MINI-6QXR-4876-WP5P

Bulletin has no description...

CVE-2026-4876

creationtimestamp| type| source ---|---|--- 2026-03-26 17:57:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhy6jmeylm2s...

CVE-2026-4876 itsourcecode Free Hotel Reservation System index.php sql injection

A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/modamenities/index.php?view=editpic. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit i...

CVE-2012-4876

Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method...

CVE-2025-4876

creationtimestamp| type| source ---|---|--- 2025-05-19 16:38:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16870 2025-05-19 17:13:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpk2zblkrk2o 2025-05-19 17:18:49+00:00| seen|...

CVE-2025-4876 Hardcoded Key Revealed in ConnectWise Password Encryption Utility

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...

CVE-2025-4876

The CVE-2025-4876 issue affects ConnectWise Risk Assessment’s ConnectWise-Password-Encryption-Utility.exe. Root cause: hardcoded AES decryption key embedded in plaintext in the binary, with no dynamic key management. Impact: an attacker with reverse-engineering capability could obtain the key and...

CGA-4876-F9H5-3JMH

Bulletin has no description...

CVE-2024-4876 HT Mega – Absolute Addons For Elementor <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘popoverheadertext’ parameter in versions up to, and including, 2.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

CVE-2024-4876

CVE-2024-4876 refers to HT Mega – Absolute Addons For Elementor (WordPress). Connected Red Hat/Wordfence data confirm a Stored Cross-Site Scripting vulnerability due to insufficient input sanitization and output escaping in the popover_header_text parameter, affecting HT Mega versions up to 2.5.2...

WordPress HT Mega Plugin <= 2.5.2 is vulnerable to Cross Site Scripting (XSS)

Software HT Mega Type Plugin Vulnerable versions = 2.5.2 Fixed in 2.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4876 Patch priority Low CVSS severity Low 6.5 Developer HTMega PSID feb0aa615e6b Credits wesley wcraft Required privilege...

CVE-2023-4876 Exposure of Sensitive Information to an Unauthorized Actor in hamza417/inure

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository hamza417/inure prior to build92...

CVE-2023-4876

CVE-2023-4876 affects hamza417/inure (prior to build92). The root cause is improper validation of incoming intent.data in TTFViewerActivity, allowing content:// data to be opened via the app’s file provider and leading to exposure of sensitive files stored in external storage (e.g., Preferences.x...

CVE-2022-4876

creationtimestamp| type| source ---|---|--- 2023-01-05 02:18:28+00:00| seen| https://t.me/cibsecurity/55926...

CVE-2022-4876

Kaltura mwEmbed up to 2.96.rc1 is affected by a cross-site scripting vulnerability in the handling of the file includes/DefaultSettings.php via the HTTP_X_FORWARDED_HOST parameter. The attack may be initiated remotely. Upgrading to 2.96.rc2 addresses the issue (patch 13b8812ebc8c9fa034eed91ab35ba...

RHEL 8 : firefox (RHSA-2022:4876)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4876 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

CVE-2020-4876

creationtimestamp| type| source ---|---|--- 2022-01-21 20:13:25+00:00| seen| https://t.me/cibsecurity/36042...

CVE-2020-4876

CVE-2020-4876 is an XML External Entity Injection (XXE) vulnerability in IBM Cognos Controller 10.4.0–10.4.2 when processing XML data. A remote attacker could expose sensitive information or trigger resource consumption. Affected versions are 10.4.0, 10.4.1, and 10.4.2. IBM has addressed this thr...

Debian DSA-4876-1 : thunderbird - security update

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4876. The text itself ...

Debian: Security Advisory (DSA-4876-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...