CVE-2006-4937

lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display EWARNING messages to users even if debugging is disabled, which might allow remote authenticated users to obtain sensitive information by triggering the messages...

CVE-2025-4937

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be...

CVE-2025-4937

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be...

CVE-2025-4937 SourceCodester Apartment Visitor Management System profile.php sql injection

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be...

CVE-2025-4937 SourceCodester Apartment Visitor Management System profile.php sql injection

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be...

CVE-2023-4937

creationtimestamp| type| source ---|---|--- 2023-10-20 12:35:02+00:00| seen| https://t.me/cibsecurity/72646...

CVE-2023-4937 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3. This is due to missing or incorrect nonce validation on the woobebulkoperationsapplydefaultcombination function. This makes it possible for unauthenticated attackers to manipulate product...

CVE-2023-4937

CVE-2023-4937 relates to BEAR – Bulk Editor and Products Manager Professional for WooCommerce (WordPress plugin). The Red Hat entry mirrors the vulnerability: CSRF in BEAR up to version 1.1.3.3 caused by missing or incorrect nonce validation in the function woobe_bulkoperations_apply_default_comb...

WordPress WCFM – Frontend Manager for WooCommerce Plugin 6.6.0 is vulnerable to Broken Access Control

Software WCFM – Frontend Manager for WooCommerce Type Plugin Vulnerable versions 6.6.0 Fixed in 6.6.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4937 Patch priority High CVSS severity High 6.3 Developer Claim ownership PSID 5a74a2e3561b Credits Chloe...

CVE-2022-4937

CVE-2022-4937 affects the WCFM Frontend Manager plugin for WordPress. The root cause is missing capability checks on numerous AJAX actions, enabling authenticated users with minimal privileges (e.g., subscribers) to modify data across knowledge bases, notices, payments, vendors, and more. The iss...

Debian: Security Advisory (DSA-4937-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS / 20.04 LTS : GNOME Autoar regression (USN-4937-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4937-2 advisory. USN-4937-1 fixed a vulnerability in GNOME Autoar. The update caused a regression when extracting certain archives. This update fixes the problem...

Ubuntu 18.04 LTS / 20.04 LTS : GNOME Autoar vulnerability (USN-4937-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4937-1 advisory. Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially...

CVE-2020-4937

The CVE-2020-4937 issue affects IBM Sterling B2B Integrator Standard Edition, versions 5.2.0.0 through 6.0.3.2, where weaker than expected cryptographic algorithms could allow an attacker to decrypt highly sensitive data. The IBM security bulletin (IBM Map Editor/Map Tester context) lists affecte...

Security Bulletin: Cryptographic Vulnerability Affects Map Editor in IBM Sterling B2B Integrator (CVE-2020-4937)

Summary IBM Sterling B2B Integrator has addressed a weak cryptographic algorithm vulnerability in the Map Tester of the Map Editor. Vulnerability Details CVEID: CVE-2020-4937 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition uses weaker than expected cryptographic algorithms that could...

CVE-2011-4937

Joomla! 1.7.1 has core information disclosure due to inadequate error checking...

CVE-2011-4937

CVE-2011-4937 affects Joomla! 1.7.1 core code, causing information disclosure due to inadequate error checking. The vulnerability exposes partial confidentiality without evident exploitation details in the provided docs. References consistently describe core information disclosure in Joomla! 1.7....

CVE-2019-4937

CVE-2019-4937 is rejected/not used and does not represent an active vulnerability entry.

CVE-2019-4937

...

CVE-2018-4937

CVE-2018-4937 affects Adobe Flash Player prior to 29.0.0.140 (APSB18-08). The issue is an exploitable out-of-bounds write that could lead to arbitrary code execution in the context of the current user. Affected versions include 29.0.0.113 and earlier; remediation is upgrading to 29.0.0.140 or new...