MiracleLinux 8 : java-17-openjdk-17.0.6.0.10-3.el8 (AXSA:2023-4811:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4811:01 advisory. OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742...

EUVD-2015-4826

Malware in sbrugna...

CVE-2024-4811

In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts...

CVE-2025-4811

A vulnerability was found in CodeAstro Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack may be launched...

CVE-2025-4811

A vulnerability was found in CodeAstro Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack may be launched...

CVE-2025-4811

The CVE-2025-4811 entry applies to CodeAstro Pharmacy Management System 1.0, specifically the Login component’s /index.php. The vulnerability arises from improper manipulation of the Username parameter, resulting in a SQL injection that can be exploited remotely over the network. Public disclosur...

CVE-2025-4811 CodeAstro Pharmacy Management System Login index.php sql injection

A vulnerability was found in CodeAstro Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack may be launched...

CVE-2022-4811

Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.This issue affects usememos/memos before 0.9.1...

CVE-2024-4811

creationtimestamp| type| source ---|---|--- 2024-07-25 07:42:56+00:00| seen| https://t.me/cvedetector/1617 2025-01-16 06:55:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1926...

WordPress File Upload Cross Site Scripting

Exploit Title: WordPress File Upload 4.23.3 Stored XSS CVE 2023-4811 Date: 18 December 2023 Exploit Author: Faiyaz Ahmad Vendor Homepage: https://wordpress.com/ Version: 4.23.3 CVE : CVE 2023-4811 Proof Of Concept: 1. Login to the wordpress account 2. Add the following shortcode to a post in "Fil...

WordPress File Upload Plugin < 4.23.3 - Stored XSS

Exploit Title: WordPress File Upload 4.23.3 Stored XSS CVE 2023-4811 Date: 18 December 2023 Exploit Author: Faiyaz Ahmad Vendor Homepage: https://wordpress.com/ Version: 4.23.3 CVE : CVE 2023-4811 Proof Of Concept: 1. Login to the wordpress account 2. Add the following shortcode to a post in "Fil...

WordPress File Upload Plugin < 4.23.3 - Stored XSS Vulnerability

Exploit Title: WordPress File Upload 4.23.3 Stored XSS CVE 2023-4811 Exploit Author: Faiyaz Ahmad Vendor Homepage: https://wordpress.com/ Version: 4.23.3 CVE : CVE 2023-4811 Proof Of Concept: 1. Login to the wordpress account 2. Add the following shortcode to a post in "File Upload Plugin":...

WordPress File Uploader Plugin < 4.23.3 is vulnerable to Cross Site Scripting (XSS)

Software File Uploader Type Plugin Vulnerable versions 4.23.3 Fixed in 4.23.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4811 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1623a29c06e5 Credits FAIYAZ AHMAD Required...

CVE-2023-4811 WordPress File Upload < 4.23.3 - Author+ Stored Cross-Site Scripting

The WordPress File Upload WordPress plugin before 4.23.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks...

Ubuntu 16.04 ESM / 18.04 ESM : libzip vulnerability (USN-4811-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4811-1 advisory. It was discovered that libzip mishandled certain malformed ZIP archives. A remote attacker could use this vulnerability to cause a denial of service...

Security Bulletin: Administrator password can be reset without authentication on SAN Volume Controller and Storwize Family (CVE-2014-4811)

Summary Security Bulletin: Administrator password can be reset without authentication on SAN Volume Controller and Storwize Family CVE-2014-4811 Vulnerability Details Security Bulletin --- Summary --- The administrator superuser password can be reset to a default value without requiring prior...

CVE-2022-4811 Authorization Bypass Through User-Controlled Key in usememos/memos

Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.This issue affects usememos/memos before 0.9.1...

CVE-2022-4811

The CVE-2022-4811 vulnerability concerns usememos/memos. It is an Authorization Bypass Through User-Controlled Key that allows an unauthorized user to access private memos by manipulating the URL. This affects versions prior to 0.9.1. The issue is documented across multiple sources (including Red...

CVE-2020-4811

IBM Cloud Pak for Security CP4S 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation...

CVE-2020-4811

IBM Cloud Pak for Security CP4S 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation...