CVE-2026-4876

creationtimestamp| type| source ---|---|--- 2026-03-26 17:57:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhy6jmeylm2s...

CVE-2026-4876 itsourcecode Free Hotel Reservation System index.php sql injection

A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...

CVE-2012-4876

Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method...

CVE-2025-4876

creationtimestamp| type| source ---|---|--- 2025-05-19 16:38:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16870 2025-05-19 17:13:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpk2zblkrk2o 2025-05-19 17:18:49+00:00| seen|...

CVE-2025-4876

The CVE-2025-4876 issue affects ConnectWise Risk Assessment’s ConnectWise-Password-Encryption-Utility.exe. Root cause: hardcoded AES decryption key embedded in plaintext in the binary, with no dynamic key management. Impact: an attacker with reverse-engineering capability could obtain the key and...

CVE-2025-4876 Hardcoded Key Revealed in ConnectWise Password Encryption Utility

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...

CGA-4876-F9H5-3JMH

Bulletin has no description...

CVE-2024-4876

CVE-2024-4876 refers to HT Mega – Absolute Addons For Elementor (WordPress). Connected Red Hat/Wordfence data confirm a Stored Cross-Site Scripting vulnerability due to insufficient input sanitization and output escaping in the popover_header_text parameter, affecting HT Mega versions up to 2.5.2...

CVE-2024-4876 HT Mega – Absolute Addons For Elementor <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘popoverheadertext’ parameter in versions up to, and including, 2.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

WordPress HT Mega Plugin <= 2.5.2 is vulnerable to Cross Site Scripting (XSS)

Software HT Mega Type Plugin Vulnerable versions = 2.5.2 Fixed in 2.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4876 Patch priority Low CVSS severity Low 6.5 Developer HTMega PSID feb0aa615e6b Credits wesley wcraft Required privilege...

CVE-2023-4876

CVE-2023-4876 affects hamza417/inure (prior to build92). The root cause is improper validation of incoming intent.data in TTFViewerActivity, allowing content:// data to be opened via the app’s file provider and leading to exposure of sensitive files stored in external storage (e.g., Preferences.x...

CVE-2023-4876 Exposure of Sensitive Information to an Unauthorized Actor in hamza417/inure

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository hamza417/inure prior to build92...

CVE-2022-4876

creationtimestamp| type| source ---|---|--- 2023-01-05 02:18:28+00:00| seen| https://t.me/cibsecurity/55926...

CVE-2022-4876

Kaltura mwEmbed up to 2.96.rc1 is affected by a cross-site scripting vulnerability in the handling of the file includes/DefaultSettings.php via the HTTP_X_FORWARDED_HOST parameter. The attack may be initiated remotely. Upgrading to 2.96.rc2 addresses the issue (patch 13b8812ebc8c9fa034eed91ab35ba...

RHEL 8 : firefox (RHSA-2022:4876)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4876 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

CVE-2020-4876

creationtimestamp| type| source ---|---|--- 2022-01-21 20:13:25+00:00| seen| https://t.me/cibsecurity/36042...

CVE-2020-4876

CVE-2020-4876 is an XML External Entity Injection (XXE) vulnerability in IBM Cognos Controller 10.4.0–10.4.2 when processing XML data. A remote attacker could expose sensitive information or trigger resource consumption. Affected versions are 10.4.0, 10.4.1, and 10.4.2. IBM has addressed this thr...

Debian DSA-4876-1 : thunderbird - security update

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4876. The text itself ...

Debian: Security Advisory (DSA-4876-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4876-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4876-1 advisory. Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free...