CVE-2026-4827

Technical details such as affected products, vulnerable components, versions, root cause, and exploit information are not provided in the supplied documents. Please monitor for updates from NVD and CVE databases.

CVE-2026-4827

creationtimestamp| type| source ---|---|--- 2026-05-12 04:05:34+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-schneider-electric-11 2026-05-12 14:20:40+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnybqzs6w2w 2026-05-12 15:35:50+00:00| seen|...

GO-2026-4827 NATS credentials are exposed in monitoring port via command-line argv in github.com/nats-io/nats-server

NATS credentials are exposed in monitoring port via command-line argv in github.com/nats-io/nats-server...

EUVD-2020-4827

Malware in sbrugna...

CVE-2022-4827

The WP Tiles WordPress plugin through 1.1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-4827

A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2025-4827

creationtimestamp| type| source ---|---|--- 2025-05-17 17:12:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpf22r5sza2h...

CVE-2025-4827

A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2025-4827

CVE-2025-4827 affects TOTOLINK A702R, A3002R and A3002RU (version 3.0.0-B20230809.1615). The vulnerability is in the HTTP POST Request Handler, specifically the /boafrm/formSaveConfig function where manipulating the submit-url parameter leads to a buffer overflow. It is exploitable remotely and e...

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated thi...

RHEL 8 : httpd:2.4 (RHSA-2024:4827)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4827 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Substitution...

SUSE: Security Advisory (SUSE-SU-2023:4827-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-4827 File Manager Pro < 1.8 - Remote Code Execution via CSRF

The File Manager Pro WordPress plugin before 1.8 does not properly check the CSRF nonce in the fsconnector AJAX action. This allows attackers to make highly privileged users perform unwanted file system actions via CSRF attacks by using GET requests, such as uploading a web shell...

CVE-2023-4827

CVE-2023-4827 concerns the WordPress plugin File Manager Pro (pre-1.8). The issue is an improper CSRF nonce check in the fs_connector AJAX action, allowing an attacker to trigger highly privileged file-system actions via CSRF using GET requests. Potential impact includes uploading a web shell and...

WordPress File Manager Pro Plugin < 1.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software File Manager Pro Type Plugin Vulnerable versions 1.8 Fixed in 1.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-4827 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID f857273165df Credits Dmitrii Ignatyev Required...

Oracle Linux 7 : docker-engine / docker-cli (ELSA-2019-4827)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4827 advisory. docker-engine 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 - update to 19.03 Tenable has extracted the preceding description block directly from the...

WordPress WP Tiles Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software WP Tiles Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4827 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 7153516c9060 Credits Lana Codes Required privile...

CVE-2022-4827

creationtimestamp| type| source ---|---|--- 2023-04-10 18:36:06+00:00| seen| https://t.me/cibsecurity/61764...

CVE-2022-4827

The WP Tiles WordPress plugin through 1.1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2022-4827

The WP Tiles WordPress plugin through 1.1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...