ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting

Multiple cross-site scripting vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the 1 subTab or 2 tab parameter to createAnomaly.do; 3 url, 4 subTab, or 5 tab parameter to mindex.do; 6 tab parameter to index2.do; or 7 port...

MINI-4889-XR43-J783

Bulletin has no description...

MINI-4889-RR9V-W4Q8

Bulletin has no description...

MINI-4889-XWX5-P57G

Bulletin has no description...

CVE-2010-4889

Unspecified vulnerability in the Tiny Market hmtinymarket extension 0.5.4 and earlier for TYPO3 allows attackers to execute arbitrary code via unknown vectors...

CVE-2025-4889

creationtimestamp| type| source ---|---|--- 2025-05-18 19:04:17+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16770 2025-05-18 19:24:25+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lphrv6vq2ie2 2025-05-18...

CVE-2025-4889 code-projects Tourism Management System User Registration AddUser buffer overflow

A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to buffer overflow. Local access is required to...

CVE-2025-4889 code-projects Tourism Management System User Registration AddUser buffer overflow

A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to buffer overflow. Local access is required to...

CVE-2024-4889

CVE-2024-4889 affects berriai/litellm 1.34.6. The issue stems from unvalidated input in the secret management system’s eval function. When Google KMS is configured, an attacker can set UI_LOGO_PATH to a remote server in get_image, allowing writes to a malicious Google KMS configuration file at ca...

CVE-2024-4889 Code Injection in berriai/litellm

A code injection vulnerability exists in the berriai/litellm application, version 1.34.6, due to the use of unvalidated input in the eval function within the secret management system. This vulnerability requires a valid Google KMS configuration file to be exploitable. Specifically, by setting the...

CGA-4889-FCH9-FH44

Bulletin has no description...

CVE-2023-4889

CVE-2023-4889 (Shareaholic for WordPress) is a stored cross-site scripting vulnerability in the Shareaholic plugin for WordPress, exploitable via the shortcodes attribute handling. The description from CVE sources indicates the issue arises from insufficient input sanitization and output escaping...

CVE-2022-4889

A vulnerability classified as critical was found in visegripped Stracker. Affected by this vulnerability is the function getHistory of the file docroot/publichtml/stracker/api.php. The manipulation of the argument symbol/startDate/endDate leads to sql injection. The identifier of the patch is...

CVE-2022-4889

CVE-2022-4889 affects visegripped Stracker, specifically the getHistory function in doc_root/public_html/stracker/api.php. The vulnerability arises from manipulation of the symbol, startDate, and endDate parameters, enabling SQL injection. The patch identifier is 63e1b040373ee5b6c7d1e165ecf5ae160...

CVE-2022-4889 visegripped Stracker api.php getHistory sql injection

A vulnerability classified as critical was found in visegripped Stracker. Affected by this vulnerability is the function getHistory of the file docroot/publichtml/stracker/api.php. The manipulation of the argument symbol/startDate/endDate leads to sql injection. The identifier of the patch is...

Ubuntu: Security Advisory (USN-4889-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : thunderbird (RHSA-2022:4889)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4889 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Security Fixes: Mozilla:...

CVE-2020-4889

creationtimestamp| type| source ---|---|--- 2021-01-26 18:36:09+00:00| seen| https://t.me/cibsecurity/22574...

CVE-2020-4889

IBM Spectrum Scale is affected by CVE-2020-4889. A local attacker could poison command log files via the log-casting vulnerability in IBM Spectrum Scale 5.0.0–5.0.5.4 and 5.1.0, per IBM’s security bulletin. Impact is described as enabling log poisoning that could affect support and development ef...

Security Bulletin: A vulnerability in IBM Spectrum Scale allows to inject malicious content into command log files (CVE-2020-4889)

Summary A security vulnerability has been identified in all levels of IBM Spectrum Scale FAL that could allow a local attacker to inject malicious content into command log files. A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-4889 DESCRIPTION: IBM Spectrum Scale...