Automated Logic WebCTRL Incorrect Authorization (CVE-2024-5539)

CWE-863 Incorrect Authorization vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. The system fails to perform adequate authorization checks, allowing an actor to perform actions or access resources without proper entitlement, leading to...

Vertiv Liebert SiteScan Incorrect Authorization (CVE-2024-5539)

CWE-863 Incorrect Authorization vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. The system fails to perform adequate authorization checks, allowing an actor to perform actions or access resources without proper entitlement, leading to...

MINI-JC4C-5539-GHWX

Bulletin has no description...

CVE-2026-5539

A flaw has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /modifymember.php of the component Parameter Handler. This manipulation of the argument firstName causes cross site scripting. The attack can be initiated remotely. The exploit has been...

CVE-2026-5539

creationtimestamp| type| source ---|---|--- 2026-04-05 04:41:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mipwodhauf2j...

CVE-2026-20425

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539...

CVE-2026-20425

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539...

CVE-2026-20425

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539...

EUVD-2026-9153

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539...

PT-2026-22553

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539...

CVE-2024-5539

creationtimestamp| type| source ---|---|--- 2025-11-27 01:43:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6lam3aqps2s 2025-11-27 10:15:14+00:00| seen| https://bsky.app/profile/basefortify.bsky.social/post/3m6m56opcns2d...

CVE-2024-5539

The Access Control Bypass vulnerability found in ALC WebCTRL and Carrier i-Vu in versions up to and including 8.5 allows a malicious actor to bypass intended access restrictions and expose sensitive information via the web based building automation server...

WordPress Best Contact Management Software plugin <= 4.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin WP Easy Contact versions = 4.0.0...

CVE-2020-5539

GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and then alter or disclose the information via unspecified vectors...

CVE-2013-5539

The upload-dialog implementation in Cisco Identity Services Engine ISE allows remote authenticated users to upload files with an arbitrary file type, and consequently conduct attacks against unspecified other systems, via a crafted file, aka Bug ID CSCui67511...

CVE-2019-5539

VMware Workstation 15.x prior to 15.5.1 and Horizon View Agent 7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4 contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to...

CVE-2012-5539

The Organic Groups OG module 7.x-1.x before 7.x-1.5 for Drupal does not properly maintain pending group memberships, which allows remote authenticated users to post to arbitrary groups by modifying their own account while a pending membership is waiting to be approved...

CVE-2023-5539

A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers...

CVE-2023-5539

A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers...

CVE-2023-5539

A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers...