CVE-2026-4839

creationtimestamp| type| source ---|---|--- 2026-03-26 06:38:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhwykk52b62i...

CVE-2026-4839

SourceCodester Food Ordering System 1.0 contains a SQL injection in the Parameter Handler within /purchase.php, triggered by manipulating the custom parameter. Affected component: unknown function in /purchase.php; root cause is improper handling of the custom argument leading to SQL injection. T...

CVE-2025-4839

A vulnerability has been found in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /paicoding-core/src/main/java/com/github/paicoding/forum/core/util/CrossUtil.java. The manipulation leads to permissiv...

CVE-2025-4839

creationtimestamp| type| source ---|---|--- 2025-05-18 00:39:59+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpfszq7t67n2 2025-05-18 01:13:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpfuvpqax22t 2025-05-19...

CVE-2025-4839

CVE-2025-4839 affects itwanger paicoding versions 1.0.0–1.0.3. Affects CrossUtil.java in the paicoding-core path, enabling a permissive cross-domain policy with untrusted domains. Vectors: remote exploitation with rather high complexity; exploitation described as difficult but publicly disclosed....

CVE-2025-4839 itwanger paicoding CrossUtil.java cross-domain policy

A vulnerability has been found in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /paicoding-core/src/main/java/com/github/paicoding/forum/core/util/CrossUtil.java. The manipulation leads to permissiv...

CVE-2024-4839 CSRF in Servers Configurations in parisneo/lollms-webui

A Cross-Site Request Forgery CSRF vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service under construction, XTTS service, Petals service, vLLM service, and Motion Ctrl service,...

CVE-2024-4839 CSRF in Servers Configurations in parisneo/lollms-webui

A Cross-Site Request Forgery CSRF vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service under construction, XTTS service, Petals service, vLLM service, and Motion Ctrl service,...

CVE-2023-4839

creationtimestamp| type| source ---|---|--- 2024-03-13 03:26:58+00:00| seen| https://t.me/ctinow/206356 2024-03-13 03:27:00+00:00| seen| https://t.me/ctinow/206358 2025-02-14 10:03:08+00:00| seen| Telegram/od5o4I5TB6aBkP31Rl0rKpjZONubQKglZirxSK589mrBi...

CVE-2023-4839

CVE-2023-4839 summary (WP Go Maps for WordPress) The WP Go Maps (WP Google Maps) plugin is affected by a Stored XSS in admin settings, present in versions up to and including 9.0.32. The vulnerability stems from insufficient input sanitization and output escaping, enabling an authenticated attack...

Ubuntu 16.04 ESM : python-gnupg vulnerabilities (USN-4839-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4839-1 advisory. Marcus Brinkmann discovered that python-gnupg improperly handled certain command line parameters. A remote attacker could use this to spoof the output of...

CVE-2022-4839

creationtimestamp| type| source ---|---|--- 2022-12-29 20:13:17+00:00| seen| https://t.me/cibsecurity/55530...

CVE-2022-4839 Cross-site Scripting (XSS) - Stored in usememos/memos

Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...

CVE-2022-4839 Cross-site Scripting (XSS) - Stored in usememos/memos

Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...

CVE-2022-4839

CVE-2022-4839 is a stored Cross-site Scripting (XSS) vulnerability in the open-source project usememos/memos , affecting versions prior to 0.9.1. The issue allows injected scripts to run in a victim’s browser when interacting with the affected memos UI. Reported CVSS vectors indicate a MEDIUM (NV...

Security Bulletin: Mitigations are being announced to address CVE-2020-4839 and CVE-2021-29695

Summary IBM products 8335-GCA, 8335-GTA, and 8335-GTB have identified security vulnerabilities. Vulnerability Details CVEID:CVE-2020-4839 DESCRIPTION: IBM Host firmware for LC-class Systems is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A remote privileged...

RHEL 8 : mailman:2.1 (RHSA-2021:4839)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4839 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks...

CVE-2020-4839

CVE-2020-4839 affects IBM Host firmware for LC-class Systems (e.g., OP820 on 8335-GCA/GTA/GTB). The vulnerability is a stack-based buffer overflow caused by improper bounds checking, enabling a remote privileged attacker to cause a denial of service. Affected product details and CVSS scoring are ...

Debian DSA-4839-1 : sudo - security update

The Qualys Research Labs discovered a heap-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users. Any local user sudoers and non-sudoers can exploit this flaw for root privilege escalation. %NASLMINLEVEL 70300 C Tenable Network...

CVE-2019-4839

CVE-2019-4839 entry is rejected/not used and does not represent an active vulnerability.