44 matches found
CVE-2026-4857
creationtimestamp| type| source ---|---|--- 2026-04-15 23:25:44+00:00| published-proof-of-concept| Telegram/M6EVzZe60-ZK2hxHMbXVzi0icuKFKnAtI2GiQ0rZVKguBtE 2026-04-15 23:26:09+00:00| seen| Telegram/uDqb5UNOJD19g19jmJKdnJBBrEUml8WxLQrnFn708j03zpg...
MINI-86JC-WJ8F-4857
Bulletin has no description...
WordPress Newsletters plugin <= 4.9.9.9 - Authenticated (Administrator+) Local File Inclusion vulnerability
Authenticated Administrator+ Local File Inclusion vulnerability discovered by m3ssap0 in WordPress Plugin Newsletters versions = 4.9.9.9...
CVE-2025-4857 Newsletters <= 4.9.9.9 - Authenticated (Administrator+) Local File Inclusion
The Newsletters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.9.9.9 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary files on the server,...
CVE-2025-4857 Newsletters <= 4.9.9.9 - Authenticated (Administrator+) Local File Inclusion
The Newsletters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.9.9.9 via the 'file' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary files on the server,...
CVE-2024-4857
creationtimestamp| type| source ---|---|--- 2025-03-28 20:28:56+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9455...
CVE-2024-4857
CVE-2024-4857 affects the WordPress plugin “FS Product Inquiry” for versions up to 1.1.1, where user input in form submissions is not sanitized/escaped, enabling unauthenticated Stored XSS. Affected product: FS Product Inquiry WordPress plugin
CVE-2024-4857 FS Product Inquiry <= 1.1.1 - Unauthenticated Stored XSS
The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape some form submissions, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks...
CVE-2024-4857 FS Product Inquiry <= 1.1.1 - Unauthenticated Stored XSS
The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape some form submissions, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks...
CVE-2022-4857
creationtimestamp| type| source ---|---|--- 2023-03-01 23:30:14+00:00| seen| https://t.me/cibsecurity/55545 2025-04-09 15:47:34+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11089...
CVE-2022-4857
A vulnerability was found in Modbus Tools Modbus Poll up to 9.10.0 and classified as critical. Affected by this issue is some unknown functionality of the file mbpoll.exe of the component mbp File Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit...
CVE-2022-4857
CVE-2022-4857 affects Modbus Tools Modbus Poll (mbpoll.exe) in the mbp File Handler, with versions up to 9.10.0. The vulnerability is a buffer overflow in an unknown function of mbpoll.exe, which could be exploited remotely and was disclosed publicly. Connected documents consistently state the is...
RHEL 8 : postgresql:13 (RHSA-2022:4857)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4857 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version:...
Debian DSA-4857-1 : bind9 - security update
A buffer overflow vulnerability was discovered in the SPNEGO implementation affecting the GSSAPI security policy negotiation in BIND, a DNS server implementation, which could result in denial of service daemon crash, or potentially the execution of arbitrary code. C Tenable Network Security, Inc...
CVE-2019-4857
CVE-2019-4857 is rejected/not used; this CVE entry does not represent an active vulnerability.
CVE-2019-4857
...
CVE-2013-4857
D-Link DIR-865L has PHP File Inclusion in the router xml file...
CVE-2013-4857
CVE-2013-4857 affects the D-Link DIR-865L router with a PHP File Inclusion vulnerability in the device’s XML/config handling. Affected component: router XML/file processing; root cause described as PHP File Inclusion in the router XML file. Impact as per sources: potential disclosure/integrity ri...
CVE-2018-4857
...
CVE-2018-4857
This CVE-2018-4857 entry is rejected and not an active vulnerability entry.