 1.7.6.2. A fix/patch has been issued (patched in the Wordfence entry); affected users should upd...

CVE-2024-4747 WordPress Propovoice CRM plugin <= 1.7.6.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Propovoice Propovoice CRM allows Stored XSS.This issue affects Propovoice CRM: from n/a through 1.7.6.2...

CVE-2024-4747 WordPress Propovoice CRM plugin <= 1.7.6.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Propovoice Propovoice CRM allows Stored XSS.This issue affects Propovoice CRM: from n/a through 1.7.6.2...

WordPress Propovoice CRM Plugin <= 1.7.6.2 is vulnerable to Cross Site Scripting (XSS)

Software Propovoice CRM Type Plugin Vulnerable versions = 1.7.6.2 Fixed in 1.7.6.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-4747 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 94d4581cb410 Credits Manab Jyoti Dowarah Required...

CVE-2023-4747

CVE-2023-4747 affects DedeCMS 5.7.110, specifically the /uploads/tags.php file. The vulnerability arises from manipulation of the tag_alias (tag alias) parameter, enabling SQL injection. The issue is exploitable remotely and an exploit has been disclosed publicly. Multiple sources corroborate the...

CVE-2023-4747 DedeCMS tags.php sql injection

A vulnerability classified as critical was found in DedeCMS 5.7.110. This vulnerability affects unknown code of the file /uploads/tags.php. The manipulation of the argument tagalias leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...

CVE-2022-4747

The Post Category Image With Grid and Slider WordPress plugin before 1.4.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be...

CVE-2022-4747

Summary: CVE-2022-4747 affects the WordPress plugin “Post Category Image With Grid and Slider” (pre-1.4.8). The issue is that shortcode attributes are not validated/escaped before being output, enabling stored XSS. Exploitation requires user interaction (UI:Required) and low privileges (Contribut...

CVE-2022-4747 Post Category Image With Grid and Slider < 1.4.8 - Contributor+ Stored XSS via Shortcode

The Post Category Image With Grid and Slider WordPress plugin before 1.4.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be...