MINI-4957-WRR9-5FFJ

Bulletin has no description...

CVE-2025-4957

creationtimestamp| type| source ---|---|--- 2025-10-09 13:29:39+00:00| seen| https://bsky.app/profile/undercode.bsky.social/post/3m2rb7iqq7r2o...

CVE-2025-4957

The CVE-2025-4957 entry concerns the WordPress ProfileGrid plugin (versions up to and including 5.9.5.7). The issue is a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Exploitation could allow injected scripts to run in a use...

CVE-2022-4957

A vulnerability was found in librespeed speedtest up to 5.2.4. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file results/stats.php. The manipulation of the argument id leads to cross site scripting. The attack can be launched remotely...

CVE-2012-4957

Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record...

CentOS 7 : java-1.7.1-ibm (RHSA-2022:4957)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4957 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected ar...

Adobe Reader < 2015.006.30418 / 2017.011.30080 / 2018.011.20040 Multiple Vulnerabilities (APSB18-09) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30418, 2017.011.30080, or 2018.011.20040. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and...

NFR Agent SRS Record Arbitrary Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent SRS Record Arbitrary Remote File Access', 'Description' = %q NFRAgent.exe, a component of Novell File Reporter NFR, allows remote...

CVE-2024-4957

CVE-2024-4957 affects the Frontend Checklist WordPress plugin (versions ≤ 2.3.2). The issue is a stored XSS due to incomplete sanitisation/escaping of certain plugin settings, enabling high-privilege users (e.g., Administrators) to inject script even when unfiltered_html is disallowed (such as on...

CVE-2024-4957 Frontend Checklist <= 2.3.2 - Admin+ Stored XSS

The Frontend Checklist WordPress plugin through 2.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-4957 Frontend Checklist <= 2.3.2 - Admin+ Stored XSS

The Frontend Checklist WordPress plugin through 2.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Frontend Checklist Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Frontend Checklist Type Plugin Vulnerable versions = 2.3.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4957 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 6503560b6c7b Credits Felipe Caon Required...

CGA-RCQM-4957-WHGV

Bulletin has no description...

Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d Authentication Bypass Using an Alternate Path or Channel (CVE-2023-4957)

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the...

GHSA-4957-7VHP-7V59

creationtimestamp| type| source ---|---|--- 2024-01-28 09:39:40+00:00| seen| https://t.me/arpsyndicate/3259...

openSUSE 15 Security Update : libcryptopp (SUSE-SU-2023:4957-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:4957-1 advisory. - gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, ...

CVE-2023-4957

creationtimestamp| type| source ---|---|--- 2023-10-11 18:23:58+00:00| seen| https://t.me/cibsecurity/72106...

CVE-2023-4957 Authentication Bypass on Zebra ZTC

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the...

CVE-2023-4957

CVE-2023-4957 affects Zebra Technologies ZTC industrial printers (ZT410) and GK420d desktop models. A authentication-bypass flaw allows an attacker on the same network to alter web-page credentials by sending a crafted POST to setvarsResults.cgi when the printer’s protected mode is disabled. Repo...

RHEL 8 : firefox (RHSA-2023:4957)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4957 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...