44 matches found
CVE-2012-5639 vulnerabilities
Vulnerabilities for packages: libreoffice...
CVE-2012-5639 vulnerabilities
Vulnerabilities for packages: libreoffice...
CVE-2025-5639
A vulnerability was found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has be...
CVE-2025-5639
creationtimestamp| type| source ---|---|--- 2025-06-05 06:01:27+00:00| published-proof-of-concept| Telegram/uHWvAuvUwozE9xqR-TnjEBub-qWhHMqFHErXUgC3HaO00ME 2025-06-05 06:53:52+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqtqdlqvx4h2...
CVE-2025-5639
The CVE-2025-5639 entry concerns PHPGurukul Notice Board System v1.0 with a SQL injection in /forgot-password.php via the email parameter. Affected component is the forgot-password flow; the issue allows remote exploitation and could lead to unauthorized database access or data disclosure, as des...
CVE-2025-5639 PHPGurukul Notice Board System forgot-password.php sql injection
A vulnerability was found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has be...
CVE-2020-5639
Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed...
Linux Distros Unpatched Vulnerability : CVE-2012-5639
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice and OpenOffice automatically open embedded content CVE-2012-5639 Note that Nessus relies on the presence of the package as reported by the vendor...
CVE-2024-5639 User Profile Picture <= 2.6.1 - Authenticated (Author+) Insecure Direct Object Reference to Profile Picture Update
The User Profile Picture plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.6.1 via the 'restapichangeprofileimage' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2024-5639 User Profile Picture <= 2.6.1 - Authenticated (Author+) Insecure Direct Object Reference to Profile Picture Update
The User Profile Picture plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.6.1 via the 'restapichangeprofileimage' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2024-5639
CVE-2024-5639 : The WordPress User Profile Picture plugin (metronet-profile-picture) suffers an Insecure Direct Object Reference in all versions up to and including 2.6.1 due to missing validation in rest_api_change_profile_image. This allows authenticated attackers with Author-level access or hi...
WordPress User Profile Picture Plugin <= 2.6.1 is vulnerable to Broken Access Control
Software User Profile Picture Type Plugin Vulnerable versions = 2.6.1 Fixed in 2.6.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-5639 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f06c42237928 Credits JoanClarke2 Required...
Debian: Security Advisory (DSA-5639-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-5639
CVE-2023-5639 affects the WordPress plugin Team Showcase. The vulnerability is a Stored XSS via the plugin shortcode tmfshortcode in all versions up to 2.1 due to insufficient input sanitization and output escaping on user attributes. Exploitation requires an authenticated attacker with contribut...
Ubuntu: Security Advisory (USN-5639-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5639-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5639-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-...
KZTech / JatonTec / Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution Vulnerability
Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page:...
RHEL 7 : openssl (RHSA-2020:5639)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5639 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
CVE-2020-5639
FileZen vulnerable to a directory traversal (CWE-22) in versions V3.0.0–V4.2.2, enabling a remote attacker to upload an arbitrary file to a specific directory and potentially execute arbitrary OS commands. Root cause is a directory traversal flaw in the affected FileZen appliances. Remediation pr...
CVE-2012-5639
creationtimestamp| type| source ---|---|--- 2019-12-20 16:43:20+00:00| seen| https://t.me/cibsecurity/8798 2024-01-09 15:00:07+00:00| seen| https://t.me/truesecator/5270...