CVE-2026-4960

creationtimestamp| type| source ---|---|--- 2026-03-27 19:19:24+00:00| seen| Telegram/oT6t4NRMpgoX3zBs2D6gNNWCx9cAFlVoBXSXqbTX6Ejwqdk 2026-03-27 19:31:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mi2ua5mv4z2s 2026-03-27 19:35:15+00:00| seen|...

CVE-2025-4960

creationtimestamp| type| source ---|---|--- 2026-02-19 17:16:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfa3vnv4sk2x 2026-02-19 23:20:14+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfaq7ysctt2w...

Epson Web Installer for Mac vulnerable to missing authentication for critical function

Overview Epson Web Installer for Mac provided by SEIKO EPSON CORPORATION contains a missing authentication for critical function vulnerability. Epson Web Installer for Mac provided by SEIKO EPSON CORPORATION is used to install drivers for SEIKO EPSON's products. It contains "helper tool" and...

CVE-2022-4960

A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites-web 1.3.0. Affected by this issue is some unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2011-4960

SQL injection vulnerability in the Folder::findOrMake method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

Adobe Reader < 2015.006.30418 / 2017.011.30080 / 2018.011.20040 Multiple Vulnerabilities (APSB18-09) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30418, 2017.011.30080, or 2018.011.20040. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and...

CVE-2024-4960 D-Link DAR-7000-40 licenseauthorization.php unrestricted upload

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as critical has been found in D-Link DAR-7000-40 V31R02B1413C. Affected is an unknown function of the file interface/sysmanage/licenseauthorization.php. The manipulation of the argument fileupload leads to unrestricted upload. It is possible to...

CVE-2022-4960

creationtimestamp| type| source ---|---|--- 2024-01-12 04:21:30+00:00| seen| https://t.me/ctinow/167053 2024-01-28 09:26:59+00:00| seen| https://t.me/ctinow/174869...

CVE-2022-4960

In cloudfavorites Favorites-Web 1.3.0, the Nickname Handler component is reported to be vulnerable to cross-site scripting. The issue is described as a remote, potentially exploitable vulnerability affecting unknown functionality of Nickname Handler, with public disclosure of the exploit. Multipl...

CVE-2022-4960 cloudfavorites favorites-web Nickname cross site scripting

A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites-web 1.3.0. Affected by this issue is some unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2023-4960 WCFM Marketplace <= 3.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WCFM Marketplace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wcfmstores' shortcode in versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

WordPress WCFM Marketplace Plugin <= 3.6.2 is vulnerable to Cross Site Scripting (XSS)

Software WCFM Marketplace Type Plugin Vulnerable versions = 3.6.2 Fixed in 3.6.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4960 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0283a85d23db Credits István Márton Required...

org.cloudfoundry.identity:cloudfoundry-identity-api (=3.10.0), org.cloudfoundry.identity:cloudfoundry-identity-app (=3.10.0) +1 more potentially affected by CVE-2017-4960 via org.cloudfoundry.identity:cloudfoundry-identity-server (=3.10.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.cloudfoundry.identity:cloudfoundry-identity-server and may be impacted: - org.cloudfoundry.identity:cloudfoundry-identity-a...

Security Bulletin: GDS component of IBM InfoSphere Master Data Management Collaborative Edition affected by various security vulnerabilities (CVE-2015-4960, CVE-2015-4958, CVE-2015-7414)

Summary GDS component of IBM InfoSphere Master Data Management - Collaborative Edition is vulnerable to Cross-Site Scripting, Caching of HTTP response and Click-Jacking vulnerabilities. Vulnerability Details CVEID: CVE-2015-4960 DESCRIPTION: IBM InfoSphere Master Data Management - Collaborative...

Debian DSA-4960-1 : haproxy - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4960 advisory. - An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI hav...

Ubuntu: Security Advisory (USN-4960-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS / 20.04 LTS : runC vulnerability (USN-4960-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4960-1 advisory. Etienne Champetier discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount the host...

CVE-2019-4960

...

Joomla YoutubeGallery 4.5.8 Database Disclosure / SQL Injection

Exploit Title : Joomla YoutubeGallery Components 4.5.8 Database Disclosure and SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 18/01/2019 Vendor Homepage : joomlaboat.com Software Information Links : extensions.joomla.org/extension/youtube-gallery/...

CVE-2018-4960

CVE-2018-4960 involves an Out-of-bounds read in Adobe Acrobat and Reader. Affected products include Adobe Acrobat/Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier. Successful exploitation could lead to information disclosure. The Connected doc...