CVE-2007-4936

Unspecified vulnerability in Office Efficiencies SafeSquid 4.1.x has unknown impact and attack vectors, related to a "serious security flaw," possibly specific to Linux...

CVE-2025-4936

A vulnerability was found in projectworlds Online Food Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin-page.php. The manipulation of the argument 1price leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

CVE-2025-4936

A vulnerability was found in projectworlds Online Food Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin-page.php. The manipulation of the argument 1price leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

CVE-2025-4936

creationtimestamp| type| source ---|---|--- 2025-05-19 14:38:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16849...

CVE-2025-4936

CVE-2025-4936 affects the Projectworlds Online Food Ordering System v1.0. Affected component: the function in the file /admin-page.php where the argument 1_price can be manipulated, leading to an SQL injection . It is exploitable remotely and the exploit has been disclosed publicly. Connected sou...

CVE-2025-4936 projectworlds Online Food Ordering System admin-page.php sql injection

A vulnerability was found in projectworlds Online Food Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin-page.php. The manipulation of the argument 1price leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

CVE-2025-4936 projectworlds Online Food Ordering System admin-page.php sql injection

A vulnerability was found in projectworlds Online Food Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin-page.php. The manipulation of the argument 1price leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

CVE-2024-4936 Canto <= 3.0.8 - Unauthenticated Remote File Inclusion

The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath parameter. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. This required allowurlinclude to be...

CVE-2024-4936 Canto <= 3.0.8 - Unauthenticated Remote File Inclusion

The Canto plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 3.0.8 via the abspath parameter. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. This required allowurlinclude to be...

WordPress Canto Plugin <= 3.0.8 is vulnerable to Local File Inclusion

Software Canto Type Plugin Vulnerable versions = 3.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-4936 Patch priority Low CVSS severity Low 9.8 Developer Claim ownership PSID becb06bae3de Credits Sushi Com Abacate Required privilege Unauthenticated...

CVE-2023-4936

creationtimestamp| type| source ---|---|--- 2023-10-11 20:17:54+00:00| seen| https://t.me/cibsecurity/72124...

CVE-2023-4936

It is possible to sideload a compromised DLL during the installation at elevated privilege...

CVE-2023-4936

CVE-2023-4936 affects Synaptics DisplayLink graphics via a dynamic library sideloading vulnerability. The issue enables loading a compromised DLL during installation with elevated privileges, constituting a local privilege escalation. According to NVD, the CVSS 3.1 vector is AV:L/AC:H/PR:L/UI:R/S...

CVE-2023-4936 Synaptics-DisplayLink-privilege escalation vulnerability via a dynamic library sideloading

It is possible to sideload a compromised DLL during the installation at elevated privilege...

CVE-2023-4936 Synaptics-DisplayLink-privilege escalation vulnerability via a dynamic library sideloading

It is possible to sideload a compromised DLL during the installation at elevated privilege...

WordPress WCFM Marketplace Plugin <= 3.4.12 is vulnerable to Cross Site Request Forgery (CSRF)

Software WCFM Marketplace Type Plugin Vulnerable versions = 3.4.12 Fixed in 3.5.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-4936 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 13c6dc4f50f8 Credits Chloe Chamberland...

Ubuntu: Security Advisory (USN-4936-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS : Thunderbird vulnerabilities (USN-4936-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4936-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attack...

CVE-2019-4936

CVE-2019-4936 entry is rejected/not used and does not represent an active vulnerability entry.

CVE-2019-4936

...