CVE-2023-4870

A vulnerability classified as problematic has been found in SourceCodester Contact Manager App 1.0. This affects an unknown part of the file index.php of the component Contact Information Handler. The manipulation of the argument contactID with the input " leads to cross site scripting. It is...

CVE-2025-4870

A vulnerability classified as critical was found in itsourcecode Restaurant Management System 1.0. This vulnerability affects unknown code of the file /admin/menusave.php. The manipulation of the argument menu leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-4870 itsourcecode Restaurant Management System menu_save.php sql injection

A vulnerability classified as critical was found in itsourcecode Restaurant Management System 1.0. This vulnerability affects unknown code of the file /admin/menusave.php. The manipulation of the argument menu leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-4870 itsourcecode Restaurant Management System menu_save.php sql injection

A vulnerability classified as critical was found in itsourcecode Restaurant Management System 1.0. This vulnerability affects unknown code of the file /admin/menusave.php. The manipulation of the argument menu leads to sql injection. The attack can be initiated remotely. The exploit has been...

Linux Distros Unpatched Vulnerability : CVE-2015-4870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknow...

CVE-2024-4870

The Frontend Registration – Contact Form 7 plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1 due to insufficient restriction on the 'cf7frr' post meta. This makes it possible for authenticated attackers, with editor-level access and above, to modify...

CVE-2024-4870 Frontend Registration – Contact Form 7 <= 5.1 - Authenticated (Editor+) Privilege Escalation

The Frontend Registration – Contact Form 7 plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1 due to insufficient restriction on the 'cf7frr' post meta. This makes it possible for authenticated attackers, with editor-level access and above, to modify...

CVE-2024-4870

CVE-2024-4870 affects the WordPress plugin Frontend Registration – Contact Form 7. The vulnerability arises from insufficient restriction on the cf7frr post meta, in versions up to and including 5.1, enabling authenticated attackers with editor-level access and higher to modify the default user r...

WordPress Frontend Registration – Contact Form 7 Plugin <= 5.1 is vulnerable to Privilege Escalation

Software Frontend Registration – Contact Form 7 Type Plugin Vulnerable versions = 5.1 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Privilege Escalation CVE CVE-2024-4870 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID e2e71615ce5d Credits István Márto...

RHEL 6 / 7 : rh-mariadb100-mariadb (RHSA-2016:1132)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1132 advisory. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaD...

Ubuntu 18.04 ESM : Bundler vulnerability (USN-4870-1)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4870-1 advisory. It was discovered that Bundler incorrectly created directories with insecure permissions in /tmp. An attacker could write malicious libraries to this location for...

CVE-2023-4870

A vulnerability classified as problematic has been found in SourceCodester Contact Manager App 1.0. This affects an unknown part of the file index.php of the component Contact Information Handler. The manipulation of the argument contactID with the input "alert1 leads to cross site scripting. It ...

CVE-2023-4870

SourceCodester Contact Manager App 1.0 has a cross-site scripting vulnerability in the index.php component (Contact Information Handler). The issue arises from manipulating the contactID argument (example payload: "&gt;) and is exploitable remotely. Multiple connected sources confirm the vulnerab...

Oracle Linux 5 : dovecot (ELSA-2009-0205)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2009-0205 advisory. - Resolves: 436287, CVE-2008-4870 - Resolves: 469015, CVE-2008-4577 Tenable has extracted the preceding description block directly from the Oracle Linu...

CVE-2022-4870

In affected versions of Octopus Deploy it is possible to discover network details via error message...

CVE-2022-4870

CVE-2022-4870 affects Octopus Deploy; the issue is information disclosure via error messages that reveal network details. The provided documents confirm the vulnerability is tied to Octopus Deploy and involve disclosure of network information through error output. Exploitation status is not detai...

CVE-2022-4870

In affected versions of Octopus Deploy it is possible to discover network details via error message...

SUSE CVE-2015-4870

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser...

CentOS 7 : firefox (RHSA-2022:4870)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4870 advisory. - A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird 91.1...

RHEL 7 : firefox (RHSA-2022:4870)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4870 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...