CVE-2025-4930

CVE-2025-4930 affects Campcodes Online Shopping Portal 1.0, specifically the file /my-cart.php where manipulating the billingaddress argument leads to a SQL injection. The vulnerability is exploitable remotely and has public disclosure; multiple sources classify it as severe (critical to high/med...

CVE-2025-4930 Campcodes Online Shopping Portal my-cart.php sql injection

A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0. Affected is an unknown function of the file /my-cart.php. The manipulation of the argument billingaddress leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-4930 SourceCodester Simple Online Bidding System sql injection

A vulnerability classified as critical was found in SourceCodester Simple Online Bidding System 1.0. This vulnerability affects unknown code of the file /simple-online-bidding-system/index.php?page=viewprod. The manipulation of the argument id leads to sql injection. The attack can be initiated...

CVE-2023-4930

creationtimestamp| type| source ---|---|--- 2023-11-07 00:26:05+00:00| seen| https://t.me/cibsecurity/73647...

CVE-2023-4930

CVE-2023-4930 affects the Front End PM WordPress plugin prior to 11.4.3. The vulnerability arises because the plugin does not block listing of directories where private-message attachments are stored, enabling unauthenticated users to list and download those attachments if the web server’s autoin...

CVE-2023-4930 Front End PM < 11.4.3 - Sensitive Data Exposure via Directory Listing

The Front End PM WordPress plugin before 11.4.3 does not block listing the contents of the directories where it stores attachments to private messages, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled...

CVE-2023-4930 Front End PM < 11.4.3 - Sensitive Data Exposure via Directory Listing

The Front End PM WordPress plugin before 11.4.3 does not block listing the contents of the directories where it stores attachments to private messages, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled...

CVE-2022-4930

creationtimestamp| type| source ---|---|--- 2023-03-06 18:12:55+00:00| seen| https://t.me/cibsecurity/59492 2025-09-16 00:46:16+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lyw3sfmficr2...

CVE-2022-4930

The CVE-2022-4930 entry concerns nuxsmin sysPass (up to version 3.2.4). The vulnerability is an XSS in the URL Handler that can be exploited remotely. The issue is tied to an unknown functionality, with manipulation leading to cross-site scripting. A fix is available in version 3.2.5, and the pat...

CVE-2022-4930 nuxsmin sysPass URL cross site scripting

A vulnerability classified as problematic was found in nuxsmin sysPass up to 3.2.4. Affected by this vulnerability is an unknown functionality of the component URL Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 3.2.5 is able to...

SUSE CVE-2012-3977

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4930. Reason: This candidate is a duplicate of CVE-2012-4930. Notes: All CVE users should reference CVE-2012-4930 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

Oracle Linux 7 : python-twisted-web (ELSA-2022-4930)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-4930 advisory. - Security fix for CVE-2022-24801: Possible http request smuggling Resolves: rhbz2073114 - Fix CVE-2020-10108 and CVE-2020-10109 multiple HTTP request smuggling...

Debian: Security Advisory (DSA-4930-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4930-1 : libwebp - security update

Multiple vulnerabilities were discovered in libwebp, the implementation of the WebP image format, which could result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed images are processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

SUSE: Security Advisory (SUSE-SU-2013:1450-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Samba vulnerability (USN-4930-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4930-1 advisory. Peter Eriksson discovered that Samba incorrectly handled certain negative idmap cache entries. This issue could result in certain users...

CVE-2019-4930

...

CVE-2019-4930

This CVE ID is rejected/not used and does not represent an active vulnerability entry.

Security Bulletin: IBM QRadar SIEM is vulnerable to shell command injection vulnerability in the admin panel. (CVE-2015-4930, CVE-2015-2016 )

Summary IBM QRadar SIEM is vulnerable to a shell command injection the in admin panel if logged in as an admin user. Vulnerability Details CVE-ID: CVE-2015-4930 Description: IBM QRadar could allow a user authenticated with admin access, to execute commands on the server as root. CVSS Base Score:8...

CVE-2018-4930

Adobe Experience Manager versions 6.3 and earlier have an exploitable Cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure...