MINI-7QV3-4938-G59X

Bulletin has no description...

CVE-2023-4938

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobebulkoperationsapplydefaultcombination function. This makes it possible for authenticated attackers subscriber or higher to manipulate...

CVE-2006-4938

help.php in Moodle before 1.6.2 does not check the existence of certain help files before including them, which might allow remote authenticated users to obtain the path in an error message...

CVE-2025-4938 PHPGurukul Employee Record Management System registererms.php sql injection

A vulnerability was found in PHPGurukul Employee Record Management System 1.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registererms.php. The manipulation of the argument Email leads to sql injection. The attack may be launched remotely. The...

CVE-2025-4938 PHPGurukul Employee Record Management System registererms.php sql injection

A vulnerability was found in PHPGurukul Employee Record Management System 1.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registererms.php. The manipulation of the argument Email leads to sql injection. The attack may be launched remotely. The...

CVE-2025-4938

CVE-2025-4938 affects PHPGurukul Employee Record Management System v1.3. The vulnerability is a SQL injection in the /registererms.php file via the Email parameter, which can be exploited remotely. Multiple connected sources confirm the issue and indicate no public patch/version details are provi...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 7 : httpd (RHSA-2024:4938)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4938 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Substitution...

CVE-2023-4938 BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobebulkoperationsapplydefaultcombination function. This makes it possible for authenticated attackers subscriber or higher to manipulate...

CVE-2023-4938

CVE-2023-4938 concerns the BEAR – Bulk Editor and Products Manager Professional for WooCommerce plugin for WordPress. Affected versions are up to and including 1.1.3.3, due to a missing capability check in the function woobe_bulkoperations_apply_default_combination, enabling authenticated users w...

WordPress BEAR Plugin <= 1.1.3.3 is vulnerable to Broken Access Control

Software BEAR Type Plugin Vulnerable versions = 1.1.3.3 Fixed in 1.1.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-4938 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 611080b0d2da Credits Marco Wotschka Required privilege...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-4938)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

Security Bulletin: Vulnerabilities in Websphere Liberty Profile (WLP) affect Power Management Console (CVE-2015-2017, CVE-2015-1927, CVE-2015-4938)

Summary Websphere liberty Profile is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-4938 DESCRIPTION: IBM WebSphere Application Server could allow a remote attacker to spoof a servlet. An attacker could exploit this...

Ubuntu 18.04 LTS / 20.04 LTS : Unbound vulnerabilities (USN-4938-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4938-1 advisory. It was discovered that Unbound contained multiple security issues. A remote attacker could possibly use these issues to cause a denial of...

CVE-2011-4938

creationtimestamp| type| source ---|---|--- 2020-02-12 00:37:06+00:00| seen| https://t.me/cibsecurity/9775...

CVE-2011-4938

CVE-2011-4938 affects Ariadne 2.7.6, with multiple XSS vulnerabilities that allow remote injection of arbitrary web script or HTML via PATH_INFO to index.php and loader.php. The vulnerability is caused by improper handling of PATH_INFO inputs, leading to script execution under the context of the ...

CVE-2019-4938

CVE-2019-4938 is rejected/not used and does not represent an active vulnerability entry.

CVE-2019-4938

...

Security Bulletin: A security vulnerability has been identified in IBM Business Process Manager and IBM HTTP Server shipped with IBM Cloud Orchestrator (CVE-2015-1932, CVE-2015-4938)

Summary A security vulnerability has been identified in IBM Business Process Manager and IBM HTTP Server shipped with IBM Cloud Orchestrator CVE-2015-1932, CVE-2015-4938. Vulnerability Details IBM Business Process Manager and IBM HTTP Server are shipped with IBM Cloud Orchestrator. CVEID:...

Security Bulletin: A security vulnerability has been identified in IBM Business Process Manager, IBM HTTP Server, IBM SmartCloud Cost Management and IBM Tivoli Monitoring shipped IBM Cloud Orchestrator Enterprise (CVE-2015-1932, CVE-2015-4938)

Summary A security vulnerability has been identified in IBM Business Process Manager, IBM HTTP Server, IBM SmartCloud Cost Management and IBM Tivoli Monitoring shipped IBM Cloud Orchestrator Enterprise Edition CVE-2015-1932, CVE-2015-4938. Vulnerability Details IBM Business Process Manager, IBM...