CVE-2026-4835

creationtimestamp| type| source ---|---|--- 2026-03-26 06:28:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhwxynbsxv27...

CVE-2026-4835

The CVE covers code-projects Accounting System 1.0, where the argument costumer_name in /my_account/add_costumer.php can be manipulated to trigger cross-site scripting in the Web Application Interface. The vulnerability is exploitable remotely and the exploit is public. Impact is limited to low i...

CGA-4835-J9J7-3PXC

Bulletin has no description...

MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.91-2.6.2.1.0.1.el7.AXS7 (AXSA:2015-517:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-517:02 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2015-4734 RESERVED This candidate has been reserved by an organization ...

CVE-2022-4835

The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2025-4835

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument...

CVE-2025-4835

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument...

CVE-2025-4835

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument...

CVE-2025-4835 TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formWlanRedirect buffer overflow

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument...

CVE-2025-4835 TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formWlanRedirect buffer overflow

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument...

Linux Distros Unpatched Vulnerability : CVE-2015-4835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and...

CGA-4835-68MX-7G8J

Bulletin has no description...

RHEL 6 : java-1.5.0-ibm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - OpenJDK: inefficient use of hash tables and lists during XML parsing JAXP, 8068842 CVE-2015-4803 - OpenJD...

CVE-2024-4835

creationtimestamp| type| source ---|---|--- 2024-05-23 19:33:10+00:00| seen| https://t.me/HackingInsights/845 2024-05-26 10:25:43+00:00| seen| https://t.me/cyberbannewsir/12080 2024-05-27 07:08:42+00:00| seen| https://t.me/HackingInsights/968 2024-05-27 14:30:44+00:00| seen|...

CVE-2024-4835 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

A XSS condition exists within GitLab in versions 15.11 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. By leveraging this condition, an attacker can craft a malicious page to exfiltrate sensitive user information...

CVE-2024-4835

CVE-2024-4835 is a cross-site scripting (XSS) vulnerability in GitLab affected in versions 15.11 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. The root cause is improper neutralization of input during web page generation, enabling an attacker-controlled page to exfiltrate sensitiv...

CVE-2024-4835 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

A XSS condition exists within GitLab in versions 15.11 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. By leveraging this condition, an attacker can craft a malicious page to exfiltrate sensitive user information...

GitLab 15.11 < 16.10.6 / 16.11 < 16.11.3 / 17.0 < 17.0.1 (CVE-2024-4835)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A XSS condition exists within GitLab in versions 15.11 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. By leveraging this condition, an attacker can craft a malicious page to exfiltrate...

Ubuntu 18.04 ESM : VCFtools vulnerabilities (USN-4835-1)

The remote Ubuntu 18.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4835-1 advisory. It was discovered that VCFtools improperly handled certain input. If a user were tricked into opening a crafted input file, VCFtools could be made to cra...

CVE-2023-4835

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CF Software Oil Management Software allows SQL Injection. This issue affects Oil Management Software: before 20230912...