CVE-2026-4780

A vulnerability was detected in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file updateoutstanding.php of the component HTTP GET Parameter Handler. Performing a manipulation of the argument sid results in sql injection. The attack is possible to be carrie...

CVE-2026-4780 SourceCodester Sales and Inventory System HTTP GET Parameter update_out_standing.php sql injection

A vulnerability was detected in SourceCodester Sales and Inventory System 1.0. Impacted is an unknown function of the file updateoutstanding.php of the component HTTP GET Parameter Handler. Performing a manipulation of the argument sid results in sql injection. The attack is possible to be carrie...

CVE-2025-15081

A vulnerability has been found in JD Cloud BE6500 4.4.1.r4308. This issue affects the function sub4780 of the file /jdcapi. Such manipulation of the argument ddnsname leads to command injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used...

EUVD-2025-205379

A vulnerability has been found in JD Cloud BE6500 4.4.1.r4308. This issue affects the function sub4780 of the file /jdcapi. Such manipulation of the argument ddnsname leads to command injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used...

PT-2025-53404

Name of the Vulnerable Software and Affected Versions JD Cloud BE6500 version 4.4.1.r4308 Description A command injection issue exists in JD Cloud BE6500 version 4.4.1.r4308. The issue is located in the /jdcapi file and affects the sub 4780 function. Manipulation of the ddns name argument can lea...

EUVD-2018-4780

Malware in sbrugna...

EUVD-2023-32363

Malicious code in bioql PyPI...

CVE-2025-4780

The CVE-2025-4780 entry concerns PHPGurukul Park Ticketing Management System 2.0 with SQL injection in /foreigner-search.php caused by unsafely handling the searchdata parameter. The vulnerability can be exploited remotely and has public disclosure; multiple connected sources confirm the issue. R...

CVE-2025-4780 PHPGurukul Park Ticketing Management System foreigner-search.php sql injection

A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /foreigner-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-4780 PHPGurukul Park Ticketing Management System foreigner-search.php sql injection

A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /foreigner-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The...

CVE-2022-4780

creationtimestamp| type| source ---|---|--- 2025-04-10 20:49:50+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11349...

CVE-2024-4780

creationtimestamp| type| source ---|---|--- 2024-07-16 09:34:49+00:00| seen| https://t.me/cvedetector/915...

CVE-2024-4780 Image Hover Effects – Elementor Addon <= 1.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via eihe_link Parameter

The Image Hover Effects – Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eihelink’ parameter in all versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Image Hover Effects – Elementor Addon Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Image Hover Effects – Elementor Addon Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4780 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 68d93193adc6 Credits...

CVE-2023-4780

creationtimestamp| type| source ---|---|--- 2024-03-12 16:26:40+00:00| seen| https://t.me/ctinow/205807 2024-03-12 16:32:09+00:00| seen| https://t.me/ctinow/205823...

CVE-2023-4780

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-0590. Reason: This candidate is a duplicate of CVE-2024-0590. Notes: All CVE users should reference CVE-2024-0590 instead of this candidate. All references and descriptions in this candidate have been removed to preven...

CVE-2018-4780

creationtimestamp| type| source ---|---|--- 2023-09-14 22:34:54+00:00| seen| https://t.me/cibsecurity/70512...

CVE-2018-4780

Rejected reason: This candidate is unused by its CNA...

Code injection

General Bytes Crypto Application Server CAS 20230120, as distributed with General Bytes BATM devices, allows remote attackers to execute arbitrary Java code by uploading a Java application to the /batm/app/admin/standalone/deployments directory, aka BATM-4780, as exploited in the wild in March...

CVE-2023-28725

CVE-2023-28725 affects General Bytes Crypto Application Server (CAS) versions 20230120 (distributed with BATM devices). The vulnerability allows an unauthenticated remote attacker to execute arbitrary Java code by uploading a Java app to the "/batm/app/admin/standalone/deployments" directory, due...