Security Bulletin 27 Dec 2023

Published on 27 Dec 2023

SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.

The vulnerabilities are tabled based on severity, in accordance to their CVSSv3 base scores:


Criticalvulnerabilities with a base score of 9.0 to 10.0
Highvulnerabilities with a base score of 7.0 to 8.9
Mediumvulnerabilities with a base score of 4.0 to 6.9
Lowvulnerabilities with a base score of 0.1 to 3.9
Nonevulnerabilities with a base score of 0.0

For those vulnerabilities without assigned CVSS scores, please visit NVD for the updated CVSS vulnerability entries.

CRITICAL VULNERABILITIES
CVE NumberDescriptionBase ScoreReference
CVE-2023-49778Deserialization of Untrusted Data vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6.

10https://nvd.nist.gov/vuln/detail/CVE-2023-49778
CVE-2023-25970Unrestricted Upload of File with Dangerous Type vulnerability in Zendrop Zendrop – Global Dropshipping.This issue affects Zendrop – Global Dropshipping: from n/a through 1.0.0.

10https://nvd.nist.gov/vuln/detail/CVE-2023-25970
CVE-2023-29384Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.0.

10https://nvd.nist.gov/vuln/detail/CVE-2023-29384
CVE-2023-49773Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue affects BCorp Shortcodes: from n/a through 0.23.

10https://nvd.nist.gov/vuln/detail/CVE-2023-49773
CVE-2023-49772Deserialization of Untrusted Data vulnerability in Phpbits Creative Studio Genesis Simple Love.This issue affects Genesis Simple Love: from n/a through 2.0.

10https://nvd.nist.gov/vuln/detail/CVE-2023-49772
CVE-2023-23970Unrestricted Upload of File with Dangerous Type vulnerability in WooRockets Corsa.This issue affects Corsa: from n/a through 1.5.

9.9https://nvd.nist.gov/vuln/detail/CVE-2023-23970
CVE-2023-46149Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5.

9.9https://nvd.nist.gov/vuln/detail/CVE-2023-46149
CVE-2023-34385Unrestricted Upload of File with Dangerous Type vulnerability in Akshay Menariya Export Import Menus.This issue affects Export Import Menus: from n/a through 1.8.0.

9.9https://nvd.nist.gov/vuln/detail/CVE-2023-34385
CVE-2023-34007Unrestricted Upload of File with Dangerous Type vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.3.

9.9https://nvd.nist.gov/vuln/detail/CVE-2023-34007
CVE-2023-33318Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40.

9.9https://nvd.nist.gov/vuln/detail/CVE-2023-33318
CVE-2023-31231Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.65.

9.9https://nvd.nist.gov/vuln/detail/CVE-2023-31231
CVE-2023-31215Unrestricted Upload of File with Dangerous Type vulnerability in AmaderCode Lab Dropshipping & Affiliation with Amazon.This issue affects Dropshipping & Affiliation with Amazon: from n/a through 2.1.2.

9.9https://nvd.nist.gov/vuln/detail/CVE-2023-31215
CVE-2023-7095A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248942 is the identifier assigned to this vulnerability.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-7095
CVE-2023-49690Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'WalkinId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49690
CVE-2023-49689Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'JobId' parameter of the Employer/DeleteJob.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49689
CVE-2023-49688Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtUser' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49688
CVE-2023-49687Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtPass' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49687
CVE-2023-49686Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtTotal' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49686
CVE-2023-49685Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtTime' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49685
CVE-2023-49684Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtTitle' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49684
CVE-2023-49683Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtDesc' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49683
CVE-2023-49682Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtDate' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49682
CVE-2023-49681Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertWalkin.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49681
CVE-2023-49680Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtTotal' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49680
CVE-2023-49679Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtTitle' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49679
CVE-2023-49678Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txtDesc' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49678
CVE-2023-49677Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-49677
CVE-2023-48723Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'rno' parameter of the add_results.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48723
CVE-2023-48722Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_results.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48722
CVE-2023-48720Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48720
CVE-2023-48719Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'roll_no' parameter of the add_students.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48719
CVE-2023-48718Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_students.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48718
CVE-2023-48717Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_name' parameter of the add_classes.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48717
CVE-2023-48716Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_id' parameter of the add_classes.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48716
CVE-2023-48690Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'bynum' parameter of the train.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48690
CVE-2023-48689Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'byname' parameter of the train.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48689
CVE-2023-48688Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'to' parameter of the reservation.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48688
CVE-2023-48687Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'from' parameter of the reservation.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48687
CVE-2023-48686Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'user' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48686
CVE-2023-48685Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'psd' parameter of the login.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48685
CVE-2023-46791Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic3' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-46791
CVE-2023-45127Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'wrong' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45127
CVE-2023-45126Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'total' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45126
CVE-2023-45125Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'time' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45125
CVE-2023-45124Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'tag' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45124
CVE-2023-45123Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'right' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45123
CVE-2023-45122Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'name' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45122
CVE-2023-45121Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45121
CVE-2023-45120Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'qid' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45120
CVE-2023-45119Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45119
CVE-2023-45118Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45118
CVE-2023-45117Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45117
CVE-2023-45116Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45116
CVE-2023-45115Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the update.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-45115
CVE-2023-6145Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ?stanbul Soft Informatics and Consultancy Limited Company Softomi Advanced C2C Marketplace Software allows SQL Injection.This issue affects Softomi Advanced C2C Marketplace Software: before 12122023.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-6145
CVE-2023-32242Deserialization of Untrusted Data vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme.This issue affects WoodMart - Multipurpose WooCommerce Theme: from n/a through 1.0.36.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-32242
CVE-2023-50992Tenda i29 v1.0 V1.0.0.5 was discovered to contain a stack overflow via the ip parameter in the setPing function.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-50992
CVE-2023-50990Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the rebootTime parameter in the sysScheduleRebootSet function.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-50990
CVE-2023-50989Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-50989
CVE-2023-50988Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the bandwidth parameter in the wifiRadioSetIndoor function.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-50988
CVE-2023-50987Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysTimeInfoSet function.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-50987
CVE-2023-50986Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-50986
CVE-2023-50985Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw parameter in the lanCfgSet function.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-50985
CVE-2023-50984Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the spdtstConfigAndStart function.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-50984
CVE-2023-50983Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the sysScheduleRebootSet function.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-50983
CVE-2023-48434Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the reg_action.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48434
CVE-2023-48433Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the login_action.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-48433
CVE-2023-5011Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursename' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-5011
CVE-2023-5010Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'coursecode' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-5010
CVE-2023-5007Student Information System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'id' parameter of the marks.php resource does not validate the characters received and they are sent unfiltered to the database.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-5007
CVE-2023-40010Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in realmag777 HUSKY – Products Filter for WooCommerce Professional.This issue affects HUSKY – Products Filter for WooCommerce Professional: from n/a through 1.3.4.2.

9.8https://nvd.nist.gov/vuln/detail/CVE-2023-40010
CVE-2023-6768Authentication bypass vulnerability in Amazing Little Poll affecting versions 1.3 and 1.4. This vulnerability could allow an unauthenticated user to access the admin panel without providing any credentials by simply accessing the "lp_admin.php?adminstep=" parameter.9.8https://nvd.nist.gov/vuln/detail/CVE-2023-6768
CVE-2023-50707
Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device.




9.6https://nvd.nist.gov/vuln/detail/CVE-2023-50707
CVE-2023-50254Deepin Linux's default document reader `deepin-reader` software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution (RCE) can be achieved by overwriting files like .bash_rc, .bash_login, etc. RCE will be triggered when the user opens the terminal. Version 6.0.7 contains a patch for the issue.9.3https://nvd.nist.gov/vuln/detail/CVE-2023-50254
CVE-2023-49752Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spoon themes Adifier - Classified Ads WordPress Theme.This issue affects Adifier - Classified Ads WordPress Theme: from n/a before 3.1.4.

9.3https://nvd.nist.gov/vuln/detail/CVE-2023-49752
CVE-2023-49776Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6.

9.3https://nvd.nist.gov/vuln/detail/CVE-2023-49776
CVE-2023-32590Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Category: from n/a through 2.7.4.

9.3https://nvd.nist.gov/vuln/detail/CVE-2023-32590
CVE-2023-50731MindsDB is a SQL Server for artificial intelligence. Prior to version 23.11.4.1, the `put` method in `mindsdb/mindsdb/api/http/namespaces/file.py` does not validate the user-controlled name value, which is used in a temporary file name, which is afterwards opened for writing on lines 122-125, which leads to path injection. Later in the method, the temporary directory is deleted on line 151, but since we can write outside of the directory using the path injection vulnerability, the potentially dangerous file is not deleted. Arbitrary file contents can be written due to `f.write(chunk)` on line 125. Mindsdb does check later on line 149 in the `save_file` method in `file-controller.py` which calls the `_handle_source` method in `file_handler.py` if a file is of one of the types `csv`, `json`, `parquet`, `xls`, or `xlsx`. However, since the check happens after the file has already been written, the files will still exist (and will not be removed due to the path injection described earlier), just the `_handle_source` method will return an error. The same user-controlled source source is used also in another path injection sink on line 138. This leads to another path injection, which allows an attacker to delete any `zip` or `tar.gz` files on the server.9.1https://nvd.nist.gov/vuln/detail/CVE-2023-50731
CVE-2023-49814Unrestricted Upload of File with Dangerous Type vulnerability in Symbiostock symbiostock.This issue affects Symbiostock: from n/a through 6.0.0.

9.1https://nvd.nist.gov/vuln/detail/CVE-2023-49814
CVE-2023-40204Unrestricted Upload of File with Dangerous Type vulnerability in Premio Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager.This issue affects Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager: from n/a through 2.9.2.

9.1https://nvd.nist.gov/vuln/detail/CVE-2023-40204
CVE-2023-29102Unrestricted Upload of File with Dangerous Type vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1.

9.1https://nvd.nist.gov/vuln/detail/CVE-2023-29102
CVE-2023-28170Unrestricted Upload of File with Dangerous Type vulnerability in Themely Theme Demo Import.This issue affects Theme Demo Import: from n/a through 1.1.1.

9.1https://nvd.nist.gov/vuln/detail/CVE-2023-28170
CVE-2023-47702IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view modify files on the system. IBM X-Force ID: 271196.9.1https://nvd.nist.gov/vuln/detail/CVE-2023-47702
CVE-2023-45603Unrestricted Upload of File with Dangerous Type vulnerability in Jeff Starr User Submitted Posts – Enable Users to Submit Posts from the Front End.This issue affects User Submitted Posts – Enable Users to Submit Posts from the Front End: from n/a through 20230902.

9https://nvd.nist.gov/vuln/detail/CVE-2023-45603

OTHER VULNERABILITIES
CVE NumberDescriptionBase ScoreReference
CVE-2023-5961A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This vulnerability may lead an attacker to perform operations on behalf of the victimized user.

8.8https://nvd.nist.gov/vuln/detail/CVE-2023-5961
CVE-2023-51448Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint `‘/cacti/managers.php’` with an SQLi payload in the `‘selected_graphs_array’` HTTP GET parameter. As of time of publication, no patched versions exist.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-51448
CVE-2023-49085Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the `pollers.php`. Impact of the vulnerability - arbitrary SQL code execution. As of time of publication, a patch does not appear to exist.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-49085
CVE-2023-44482Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setsickleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database.

8.8https://nvd.nist.gov/vuln/detail/CVE-2023-44482
CVE-2023-44481Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setearnleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database.

8.8https://nvd.nist.gov/vuln/detail/CVE-2023-44481
CVE-2023-47706IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to upload files of a dangerous file type. IBM X-Force ID: 271341.8.8https://nvd.nist.gov/vuln/detail/CVE-2023-47706
CVE-2023-51442Navidrome is an open source web-based music collection server and streamer. A security vulnerability has been identified in navidrome's subsonic endpoint, allowing for authentication bypass. This exploit enables unauthorized access to any known account by utilizing a JSON Web Token (JWT) signed with the key "not so secret". The vulnerability can only be exploited on instances that have never been restarted. Navidrome supports an extension to the subsonic authentication scheme, where a JWT can be provided using a `jwt` query parameter instead of the traditional password or token and salt (corresponding to resp. the `p` or `t` and `s` query parameters). This authentication bypass vulnerability potentially affects all instances that don't protect the subsonic endpoint `/rest/`, which is expected to be most instances in a standard deployment, and most instances in the reverse proxy setup too (as the documentation mentions to leave that endpoint unprotected). This issue has been patched in version 0.50.2.
8.6https://nvd.nist.gov/vuln/detail/CVE-2023-51442
CVE-2023-29096Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress.This issue affects Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress: from n/a through 1.7.0.

8.5https://nvd.nist.gov/vuln/detail/CVE-2023-29096
CVE-2023-51661Wasmer is a WebAssembly runtime that enables containers to run anywhere: from Desktop to the Cloud, Edge and even the browser. Wasm programs can access the filesystem outside of the sandbox. Service providers running untrusted Wasm code on Wasmer can unexpectedly expose the host filesystem. This vulnerability has been patched in version 4.2.4.8.4https://nvd.nist.gov/vuln/detail/CVE-2023-51661
CVE-2023-47784Unrestricted Upload of File with Dangerous Type vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a through 6.6.15.

8.4https://nvd.nist.gov/vuln/detail/CVE-2023-47784
CVE-2023-46648An insufficient entropy vulnerability was identified in GitHub Enterprise Server (GHES) that allowed an attacker to brute force a user invitation to the GHES Management Console. To exploit this vulnerability, an attacker would need knowledge that a user invitation was pending. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program.
8.3https://nvd.nist.gov/vuln/detail/CVE-2023-46648
CVE-2023-50732XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute a Velocity script without script right through the document tree. This has been patched in XWiki 14.10.7 and 15.2RC1.8.3https://nvd.nist.gov/vuln/detail/CVE-2023-50732
CVE-2023-28782Deserialization of Untrusted Data vulnerability in Rocketgenius Inc. Gravity Forms.This issue affects Gravity Forms: from n/a through 2.7.3.

8.3https://nvd.nist.gov/vuln/detail/CVE-2023-28782
CVE-2023-40555Deserialization of Untrusted Data vulnerability in UX-themes Flatsome | Multi-Purpose Responsive WooCommerce Theme.This issue affects Flatsome | Multi-Purpose Responsive WooCommerce Theme: from n/a through 3.17.5.

8.3https://nvd.nist.gov/vuln/detail/CVE-2023-40555
CVE-2023-29432Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Favethemes Houzez - Real Estate WordPress Theme.This issue affects Houzez - Real Estate WordPress Theme: from n/a before 2.8.3.

8.2https://nvd.nist.gov/vuln/detail/CVE-2023-29432
CVE-2023-37871Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce GoCardless.This issue affects GoCardless: from n/a through 2.5.6.

8.2https://nvd.nist.gov/vuln/detail/CVE-2023-37871
CVE-2023-6689




A successful CSRF attack could force the user to perform state changing requests on the application. If the victim is an administrative account, a CSRF attack could compromise the entire web application.



8.2https://nvd.nist.gov/vuln/detail/CVE-2023-6689
CVE-2023-6971The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. NOTE: Successful exploitation of this vulnerability requires that the target server's php.ini is configured with 'allow_url_include' set to 'on'. This feature is deprecated as of PHP 7.4 and is disabled by default, but can still be explicitly enabled in later versions of PHP.8.1https://nvd.nist.gov/vuln/detail/CVE-2023-6971
CVE-2023-6746An insertion of sensitive information into log file vulnerability was identified in the log files for a GitHub Enterprise Server back-end service that could permit an `adversary in the middle attack` when combined with other phishing techniques. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. 8.1https://nvd.nist.gov/vuln/detail/CVE-2023-6746
CVE-2023-49826Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1.

8.1https://nvd.nist.gov/vuln/detail/CVE-2023-49826
CVE-2023-30750Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10.

8.1https://nvd.nist.gov/vuln/detail/CVE-2023-30750
CVE-2023-30495Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Ultimate Addons for Contact Form 7.This issue affects Ultimate Addons for Contact Form 7: from n/a through 3.1.23.

8.1https://nvd.nist.gov/vuln/detail/CVE-2023-30495
CVE-2023-49825Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1.

8.1https://nvd.nist.gov/vuln/detail/CVE-2023-49825
CVE-2023-33330Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50.

8.1https://nvd.nist.gov/vuln/detail/CVE-2023-33330
CVE-2023-33209Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CrawlSpider SEO Change Monitor – Track Website Changes.This issue affects SEO Change Monitor – Track Website Changes: from n/a through 1.2.

8.1https://nvd.nist.gov/vuln/detail/CVE-2023-33209
CVE-2023-31092Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Foxskav Easy Bet.This issue affects Easy Bet: from n/a through 1.0.2.

8.1https://nvd.nist.gov/vuln/detail/CVE-2023-31092
CVE-2023-35876Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Square.This issue affects WooCommerce Square: from n/a through 3.8.1.

8.1https://nvd.nist.gov/vuln/detail/CVE-2023-35876
CVE-2023-42017IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, which could allow the attacker to execute arbitrary code on the vulnerable system. IBM X-Force ID: 265567.8https://nvd.nist.gov/vuln/detail/CVE-2023-42017
CVE-2023-49084Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `link.php`. Impact of the vulnerability execution of arbitrary code on the server.8https://nvd.nist.gov/vuln/detail/CVE-2023-49084
CVE-2023-46647Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.6, 3.10.3, and 3.11.0.8https://nvd.nist.gov/vuln/detail/CVE-2023-46647
CVE-2023-5180An issue was discovered in Open Design Alliance
Drawings SDK before 2024.12. A corrupted value of number
of sectors used by the Fat structure in a crafted DGN file leads to an
out-of-bounds write. An attacker can leverage this vulnerability to execute
code in the context of the current process.
7.8https://nvd.nist.gov/vuln/detail/CVE-2023-5180
CVE-2023-51386Sandbox Accounts for Events provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially read data from the events table by sending request payloads to the events API, collecting information on planned events, timeframes, budgets and owner email addresses. This data access may allow users to get insights into upcoming events and join events which they have not been invited to. This issue has been patched in version 1.10.0.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-51386
CVE-2023-6546A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-6546
CVE-2023-7025A vulnerability was found in KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5. It has been declared as critical. This vulnerability affects the function init_kcm of the component DBus Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-248578 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.7.8https://nvd.nist.gov/vuln/detail/CVE-2023-7025
CVE-2023-37520Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability identified in BigFix Server version 9.5.12.68, allowing for potential data exfiltration. This XSS vulnerability is in the Gather Status Report, which is served by the BigFix Relay.
7.7https://nvd.nist.gov/vuln/detail/CVE-2023-37520
CVE-2023-37519Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. This XSS vulnerability is in the Download Status Report, which is served by the BigFix Server. 
7.7https://nvd.nist.gov/vuln/detail/CVE-2023-37519
CVE-2023-40058Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment.






7.6https://nvd.nist.gov/vuln/detail/CVE-2023-40058
CVE-2023-49166Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Magic Logix MSync.This issue affects MSync: from n/a through 1.0.0.

7.6https://nvd.nist.gov/vuln/detail/CVE-2023-49166
CVE-2023-49161Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Guelben Bravo Translate.This issue affects Bravo Translate: from n/a through 1.2.

7.6https://nvd.nist.gov/vuln/detail/CVE-2023-49161
CVE-2023-35915Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0.

7.6https://nvd.nist.gov/vuln/detail/CVE-2023-35915
CVE-2023-32743Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1.

7.6https://nvd.nist.gov/vuln/detail/CVE-2023-32743
CVE-2023-47236Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum iPages Flipbook For WordPress.This issue affects iPages Flipbook For WordPress: from n/a through 1.4.8.

7.6https://nvd.nist.gov/vuln/detail/CVE-2023-47236
CVE-2023-38519Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MainWP MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance.This issue affects MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance: from n/a through 4.4.3.3.

7.6https://nvd.nist.gov/vuln/detail/CVE-2023-38519
CVE-2023-0011A flaw in the input validation in TOBY-L2 allows a user to execute arbitrary operating system commands using specifically crafted AT commands. This vulnerability requires physical access to the serial interface of the module or the ability to modify the system or software which uses its serial interface to send malicious AT commands.




Exploitation of the vulnerability gives full administrative (root) privileges to the attacker to execute any operating system command on TOBY-L2 which can lead to modification of the behavior of the module itself as well as the components connected with it (depending on its rights on other connected systems). It can further provide the ability to read system level files and hamper the availability of the module as well..




This issue affects TOBY-L2 series: TOBY-L200, TOBY-L201, TOBY-L210, TOBY-L220, TOBY-L280.

7.6https://nvd.nist.gov/vuln/detail/CVE-2023-0011
CVE-2023-49880In the Message Entry and Repair (MER) facility of IBM Financial Transaction Manager for SWIFT Services 3.2.4 the sending address and the message type of FIN messages are assumed to be immutable. However, an attacker might modify these elements of a business transaction. IBM X-Force ID: 273183.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-49880
CVE-2023-6972The Backup Migration plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.9 via the 'content-backups' and 'content-name', 'content-manifest', or 'content-bmitmp' and 'content-identy' HTTP headers. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-6972
CVE-2023-51650Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this issue.
7.5https://nvd.nist.gov/vuln/detail/CVE-2023-51650
CVE-2023-50730Grackle is a GraphQL server written in functional Scala, built on the Typelevel stack. The GraphQL specification requires that GraphQL fragments must not form cycles, either directly or indirectly. Prior to Grackle version 0.18.0, that requirement wasn't checked, and queries with cyclic fragments would have been accepted for type checking and compilation. The attempted compilation of such fragments would result in a JVM `StackOverflowError` being thrown. Some knowledge of an applications GraphQL schema would be required to construct such a query, however no knowledge of any application-specific performance or other behavioural characteristics would be needed.

Grackle uses the cats-parse library for parsing GraphQL queries. Prior to version 0.18.0, Grackle made use of the cats-parse `recursive` operator. However, `recursive` is not currently stack safe. `recursive` was used in three places in the parser: nested selection sets, nested input values (lists and objects), and nested list type declarations. Consequently, queries with deeply nested selection sets, input values or list types could be constructed which exploited this, causing a JVM `StackOverflowException` to be thrown during parsing. Because this happens very early in query processing, no specific knowledge of an applications GraphQL schema would be required to construct such a query.

The possibility of small queries resulting in stack overflow is a potential denial of service vulnerability. This potentially affects all applications using Grackle which have untrusted users. Both stack overflow issues have been resolved in the v0.18.0 release of Grackle. As a workaround, users could interpose a sanitizing layer in between untrusted input and Grackle query processing.
7.5https://nvd.nist.gov/vuln/detail/CVE-2023-50730
CVE-2022-39337Hertzbeat is an open source, real-time monitoring system with custom-monitoring, high performance cluster, prometheus-like and agentless. Hertzbeat versions 1.20 and prior have a permission bypass vulnerability. System authentication can be bypassed and invoke interfaces without authorization. Version 1.2.1 contains a patch for this issue.7.5https://nvd.nist.gov/vuln/detail/CVE-2022-39337
CVE-2023-6847An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed a bypass of Private Mode by using a specially crafted API request. To exploit this vulnerability, an attacker would need network access to the Enterprise Server appliance configured in Private Mode. This vulnerability affected all versions of GitHub Enterprise Server since 3.9 and was fixed in version 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program.
7.5https://nvd.nist.gov/vuln/detail/CVE-2023-6847
CVE-2023-48288Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.1.

7.5https://nvd.nist.gov/vuln/detail/CVE-2023-48288
CVE-2023-5594Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-5594
CVE-2023-35916Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0.

7.5https://nvd.nist.gov/vuln/detail/CVE-2023-35916
CVE-2023-35914Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Woo Subscriptions.This issue affects Woo Subscriptions: from n/a through 5.1.2.

7.5https://nvd.nist.gov/vuln/detail/CVE-2023-35914
CVE-2023-50249Sentry-Javascript is official Sentry SDKs for JavaScript. A ReDoS (Regular expression Denial of Service) vulnerability has been identified in Sentry's Astro SDK 7.78.0-7.86.0. Under certain conditions, this vulnerability allows an attacker to cause excessive computation times on the server, leading to denial of service (DoS). This vulnerability has been patched in sentry/astro version 7.87.0.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-50249
CVE-2023-6562JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker.
7.5https://nvd.nist.gov/vuln/detail/CVE-2023-6562
CVE-2023-6912Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords.
7.5https://nvd.nist.gov/vuln/detail/CVE-2023-6912
CVE-2023-37544Improper Authentication vulnerability in Apache Pulsar WebSocket Proxy allows an attacker to connect to the /pingpong endpoint without authentication.

This issue affects Apache Pulsar WebSocket Proxy: from 2.8.0 through 2.8.*, from 2.9.0 through 2.9.*, from 2.10.0 through 2.10.4, from 2.11.0 through 2.11.1, 3.0.0.

The known risks include a denial of service due to the WebSocket Proxy accepting any connections, and excessive data transfer due to misuse of the WebSocket ping/pong feature.

2.10 Pulsar WebSocket Proxy users should upgrade to at least 2.10.5.
2.11 Pulsar WebSocket Proxy users should upgrade to at least 2.11.2.
3.0 Pulsar WebSocket Proxy users should upgrade to at least 3.0.1.
3.1 Pulsar WebSocket Proxy users are unaffected.
Any users running the Pulsar WebSocket Proxy for 2.8, 2.9, and earlier should upgrade to one of the above patched versions.
7.5https://nvd.nist.gov/vuln/detail/CVE-2023-37544
CVE-2023-47704IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: 271220.7.5https://nvd.nist.gov/vuln/detail/CVE-2023-47704
CVE-2020-36769The Widget Settings Importer/Exporter Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wp_ajax_import_widget_dataparameter AJAX action in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with subscriber-level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.7.4https://nvd.nist.gov/vuln/detail/CVE-2020-36769
CVE-2023-46147Deserialization of Untrusted Data vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5.

7.4https://nvd.nist.gov/vuln/detail/CVE-2023-46147
CVE-2023-50924Englesystem is a shift planning system for chaos events. Engelsystem prior to v3.4.1 performed insufficient validation of user supplied data for the DECT number, mobile number, and work-log comment fields. The values of those fields would be displayed in corresponding log overviews, allowing the injection and execution of Javascript code in another user's context. This vulnerability enables an authenticated user to inject Javascript into other user's sessions. The injected JS will be executed during normal usage of the system when viewing, e.g., overview pages. This issue has been fixed in version 3.4.1.7.3https://nvd.nist.gov/vuln/detail/CVE-2023-50924
CVE-2023-48670
Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges.

7.3https://nvd.nist.gov/vuln/detail/CVE-2023-48670
CVE-2021-38927IBM Aspera Console 3.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 210322.7.2https://nvd.nist.gov/vuln/detail/CVE-2021-38927
CVE-2023-7002The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operating system.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-7002
CVE-2023-51387Hertzbeat is an open source, real-time monitoring system. Hertzbeat uses aviatorscript to evaluate alert expressions. The alert expressions are supposed to be some simple expressions. However, due to improper sanitization for alert expressions in version prior to 1.4.1, a malicious user can use a crafted alert expression to execute any command on hertzbeat server. A malicious user who has access to alert define function can execute any command in hertzbeat instance. This issue is fixed in version 1.4.1.7.2https://nvd.nist.gov/vuln/detail/CVE-2023-51387
CVE-2023-43088
Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on the device.

7.2https://nvd.nist.gov/vuln/detail/CVE-2023-43088
CVE-2023-6802An insertion of sensitive information into the log file in the audit log in GitHub Enterprise Server was identified that could allow an attacker to gain access to the management console. To exploit this, an attacker would need access to the log files for the GitHub Enterprise Server appliance, a backup archive created with GitHub Enterprise Server Backup Utilities, or a service which received streamed logs. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. 7.2https://nvd.nist.gov/vuln/detail/CVE-2023-6802
CVE-2023-32128Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free: from n/a through 2.2.7.

7.2https://nvd.nist.gov/vuln/detail/CVE-2023-32128
CVE-2023-47852Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Link Whisper Link Whisper Free.This issue affects Link Whisper Free: from n/a through 0.6.5.

7.2https://nvd.nist.gov/vuln/detail/CVE-2023-47852
CVE-2023-50928"Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially claim and access empty AWS accounts by sending request payloads to the account API containing non-existent event ids and self-defined budget & duration. This issue only affects cleaned AWS accounts, it is not possible to access AWS accounts in use or existing data/infrastructure. This issue has been patched in version 1.1.0.7.1https://nvd.nist.gov/vuln/detail/CVE-2023-50928
CVE-2023-28788Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 6.4.2.

7.1https://nvd.nist.gov/vuln/detail/CVE-2023-28788
CVE-2023-26525Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy.This issue affects Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy: from n/a through 3.7.12.

7.1https://nvd.nist.gov/vuln/detail/CVE-2023-26525
CVE-2023-47507Deserialization of Untrusted Data vulnerability in Master Slider Master Slider Pro.This issue affects Master Slider Pro: from n/a through 3.6.5.

7.1https://nvd.nist.gov/vuln/detail/CVE-2023-47507
CVE-2023-43064Facsimile Support for IBM i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause arbitrary code to run with the privilege of the user invoking the facsimile support. IBM X-Force ID: 267689.7https://nvd.nist.gov/vuln/detail/CVE-2023-43064
CVE-2023-48704ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of Gorilla codec that crashes the ClickHouse server process. This attack does not require authentication. This issue has been addressed in ClickHouse Cloud version 23.9.2.47551 and ClickHouse versions 23.10.5.20, 23.3.18.15, 23.8.8.20, and 23.9.6.20.7https://nvd.nist.gov/vuln/detail/CVE-2023-48704
CVE-2023-47118ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of T64 codec that crashes the ClickHouse server process. This attack does not require authentication. Note that this exploit can also be triggered via HTTP protocol, however, the attacker will need a valid credential as the HTTP authentication take places first. This issue has been fixed in version 23.10.2.13-stable, 23.9.4.11-stable, 23.8.6.16-lts and 23.3.16.7-lts.
7https://nvd.nist.gov/vuln/detail/CVE-2023-47118
CVE-2023-50714yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the `authCodeVerifier` should be removed after usage (similar to `authState`). Second, there is a risk for a `downgrade attack` if PKCE is being relied on for CSRF protection. Version 2.2.15 contains a patch for the issue. No known workarounds are available.6.8https://nvd.nist.gov/vuln/detail/CVE-2023-50714
CVE-2023-46645A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program.
6.8https://nvd.nist.gov/vuln/detail/CVE-2023-46645
CVE-2023-39251
Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.

6.7https://nvd.nist.gov/vuln/detail/CVE-2023-39251
CVE-2023-28491Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6.

6.7https://nvd.nist.gov/vuln/detail/CVE-2023-28491
CVE-2023-7090A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them.6.6https://nvd.nist.gov/vuln/detail/CVE-2023-7090
CVE-2023-28025Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage.
6.6https://nvd.nist.gov/vuln/detail/CVE-2023-28025
CVE-2023-5962A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization.

6.5https://nvd.nist.gov/vuln/detail/CVE-2023-5962
CVE-2023-6804Improper privilege management allowed arbitrary workflows to be committed and run using an improperly scoped PAT. To exploit this, a workflow must have already existed in the target repo. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.
6.5https://nvd.nist.gov/vuln/detail/CVE-2023-6804
CVE-2023-50834Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in August Infotech WooCommerce Menu Extension allows Stored XSS.This issue affects WooCommerce Menu Extension: from n/a through 1.6.2.

6.5https://nvd.nist.gov/vuln/detail/CVE-2023-50834
CVE-2023-47191Authorization Bypass Through User-Controlled Key vulnerability in KaineLabs Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress.This issue affects Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress: from n/a through 1.2.2.

6.5https://nvd.nist.gov/vuln/detail/CVE-2023-47191
CVE-2023-32799Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3.

6.5https://nvd.nist.gov/vuln/detail/CVE-2023-32799
CVE-2023-50833Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExtendThemes Colibri Page Builder allows Stored XSS.This issue affects Colibri Page Builder: from n/a through 1.0.239.

6.5https://nvd.nist.gov/vuln/detail/CVE-2023-50833
CVE-2023-50831Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme CURCY – Multi Currency for WooCommerce allows Stored XSS.This issue affects CURCY – Multi Currency for WooCommerce: from n/a through 2.2.0.

6.5https://nvd.nist.gov/vuln/detail/CVE-2023-50831
CVE-2023-50825Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Terrier Tenacity iframe Shortcode allows Stored XSS.This issue affects iframe Shortcode: from n/a through 2.0.

6.5https://nvd.nist.gov/vuln/detail/CVE-2023-50825
CVE-2023-50824Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brian Batt Insert or Embed Articulate Content into WordPress allows Stored XSS.This issue affects Insert or Embed Articulate Content into WordPress: from n/a through 4.3000000021.

6.5https://nvd.nist.gov/vuln/detail/CVE-2023-50824
CVE-2023-50823Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wipeout Media CSS & JavaScript Toolbox allows Stored XSS.This issue affects CSS & JavaScript Toolbox: from n/a through 11.7.

6.5https://nvd.nist.gov/vuln/detail/CVE-2023-50823
CVE-2023-50822Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Currency.Wiki Currency Converter Widget – Exchange Rates allows Stored XSS.This issue affects Currency Converter Widget – Exchange Rates: from n/a through 3.0.2.

6.5https://nvd.nist.gov/vuln/detail/CVE-2023-50822
CVE-2022-45377Unrestricted Upload of File with Dangerous Type vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload for WooCommerce.This issue affects Drag and Drop Multiple File Upload for WooCommerce: from n/a through 1.0.8.

6.5https://nvd.nist.gov/vuln/detail/CVE-2022-45377
CVE-2023-51390journalpump is a daemon that takes log messages from journald and pumps them to a given output. A logging vulnerability was found in journalpump which logs out the configuration of a service integration in plaintext to the supplied logging pipeline, including credential information contained in the configuration if any. The problem has been patched in journalpump 2.5.0.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-51390
CVE-2023-46131Grails is a framework used to build web applications with the Groovy programming language. A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework application using Grails data binding is vulnerable. This issue has been patched in version 3.3.17, 4.1.3, 5.3.4, 6.1.0.
6.5https://nvd.nist.gov/vuln/detail/CVE-2023-46131
CVE-2022-44684Windows Local Session Manager (LSM) Denial of Service Vulnerability6.5https://nvd.nist.gov/vuln/detail/CVE-2022-44684
CVE-2023-30872Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BannerSky BSK Forms Blacklist.This issue affects BSK Forms Blacklist: from n/a through 3.6.2.

6.5https://nvd.nist.gov/vuln/detail/CVE-2023-30872
CVE-2023-6910A vulnerable API method in M-Files Server before 23.12.13195.0 allows for uncontrolled resource consumption. Authenticated attacker can exhaust server storage space to a point where the server can no longer serve requests.6.5https://nvd.nist.gov/vuln/detail/CVE-2023-6910
CVE-2023-6744The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'et_pb_text' shortcode in all versions up to, and including, 4.23.1 due to insufficient input sanitization and output escaping on user supplied custom field data. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.6.4https://nvd.nist.gov/vuln/detail/CVE-2023-6744
CVE-2023-7111A vulnerability, which was classified as critical, was found in code-projects Library Management System 2.0. Affected is an unknown function of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249006 is the identifier assigned to this vulnerability.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7111
CVE-2023-7100A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/bwdates-report-details.php. The manipulation of the argument fdate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248952.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7100
CVE-2023-7099A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unknown processing of the file bwdates-report-result.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248951.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7099
CVE-2023-7097A vulnerability classified as critical has been found in code-projects Water Billing System 1.0. This affects an unknown part of the file /addbill.php. The manipulation of the argument owners_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248949 was assigned to this vulnerability.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7097
CVE-2023-7091A vulnerability was found in Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /upload/uploadFile. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-248938 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7091
CVE-2023-50727Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. Reflected XSS issue occurs when /queues is appended with /"><svg%20onload=alert(domain)>. This issue has been patched in version 2.6.0.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-50727
CVE-2023-50725Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. The following paths in resque-web have been found to be vulnerable to reflected XSS: "/failed/?class=--redacted--" and "/queues/><img src=a onerror=alert(document.cookie)>". This issue has been patched in version 2.2.16.3https://nvd.nist.gov/vuln/detail/CVE-2023-50725
CVE-2023-7058A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument page leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248749 was assigned to this vulnerability.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7058
CVE-2023-46649A race condition in GitHub Enterprise Server was identified that could allow an attacker administrator access. To exploit this, an organization needs to be converted from a user. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. 6.3https://nvd.nist.gov/vuln/detail/CVE-2023-46649
CVE-2023-7039A vulnerability classified as critical has been found in Beijing Baichuo S210 up to 20231210. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248688.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7039
CVE-2023-7037A vulnerability was found in automad up to 1.10.9. It has been declared as critical. This vulnerability affects the function import of the file FileController.php. The manipulation of the argument importUrl leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-248686 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7037
CVE-2023-50724Resque (pronounced like "rescue") is a Redis-backed library for creating background jobs, placing those jobs on multiple queues, and processing them later. resque-web in resque versions before 2.1.0 are vulnerable to reflected XSS through the current_queue parameter in the path of the queues endpoint. This issue has been patched in version 2.1.0.
6.3https://nvd.nist.gov/vuln/detail/CVE-2023-50724
CVE-2023-51655In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration6.3https://nvd.nist.gov/vuln/detail/CVE-2023-51655
CVE-2023-7023A vulnerability was found in Tongda OA 2017 up to 11.9. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/vehicle/query/delete.php. The manipulation of the argument VU_ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-248570 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7023
CVE-2023-7022A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/work_plan/manage/delete_all.php. The manipulation of the argument DELETE_STR leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248569 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7022
CVE-2023-7021A vulnerability was found in Tongda OA 2017 up to 11.9. It has been classified as critical. Affected is an unknown function of the file general/vehicle/checkup/delete_search.php. The manipulation of the argument VU_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248568. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7021
CVE-2023-7020A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. This issue affects some unknown processing of the file general/wiki/cp/ct/view.php. The manipulation of the argument TEMP_ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-248567. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-7020
CVE-2023-35895IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 259116.6.3https://nvd.nist.gov/vuln/detail/CVE-2023-35895
CVE-2023-50703
An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application.




6.3https://nvd.nist.gov/vuln/detail/CVE-2023-50703
CVE-2023-45165IBM AIX 7.2 and 7.3 could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 267963.6.2https://nvd.nist.gov/vuln/detail/CVE-2023-45165
CVE-2023-42012An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts. IBM X-Force ID: 265509.6.2https://nvd.nist.gov/vuln/detail/CVE-2023-42012
CVE-2023-50708yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth1/2 `state` and OpenID Connect `nonce` is vulnerable for a `timing attack` since it is compared via regular string comparison (instead of `Yii::$app->getSecurity()->compareString()`). Version 2.2.15 contains a patch for the issue. No known workarounds are available.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-50708
CVE-2023-49088Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti.6.1https://nvd.nist.gov/vuln/detail/CVE-2023-49088
CVE-2023-49086Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). Bypassing an earlier fix (CVE-2023-39360) that leads to a DOM XSS attack.
Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is
the `graphs_new.php`. Impact of the vulnerability - execution of arbitrary javascript code in
the attacked user's browser. This issue has been patched in version 1.2.26.
6.1https://nvd.nist.gov/vuln/detail/CVE-2023-49086
CVE-2023-6122Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ?stanbul Soft Informatics and Consultancy Limited Company Softomi Geli?mi? C2C Pazaryeri Yaz?l?m? allows Reflected XSS.This issue affects Softomi Geli?mi? C2C Pazaryeri Yaz?l?m?: before 12122023.

6.1https://nvd.nist.gov/vuln/detail/CVE-2023-6122
CVE-2023-5988Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uyumsoft Information System and Technologies LioXERP allows Reflected XSS.This issue affects LioXERP: before v.146.

6.1https://nvd.nist.gov/vuln/detail/CVE-2023-5988
CVE-2023-49272Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'children' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.

6.1https://nvd.nist.gov/vuln/detail/CVE-2023-49272
CVE-2023-51651AWS SDK for PHP is the Amazon Web Services software development kit for PHP. Within the scope of requests to S3 object keys and/or prefixes containing a Unix double-dot, a URI path traversal is possible. The issue exists in the `buildEndpoint` method in the RestSerializer component of the AWS SDK for PHP v3 prior to 3.288.1. The `buildEndpoint` method relies on the Guzzle Psr7 UriResolver utility, which strips dot segments from the request path in accordance with RFC 3986. Under certain conditions, this could lead to an arbitrary object being accessed. This issue has been patched in version 3.288.1.6https://nvd.nist.gov/vuln/detail/CVE-2023-51651
CVE-2023-51662The Snowflake .NET driver provides an interface to the Microsoft .NET open source software framework for developing applications. Snowflake recently received a report about a vulnerability in the Snowflake Connector .NET where the checks against the Certificate Revocation List (CRL) were not performed where the insecureMode flag was set to false, which is the default setting. The vulnerability affects versions between 2.0.25 and 2.1.4 (inclusive). Snowflake fixed the issue in version 2.1.5.6https://nvd.nist.gov/vuln/detail/CVE-2023-51662
CVE-2023-7008A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.5.9https://nvd.nist.gov/vuln/detail/CVE-2023-7008
CVE-2023-48298ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an unauthenticated attacker. The vulnerability is very similar to CVE-2023-47118 with how the vulnerable function can be exploited.
5.9https://nvd.nist.gov/vuln/detail/CVE-2023-48298
CVE-2023-50832Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mondula GmbH Multi Step Form allows Stored XSS.This issue affects Multi Step Form: from n/a through 1.7.13.

5.9https://nvd.nist.gov/vuln/detail/CVE-2023-50832
CVE-2023-50830Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seosbg Seos Contact Form allows Stored XSS.This issue affects Seos Contact Form: from n/a through 1.8.0.

5.9https://nvd.nist.gov/vuln/detail/CVE-2023-50830
CVE-2023-50829Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aerin Loan Repayment Calculator and Application Form allows Stored XSS.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.3.

5.9https://nvd.nist.gov/vuln/detail/CVE-2023-50829
CVE-2023-50828Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Vongries Ultimate Dashboard – Custom WordPress Dashboard allows Stored XSS.This issue affects Ultimate Dashboard – Custom WordPress Dashboard: from n/a through 3.7.11.

5.9https://nvd.nist.gov/vuln/detail/CVE-2023-50828
CVE-2023-50827Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Accredible Accredible Certificates & Open Badges allows Stored XSS.This issue affects Accredible Certificates & Open Badges: from n/a through 1.4.8.

5.9https://nvd.nist.gov/vuln/detail/CVE-2023-50827
CVE-2023-50826Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Freshlight Lab Menu Image, Icons made easy allows Stored XSS.This issue affects Menu Image, Icons made easy: from n/a through 3.10.

5.9https://nvd.nist.gov/vuln/detail/CVE-2023-50826
CVE-2023-50377Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AB-WP Simple Counter allows Stored XSS.This issue affects Simple Counter: from n/a through 1.0.2.

5.9https://nvd.nist.gov/vuln/detail/CVE-2023-50377
CVE-2023-47527Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sajjad Hossain Sagor WP Edit Username allows Stored XSS.This issue affects WP Edit Username: from n/a through 1.0.5.

5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47527
CVE-2023-47525Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A WP Life Event Monster – Event Management, Tickets Booking, Upcoming Event allows Stored XSS.This issue affects Event Monster – Event Management, Tickets Booking, Upcoming Event: from n/a through 1.3.2.

5.9https://nvd.nist.gov/vuln/detail/CVE-2023-47525
CVE-2023-2487Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Smackcoders Export All Posts, Products, Orders, Refunds & Users.This issue affects Export All Posts, Products, Orders, Refunds & Users: from n/a through 2.4.1.

5.9https://nvd.nist.gov/vuln/detail/CVE-2023-2487
CVE-2023-6803A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.
5.8https://nvd.nist.gov/vuln/detail/CVE-2023-6803
CVE-2023-51449Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of `gradio` prior to 4.11.0 contained a vulnerability in the `/file` route which made them susceptible to file traversal attacks in which an attacker could access arbitrary files on a machine running a Gradio app with a public URL (e.g. if the demo was created with `share=True`, or on Hugging Face Spaces) if they knew the path of files to look for. This issue has been patched in version 4.11.0.5.6https://nvd.nist.gov/vuln/detail/CVE-2023-51449
CVE-2023-7054A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /user/add-notes.php. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248741 was assigned to this vulnerability.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-7054
CVE-2023-4256Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-4256
CVE-2023-4255An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.5.5https://nvd.nist.gov/vuln/detail/CVE-2023-4255
CVE-2022-47599Deserialization of Untrusted Data vulnerability in File Manager by Bit Form Team File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager.This issue affects File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager: from n/a through 5.2.7.

5.5https://nvd.nist.gov/vuln/detail/CVE-2022-47599
CVE-2023-50250Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, resulting in XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. As of time of publication, no patched versions are available.
5.4https://nvd.nist.gov/vuln/detail/CVE-2023-50250
CVE-2023-49791Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server prior to versions 26.0.9 and 27.1.4; as well as Nextcloud Enterprise Server prior to versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4; when an attacker manages to get access to an active session of another user via another way, they could delete and modify workflows by sending calls directly to the API bypassing the password confirmation shown in the UI. Nextcloud Server versions 26.0.9 and 27.1.4 and Nextcloud Enterprise Server versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4 contain a patch for this issue. No known workarounds are available.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-49791
CVE-2023-7041A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248690 is the identifier assigned to this vulnerability.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-7041
CVE-2023-32747Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce WooCommerce Bookings.This issue affects WooCommerce Bookings: from n/a through 1.15.78.

5.4https://nvd.nist.gov/vuln/detail/CVE-2023-32747
CVE-2023-22674Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in Hal Gatewood Dashicons + Custom Post Types.This issue affects Dashicons + Custom Post Types: from n/a through 1.0.2.

5.4https://nvd.nist.gov/vuln/detail/CVE-2023-22674
CVE-2023-5989Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uyumsoft Information System and Technologies LioXERP allows Stored XSS.This issue affects LioXERP: before v.146.

5.4https://nvd.nist.gov/vuln/detail/CVE-2023-5989
CVE-2023-50639Cross Site Scripting (XSS) vulnerability in CuteHttpFileServer v.1.0 and v.2.0 allows attackers to obtain sensitive information via the file upload function in the home page.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-50639
CVE-2023-49271Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_out_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.

5.4https://nvd.nist.gov/vuln/detail/CVE-2023-49271
CVE-2023-49270Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_in_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.

5.4https://nvd.nist.gov/vuln/detail/CVE-2023-49270
CVE-2023-49269Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'adults' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.

5.4https://nvd.nist.gov/vuln/detail/CVE-2023-49269
CVE-2023-36520Authorization Bypass Through User-Controlled Key vulnerability in MarketingFire Editorial Calendar.This issue affects Editorial Calendar: from n/a through 3.7.12.

5.4https://nvd.nist.gov/vuln/detail/CVE-2023-36520
CVE-2023-51462Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-51462
CVE-2023-51461Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-51461
CVE-2023-51460Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-51460
CVE-2023-51459Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-51459
CVE-2023-51458Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-51458
CVE-2023-51457Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-51457
CVE-2023-38513Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine (Media Organizer & Lightroom).This issue affects Photo Engine (Media Organizer & Lightroom): from n/a through 6.2.5.

5.4https://nvd.nist.gov/vuln/detail/CVE-2023-38513
CVE-2023-47707IBM Security Guardium Key Lifecycle Manager 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 271522.5.4https://nvd.nist.gov/vuln/detail/CVE-2023-47707
CVE-2023-7094A vulnerability classified as problematic was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected by this vulnerability is an unknown functionality of the file /protocol/nsasg6.0.tgz. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248941 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-7094
CVE-2023-7093A vulnerability classified as critical has been found in KylinSoft kylin-system-updater up to 2.0.5.16-0k2.33. Affected is an unknown function of the file /usr/share/kylin-system-updater/SystemUpdater/UpgradeStrategiesDbus.py of the component com.kylin.systemupgrade Service. The manipulation of the argument SetDownloadspeedMax leads to os command injection. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248940. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-7093
CVE-2023-50259Medusa is an automatic video library manager for TV shows. Versions prior to 1.0.19 are vulnerable to unauthenticated blind server-side request forgery (SSRF). The `testslack` request handler in `medusa/server/web/home/handler.py` does not validate the user-controlled `slack_webhook` variable and passes it to the `notifiers.slack_notifier.test_notify` method, then `_notify_slack` and finally `_send_slack` method, which sends a POST request to the user-controlled URL on line 103 in `/medusa/notifiers/slack.py`, which leads to a blind server-side request forgery (SSRF). This issue allows for crafting POST requests on behalf of the Medusa server. Version 1.0.19 contains a fix for the issue.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-50259
CVE-2023-50258Medusa is an automatic video library manager for TV shows. Versions prior to 1.0.19 are vulnerable to unauthenticated blind server-side request forgery (SSRF). The `testDiscord` request handler in `medusa/server/web/home/handler.py` does not validate the user-controlled `discord_webhook` variable and passes it to the `notifiers.discord_notifier.test_notify` method, then `_notify_discord` and finally `_send_discord_msg` method, which sends a POST request to the user-controlled URL on line 64 in `/medusa/notifiers/discord.py`, which leads to a blind server-side request forgery. This issue allows for crafting POST requests on behalf of the Medusa server. Version 1.0.19 contains a fix for the issue.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-50258
CVE-2023-49792Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server prior to versions 26.0.9 and 27.1.4; as well as Nextcloud Enterprise Server prior to versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4; when a (reverse) proxy is configured as trusted proxy the server could be tricked into reading a wrong remote address for an attacker, allowing them executing authentication attempts than intended. Nextcloud Server versions 26.0.9 and 27.1.4 and Nextcloud Enterprise Server versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4 contain a patch for this issue. No known workarounds are available.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-49792
CVE-2023-27319ONTAP Mediator versions prior to 1.7 are susceptible to a
vulnerability that can allow an unauthenticated attacker to enumerate
URLs via REST API.

5.3https://nvd.nist.gov/vuln/detail/CVE-2023-27319
CVE-2023-46646Improper access control in all versions of GitHub Enterprise Server allows unauthorized users to view private repository names via the "Get a check run" API endpoint. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability affected GitHub Enterprise Server version 3.7.0 and above and was fixed in version 3.17.19, 3.8.12, 3.9.7 3.10.4, and 3.11.0.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-46646
CVE-2023-49162Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BigCommerce BigCommerce For WordPress.This issue affects BigCommerce For WordPress: from n/a through 5.0.6.

5.3https://nvd.nist.gov/vuln/detail/CVE-2023-49162
CVE-2023-28421Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Winwar Media WordPress Email Marketing Plugin – WP Email Capture.This issue affects WordPress Email Marketing Plugin – WP Email Capture: from n/a through 3.10.

5.3https://nvd.nist.gov/vuln/detail/CVE-2023-28421
CVE-2023-49762Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AppMySite AppMySite – Create an app with the Best Mobile App Builder.This issue affects AppMySite – Create an app with the Best Mobile App Builder: from n/a through 3.11.0.

5.3https://nvd.nist.gov/vuln/detail/CVE-2023-49762
CVE-2023-45703HCL Launch may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion.
5.3https://nvd.nist.gov/vuln/detail/CVE-2023-45703
CVE-2022-47597Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Popup Maker Popup Maker – Popup for opt-ins, lead gen, & more.This issue affects Popup Maker – Popup for opt-ins, lead gen, & more: from n/a through 1.17.1.

5.3https://nvd.nist.gov/vuln/detail/CVE-2022-47597
CVE-2023-41796Authorization Bypass Through User-Controlled Key vulnerability in WP Sunshine Sunshine Photo Cart: Free Client Galleries for Photographers.This issue affects Sunshine Photo Cart: Free Client Galleries for Photographers: from n/a before 3.0.0.

5.3https://nvd.nist.gov/vuln/detail/CVE-2023-41796
CVE-2023-47703IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 271197.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-47703
CVE-2023-50705








An attacker could create malicious requests to obtain sensitive information about the web server.






5.3https://nvd.nist.gov/vuln/detail/CVE-2023-50705
CVE-2023-47161IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. IBM X-Force ID: 270799.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-47161
CVE-2023-42013IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 265510.5.3https://nvd.nist.gov/vuln/detail/CVE-2023-42013
CVE-2023-51379An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be updated with an improperly scoped token. This vulnerability did not allow unauthorized access to any repository content as it also required contents:write and issues:read permissions. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. 4.9https://nvd.nist.gov/vuln/detail/CVE-2023-51379
CVE-2023-7096A vulnerability was found in code-projects Faculty Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/php/crud.php. The manipulation of the argument fieldname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248948.4.7https://nvd.nist.gov/vuln/detail/CVE-2023-7096
CVE-2023-7036A vulnerability was found in automad up to 1.10.9. It has been classified as problematic. This affects the function upload of the file FileCollectionController.php of the component Content Type Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248685 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.4.7https://nvd.nist.gov/vuln/detail/CVE-2023-7036
CVE-2023-6784
A malicious user could potentially use the Sitefinity system for the distribution of phishing emails.

4.7https://nvd.nist.gov/vuln/detail/CVE-2023-6784
CVE-2023-50712Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. A stored Cross-Site Scripting (XSS) vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.3.7. The vulnerability may allow an attacker to inject malicious scripts into the application, which could then be executed when a user visits the affected locations. This could lead to unauthorized access, data theft, or other related malicious activities. An attacker need to be authenticated on the application to exploit this vulnerability. The issue is fixed in version v2.3.7 of iris-web. No known workarounds are available.4.6https://nvd.nist.gov/vuln/detail/CVE-2023-50712
CVE-2023-41097An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0.

4.6https://nvd.nist.gov/vuln/detail/CVE-2023-41097
CVE-2023-6769Stored XSS vulnerability in Amazing Little Poll, affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the "lp_admin.php" file in the "question" and "item" parameters. This vulnerability could lead to malicious JavaScript execution while the page is loading.4.6https://nvd.nist.gov/vuln/detail/CVE-2023-6769
CVE-2023-49594An information disclosure vulnerability exists in the challenge functionality of instipod DuoUniversalKeycloakAuthenticator 1.0.7 plugin. A specially crafted HTTP request can lead to a disclosure of sensitive information. An user login to Keycloak using DuoUniversalKeycloakAuthenticator plugin triggers this vulnerability.4.5https://nvd.nist.gov/vuln/detail/CVE-2023-49594
CVE-2023-7042A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.4.4https://nvd.nist.gov/vuln/detail/CVE-2023-7042
CVE-2012-10017A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.04 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 2.06 is able to address this issue. The patch is named 68af950330c3202a706f0ae9bbb52ceaa17dda9d. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-248955.4.3https://nvd.nist.gov/vuln/detail/CVE-2012-10017
CVE-2023-7092A vulnerability was found in Uniway UW-302VP 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /boaform/wlan_basic_set.cgi of the component Admin Web Interface. The manipulation of the argument wlanssid/password leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248939. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-7092
CVE-2023-51451Symbolicator is a service used in Sentry. Starting in Symbolicator version 0.3.3 and prior to version 21.12.1, an attacker could make Symbolicator send GET HTTP requests to arbitrary URLs with internal IP addresses by using an invalid protocol. The responses of those requests could be exposed via Symbolicator's API. In affected Sentry instances, the data could be exposed through the Sentry API and user interface if the attacker has a registered account. The issue has been fixed in Symbolicator release 23.12.1, Sentry self-hosted release 23.12.1, and has already been mitigated on sentry.io on December 18, 2023. If updating is not possible, some other mitigations are available. One may disable JS processing by toggling the option `Allow JavaScript Source Fetching` in `Organization Settings > Security & Privacy` and/or disable all untrusted public repositories under `Project Settings > Debug Files`. Alternatively, if JavaScript and native symbolication are not required, disable Symbolicator completely in `config.yml`.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-51451
CVE-2023-49790The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. No known workarounds are available.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-49790
CVE-2023-7055A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing System 1.0. Affected is an unknown function of the file /user/profile.php of the component Contact Information Handler. The manipulation of the argument mobilenumber leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-248742 is the identifier assigned to this vulnerability.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-7055
CVE-2023-7052A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been classified as problematic. This affects an unknown part of the file /user/profile.php. The manipulation of the argument name leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248739.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-7052
CVE-2023-7051A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/manage-notes.php of the component Notes Handler. The manipulation of the argument delid leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248738 is the identifier assigned to this vulnerability.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-7051
CVE-2023-7040A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248689 was assigned to this vulnerability.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-7040
CVE-2023-49765Authorization Bypass Through User-Controlled Key vulnerability in Blaz K. Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.1.

4.3https://nvd.nist.gov/vuln/detail/CVE-2023-49765
CVE-2023-7038A vulnerability was found in automad up to 1.10.9. It has been rated as problematic. This issue affects some unknown processing of the file /dashboard?controller=UserCollection::createUser of the component User Creation Handler. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248687. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-7038
CVE-2023-7026A vulnerability was found in Lightxun IPTV Gateway up to 20231208. It has been rated as problematic. This issue affects some unknown processing of the file /ZHGXTV/index.php/admin/index/web_upload_template.html. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248579.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-7026
CVE-2023-45700HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.
4.3https://nvd.nist.gov/vuln/detail/CVE-2023-45700
CVE-2023-47705IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to manipulate username data due to improper input validation. IBM X-Force ID: 271228.4.3https://nvd.nist.gov/vuln/detail/CVE-2023-47705
CVE-2023-50704




An attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and could be leveraged to facilitate phishing attacks against application users.







4.3https://nvd.nist.gov/vuln/detail/CVE-2023-50704
CVE-2023-50706












A user without administrator permissions with access to the UC500 windows system could perform a memory dump of the running processes and extract clear credentials or valid session tokens.



4.1https://nvd.nist.gov/vuln/detail/CVE-2023-50706
CVE-2023-6690A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the transfer. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.
3.9https://nvd.nist.gov/vuln/detail/CVE-2023-6690
CVE-2015-10127A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.14 is able to address this issue. The patch is identified as 1274afc635170daafd38306487b6bb8a01f78ecd. It is recommended to upgrade the affected component. VDB-248954 is the identifier assigned to this vulnerability.3.5https://nvd.nist.gov/vuln/detail/CVE-2015-10127
CVE-2014-125109A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.27. It has been declared as problematic. This vulnerability affects the function bws_add_menu_render of the file bws_menu/bws_menu.php. The manipulation of the argument bwsmn_form_email leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 2.28 is able to address this issue. The name of the patch is d2ede580474665af56ff262a05783fbabe4529b8. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248956.3.5https://nvd.nist.gov/vuln/detail/CVE-2014-125109
CVE-2023-51649Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via a Job Button, only the model-level `extras.run_job` permission is checked (i.e., does the user have permission to run Jobs in general). Object-level permissions (i.e., does the user have permission to run this specific Job?) are not enforced by the URL/view used in this case. A user with permissions to run even a single Job can actually run all configured JobButton Jobs. Fix will be available in Nautobot 1.6.8 and 2.1.03.5https://nvd.nist.gov/vuln/detail/CVE-2023-51649
CVE-2023-7076A vulnerability was found in slawkens MyAAC up to 0.8.13. It has been declared as problematic. This vulnerability affects unknown code of the file system/pages/bugtracker.php. The manipulation of the argument bug[2]['subject']/bug[2]['text']/report['subject'] leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.8.14 is able to address this issue. The name of the patch is 83a91ec540072d319dd338abff45f8d5ebf48190. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248848.3.5https://nvd.nist.gov/vuln/detail/CVE-2023-7076
CVE-2023-7075A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /main/checkout.php. The manipulation of the argument pt leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248846 is the identifier assigned to this vulnerability.3.5https://nvd.nist.gov/vuln/detail/CVE-2023-7075
CVE-2023-7059A vulnerability was found in SourceCodester School Visitor Log e-Book 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file log-book.php. The manipulation of the argument Full Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248750 is the identifier assigned to this vulnerability.3.5https://nvd.nist.gov/vuln/detail/CVE-2023-7059
CVE-2023-7057A vulnerability, which was classified as problematic, has been found in code-projects Faculty Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/pages/yearlevel.php. The manipulation of the argument Year Level/Section leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248744.3.5https://nvd.nist.gov/vuln/detail/CVE-2023-7057
CVE-2023-48308Nextcloud/Cloud is a calendar app for Nextcloud. An attacker can gain access to stacktrace and internal paths of the server when generating an exception while editing a calendar appointment. It is recommended that the Nextcloud Calendar app is upgraded to 4.5.3
3.5https://nvd.nist.gov/vuln/detail/CVE-2023-48308
CVE-2023-7050A vulnerability has been found in PHPGurukul Online Notes Sharing System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file user/profile.php. The manipulation of the argument name/email leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248737 was assigned to this vulnerability.3.5https://nvd.nist.gov/vuln/detail/CVE-2023-7050
CVE-2023-2585Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or possible unauthorized access to an existing OAuth client.3.5https://nvd.nist.gov/vuln/detail/CVE-2023-2585
CVE-2014-125108A vulnerability was found in w3c online-spellchecker-py up to 20140130. It has been rated as problematic. This issue affects some unknown processing of the file spellchecker. The manipulation leads to cross site scripting. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of the patch is d6c21fd8187c5db2a50425ff80694149e75d722e. It is recommended to apply a patch to fix this issue. The identifier VDB-248849 was assigned to this vulnerability.3.1https://nvd.nist.gov/vuln/detail/CVE-2014-125108
CVE-2023-7053A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /user/signup.php. The manipulation leads to weak password requirements. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248740.3.1https://nvd.nist.gov/vuln/detail/CVE-2023-7053
CVE-2023-51380An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. 2.7https://nvd.nist.gov/vuln/detail/CVE-2023-51380
CVE-2023-46311Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team Comments – wpDiscuz.This issue affects Comments – wpDiscuz: from n/a through 7.6.3.

2.7https://nvd.nist.gov/vuln/detail/CVE-2023-46311
CVE-2023-7056A vulnerability classified as problematic was found in code-projects Faculty Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/pages/subjects.php. The manipulation of the argument Description/Units leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248743.2.4https://nvd.nist.gov/vuln/detail/CVE-2023-7056
CVE-2023-7035A vulnerability was found in automad up to 1.10.9 and classified as problematic. Affected by this issue is some unknown functionality of the file packages\\standard\\templates\\post.php of the component Setting Handler. The manipulation of the argument sitename leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248684. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.2.4https://nvd.nist.gov/vuln/detail/CVE-2023-7035
CVE-2023-52096SteVe Community ocpp-jaxb before 0.0.8 generates invalid timestamps such as ones with month 00 in certain situations (such as when an application receives a StartTransaction Open Charge Point Protocol message with a timestamp parameter of 1000000). This may lead to a SQL exception in applications, and may undermine the integrity of transaction records.https://nvd.nist.gov/vuln/detail/CVE-2023-52096
CVE-2023-49438An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes.https://nvd.nist.gov/vuln/detail/CVE-2023-49438
CVE-2023-48003An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the '<meta http-equiv="refresh"' in the WebSocket messages.https://nvd.nist.gov/vuln/detail/CVE-2023-48003
CVE-2023-6268The JSON Content Importer WordPress plugin before 1.5.4 does not sanitise and escape the tab parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as adminhttps://nvd.nist.gov/vuln/detail/CVE-2023-6268
CVE-2023-6250The BestWebSoft's Like & Share WordPress plugin before 2.74 discloses the content of password protected posts to unauthenticated users via a meta taghttps://nvd.nist.gov/vuln/detail/CVE-2023-6250
CVE-2023-6166The Quiz Maker WordPress plugin before 6.4.9.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scriptinghttps://nvd.nist.gov/vuln/detail/CVE-2023-6166
CVE-2023-6155The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the `ays_quiz_author_user_search` AJAX action, allowing an unauthenticated attacker to perform a search for users of the system, ultimately leaking user email addresses.https://nvd.nist.gov/vuln/detail/CVE-2023-6155
CVE-2023-6114The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data. When directory listing is enabled in the web server, this allows unauthenticated attackers to discover and access these sensitive files, which include a full database dump and a zip archive of the site.https://nvd.nist.gov/vuln/detail/CVE-2023-6114
CVE-2023-5991The Hotel Booking Lite WordPress plugin before 4.8.5 does not validate file paths provided via user input, as well as does not have proper CSRF and authorisation checks, allowing unauthenticated users to download and delete arbitrary files on the serverhttps://nvd.nist.gov/vuln/detail/CVE-2023-5991
CVE-2023-5980The BSK Forms Blacklist WordPress plugin before 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).https://nvd.nist.gov/vuln/detail/CVE-2023-5980
CVE-2023-5939The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 loads the contents of the import file in an unsafe manner, leading to remote code execution by privileged users.https://nvd.nist.gov/vuln/detail/CVE-2023-5939
CVE-2023-5931The rtMedia for WordPress, BuddyPress and bbPress WordPress plugin before 4.6.16 does not validate files to be uploaded, which could allow attackers with a low-privilege account (e.g. subscribers) to upload arbitrary files such as PHP on the serverhttps://nvd.nist.gov/vuln/detail/CVE-2023-5931
CVE-2023-5674The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor.https://nvd.nist.gov/vuln/detail/CVE-2023-5674
CVE-2023-5673The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions uploading files to attach to emails, allowing attackers to upload PHP files, leading to remote code execution.https://nvd.nist.gov/vuln/detail/CVE-2023-5673
CVE-2023-5672The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion, and allowing an attacker to leak the contents of arbitrary files.https://nvd.nist.gov/vuln/detail/CVE-2023-5672
CVE-2023-5645The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor.https://nvd.nist.gov/vuln/detail/CVE-2023-5645
CVE-2023-5644The WP Mail Log WordPress plugin before 1.1.3 does not correctly authorize its REST API endpoints, allowing users with the Contributor role to view and delete data that should only be accessible to Admin users.https://nvd.nist.gov/vuln/detail/CVE-2023-5644
CVE-2023-5203The WP Sessions Time Monitoring Full Automatic WordPress plugin before 1.0.9 does not sanitize the request URL or query parameters before using them in an SQL query, allowing unauthenticated attackers to extract sensitive data from the database via blind time based SQL injection techniques, or in some cases an error/union based technique.https://nvd.nist.gov/vuln/detail/CVE-2023-5203
CVE-2023-52086resumable.php (aka PHP backend for resumable.js) 0.1.4 before 3c6dbf5 allows arbitrary file upload anywhere in the filesystem via ../ in multipart/form-data content to upload.php. (File overwrite hasn't been possible with the code available in GitHub in recent years, however.)https://nvd.nist.gov/vuln/detail/CVE-2023-52086
CVE-2023-51102Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formWifiMacFilterSet.https://nvd.nist.gov/vuln/detail/CVE-2023-51102
CVE-2023-51101Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetUplinkInfo.https://nvd.nist.gov/vuln/detail/CVE-2023-51101
CVE-2023-51100Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formGetDiagnoseInfo .https://nvd.nist.gov/vuln/detail/CVE-2023-51100
CVE-2023-51099Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formexeCommand .https://nvd.nist.gov/vuln/detail/CVE-2023-51099
CVE-2023-51098Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the function formSetDiagnoseInfo .https://nvd.nist.gov/vuln/detail/CVE-2023-51098
CVE-2023-51097Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetAutoPing.https://nvd.nist.gov/vuln/detail/CVE-2023-51097
CVE-2023-51094Tenda M3 V1.0.0.12(4856) was discovered to contain a Command Execution vulnerability via the function TendaTelnet.https://nvd.nist.gov/vuln/detail/CVE-2023-51094
CVE-2023-51093Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function fromSetLocalVlanInfo.https://nvd.nist.gov/vuln/detail/CVE-2023-51093
CVE-2023-51092Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade.https://nvd.nist.gov/vuln/detail/CVE-2023-51092
CVE-2023-51091Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function R7WebsSecurityHandler.https://nvd.nist.gov/vuln/detail/CVE-2023-51091
CVE-2023-51090Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig.https://nvd.nist.gov/vuln/detail/CVE-2023-51090
CVE-2023-45251Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.https://nvd.nist.gov/vuln/detail/CVE-2023-45251
CVE-2023-43851Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.https://nvd.nist.gov/vuln/detail/CVE-2023-43851
CVE-2023-51095Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPolicy.https://nvd.nist.gov/vuln/detail/CVE-2023-51095
CVE-2023-51467The vulnerability allows attackers to bypass authentication to achieve a simple Server-Side Request Forgery (SSRF)
https://nvd.nist.gov/vuln/detail/CVE-2023-51467
CVE-2023-51107A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon compute_color() of jquant2.c.https://nvd.nist.gov/vuln/detail/CVE-2023-51107
CVE-2023-51106A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon pnm_binary_read_image() of load-pnm.c.https://nvd.nist.gov/vuln/detail/CVE-2023-51106
CVE-2023-51105A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function bmp_decompress_rle4() of load-bmp.c.https://nvd.nist.gov/vuln/detail/CVE-2023-51105
CVE-2023-51104A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon pnm_binary_read_image() of load-pnm.c line 527.https://nvd.nist.gov/vuln/detail/CVE-2023-51104
CVE-2023-51103A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon fz_new_pixmap_from_float_data() of pixmap.c.https://nvd.nist.gov/vuln/detail/CVE-2023-51103
CVE-2023-49949Passwork before 6.2.0 allows remote authenticated users to bypass 2FA by sending all one million of the possible 6-digit codes.https://nvd.nist.gov/vuln/detail/CVE-2023-49949
CVE-2023-50968Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations.

The same uri can be operated to realize a SSRF attack also without authorizations.

Users are recommended to upgrade to version 18.12.11, which fixes this issue.
https://nvd.nist.gov/vuln/detail/CVE-2023-50968
CVE-2023-51363VR-S1000 firmware Ver. 2.37 and earlier allows a network-adjacent unauthenticated attacker who can access the product's web management page to obtain sensitive information.https://nvd.nist.gov/vuln/detail/CVE-2023-51363
CVE-2023-50339Stored cross-site scripting vulnerability exists in the User Management (/admin/users) page of GROWI versions prior to v6.1.11. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.https://nvd.nist.gov/vuln/detail/CVE-2023-50339
CVE-2023-50332Improper authorization vulnerability exists in the User Management (/admin/users) page of GROWI versions prior to v6.0.6. If this vulnerability is exploited, a user may delete or suspend its own account without the user's intention.\r
https://nvd.nist.gov/vuln/detail/CVE-2023-50332
CVE-2023-50294The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. As a result, the Secret access key for external service may be obtained by an attacker who can access the App Settings page.https://nvd.nist.gov/vuln/detail/CVE-2023-50294
CVE-2023-50175Stored cross-site scripting vulnerability exists in the App Settings (/admin/app) page, the Markdown Settings (/admin/markdown) page, and the Customize (/admin/customize) page of GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.https://nvd.nist.gov/vuln/detail/CVE-2023-50175
CVE-2023-49807Stored cross-site scripting vulnerability when processing the MathJax exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.https://nvd.nist.gov/vuln/detail/CVE-2023-49807
CVE-2023-49779Stored cross-site scripting vulnerability exists in the anchor tag of GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.https://nvd.nist.gov/vuln/detail/CVE-2023-49779
CVE-2023-49598Stored cross-site scripting vulnerability exists in the event handlers of the pre tags in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.https://nvd.nist.gov/vuln/detail/CVE-2023-49598
CVE-2023-49119Stored cross-site scripting vulnerability via the img tags exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.https://nvd.nist.gov/vuln/detail/CVE-2023-49119
CVE-2023-47215Stored cross-site scripting vulnerability which is exploiting a behavior of the XSS Filter exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.https://nvd.nist.gov/vuln/detail/CVE-2023-47215
CVE-2023-46711VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user.https://nvd.nist.gov/vuln/detail/CVE-2023-46711
CVE-2023-46699Cross-site request forgery (CSRF) vulnerability exists in the User settings (/me) page of GROWI versions prior to v6.0.0. If a user views a malicious page while logging in, settings may be changed without the user's intention.https://nvd.nist.gov/vuln/detail/CVE-2023-46699
CVE-2023-46681Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in VR-S1000 firmware Ver. 2.37 and earlier allows an authenticated attacker who can access to the product's command line interface to execute an arbitrary command.https://nvd.nist.gov/vuln/detail/CVE-2023-46681
CVE-2023-45741VR-S1000 firmware Ver. 2.37 and earlier allows an attacker with access to the product's web management page to execute arbitrary OS commands.https://nvd.nist.gov/vuln/detail/CVE-2023-45741
CVE-2023-45740Stored cross-site scripting vulnerability when processing profile images exists in GROWI versions prior to v4.1.3. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.https://nvd.nist.gov/vuln/detail/CVE-2023-45740
CVE-2023-45737Stored cross-site scripting vulnerability exists in the App Settings (/admin/app) page and the Markdown Settings (/admin/markdown) page of GROWI versions prior to v3.5.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.https://nvd.nist.gov/vuln/detail/CVE-2023-45737
CVE-2023-42436Stored cross-site scripting vulnerability exists in the presentation feature of GROWI versions prior to v3.4.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.https://nvd.nist.gov/vuln/detail/CVE-2023-42436
CVE-2023-51654Improper link resolution before file access ('Link Following') issue exists in iPrint&Scan Desktop for Windows versions 11.0.0 and earlier. A symlink attack by a malicious user may cause a Denial-of-service (DoS) condition on the PC.https://nvd.nist.gov/vuln/detail/CVE-2023-51654
CVE-2023-50297Open redirect vulnerability in PowerCMS (6 Series, 5 Series, and 4 Series) allows a remote unauthenticated attacker to redirect users to arbitrary web sites via a specially crafted URL. Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-50297
CVE-2023-49117PowerCMS (6 Series, 5 Series, and 4 Series) contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user's web browser. Note that all versions of PowerCMS 3 Series and earlier which are unsupported (End-of-Life, EOL) are also affected by this vulnerability.https://nvd.nist.gov/vuln/detail/CVE-2023-49117
CVE-2023-28616An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends these logs to the Syslog component.https://nvd.nist.gov/vuln/detail/CVE-2023-28616
CVE-2023-27150openCRX 5.2.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name field after creation of a Tracker in Manage Activity.https://nvd.nist.gov/vuln/detail/CVE-2023-27150
CVE-2023-38321OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter and client-token.https://nvd.nist.gov/vuln/detail/CVE-2023-38321
CVE-2023-49954The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address.https://nvd.nist.gov/vuln/detail/CVE-2023-49954
CVE-2023-49944The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Agent Protection feature.https://nvd.nist.gov/vuln/detail/CVE-2023-49944
CVE-2023-49226An issue was discovered in Peplink Balance Two before 8.4.0. Command injection in the traceroute feature of the administration console allows users with admin privileges to execute arbitrary commands as root.https://nvd.nist.gov/vuln/detail/CVE-2023-49226
CVE-2023-48652Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) via /ccm/system/dialogs/logs/delete_all/submit. An attacker can force an admin user to delete server report logs on a web application to which they are currently authenticated.https://nvd.nist.gov/vuln/detail/CVE-2023-48652
CVE-2023-38826A Cross Site Scripting (XSS) vulnerability exists in Follet Learning Solutions Destiny through 20.0_1U. via the handlewpesearchform.do. searchString.https://nvd.nist.gov/vuln/detail/CVE-2023-38826
CVE-2023-36486The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user by uploading a workflow definition file with a malicious filename.https://nvd.nist.gov/vuln/detail/CVE-2023-36486
CVE-2023-36485The workflow-engine of ILIAS before 7.23 and 8 before 8.3 allows remote authenticated users to run arbitrary system commands on the application server as the application user via a malicious BPMN2 workflow definition file.https://nvd.nist.gov/vuln/detail/CVE-2023-36485
CVE-2023-31224There is broken access control during authentication in Jamf Pro Server before 10.46.1.https://nvd.nist.gov/vuln/detail/CVE-2023-31224
CVE-2022-34268An issue was discovered in RWS WorldServer before 11.7.3. /clientLogin deserializes Java objects without authentication, leading to command execution on the host.https://nvd.nist.gov/vuln/detail/CVE-2022-34268
CVE-2022-34267An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value of 02 bypasses all authentication requirements. Arbitrary Java code can be uploaded and executed via a .jar archive to the ws-api/v2/customizations/api endpoint.https://nvd.nist.gov/vuln/detail/CVE-2022-34267
CVE-2023-47247In SysAid On-Premise before 23.3.34, there is an edge case in which an end user is able to delete a Knowledge Base article, aka bug 15102.https://nvd.nist.gov/vuln/detail/CVE-2023-47247
CVE-2023-47091An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. An attacker can overflow the cookie threshold, making an IPsec connection impossible.https://nvd.nist.gov/vuln/detail/CVE-2023-47091
CVE-2023-37188C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_rate_decompress at zfp/blosc2-zfp.c.https://nvd.nist.gov/vuln/detail/CVE-2023-37188
CVE-2023-37187C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the zfp/blosc2-zfp.c zfp_acc_decompress. function.https://nvd.nist.gov/vuln/detail/CVE-2023-37187
CVE-2023-37186C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference in ndlz/ndlz8x8.c via a NULL pointer to memset.https://nvd.nist.gov/vuln/detail/CVE-2023-37186
CVE-2023-37185C-blosc2 before 2.9.3 was discovered to contain a NULL pointer dereference via the function zfp_prec_decompress at zfp/blosc2-zfp.c.https://nvd.nist.gov/vuln/detail/CVE-2023-37185
CVE-2023-31297An issue was discovered in SESAMI planfocus CPTO (Cash Point & Transport Optimizer) 6.3.8.6 718. There is XSS via the Name field when modifying a client.https://nvd.nist.gov/vuln/detail/CVE-2023-31297
CVE-2023-28872Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\\Temp\\NcpSupport* location.https://nvd.nist.gov/vuln/detail/CVE-2023-28872
CVE-2023-51772One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a session timeout, click on the Help icon, observe that there is a browser window for the One Identity website, navigate to any website that offers file upload, navigate to cmd.exe from the file explorer window, and launch cmd.exe as NT AUTHORITY\\SYSTEM.https://nvd.nist.gov/vuln/detail/CVE-2023-51772
CVE-2023-49328On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module.https://nvd.nist.gov/vuln/detail/CVE-2023-49328
CVE-2023-48654One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: go to the Google ReCAPTCHA section, click on the Privacy link, observe that there is a new browser window, navigate to any website that offers file upload, navigate to cmd.exe from the file explorer window, and launch cmd.exe as NT AUTHORITY\\SYSTEM.https://nvd.nist.gov/vuln/detail/CVE-2023-48654
CVE-2023-40236In Pexip VMR self-service portal before 3, the same SSH host key is used across different customers' installations, which allows authentication bypass.https://nvd.nist.gov/vuln/detail/CVE-2023-40236
CVE-2023-37225Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links.https://nvd.nist.gov/vuln/detail/CVE-2023-37225
CVE-2023-31455Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort.https://nvd.nist.gov/vuln/detail/CVE-2023-31455
CVE-2023-31289Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort.https://nvd.nist.gov/vuln/detail/CVE-2023-31289
CVE-2022-43675An issue was discovered in NOKIA NFM-T R19.9. Reflected XSS in the Network Element Manager exists via /oms1350/pages/otn/cpbLogDisplay via the filename parameter, under /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay via the id parameter, and under /oms1350/pages/otn/mainOtn via all parameters.https://nvd.nist.gov/vuln/detail/CVE-2022-43675
CVE-2022-41762An issue was discovered in NOKIA NFM-T R19.9. Multiple Reflected XSS vulnerabilities exist in the Network Element Manager via any parameter to log.pl, the bench or pid parameter to top.pl, or the id parameter to easy1350.pl.https://nvd.nist.gov/vuln/detail/CVE-2022-41762
CVE-2022-41761An issue was discovered in NOKIA NFM-T R19.9. An Absolute Path Traversal vulnerability exists under /cgi-bin/R19.9/viewlog.pl of the VM Manager WebUI via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files.https://nvd.nist.gov/vuln/detail/CVE-2022-41761
CVE-2022-41760An issue was discovered in NOKIA NFM-T R19.9. Relative Path Traversal can occur under /oms1350/data/cpb/log of the Network Element Manager via the filename parameter, allowing a remote authenticated attacker to read arbitrary files.https://nvd.nist.gov/vuln/detail/CVE-2022-41760
CVE-2022-39822In NOKIA NFM-T R19.9, a SQL Injection vulnerability occurs in /cgi-bin/R19.9/easy1350.pl of the VM Manager WebUI via the id or host HTTP GET parameter. An authenticated attacker is required for exploitation.https://nvd.nist.gov/vuln/detail/CVE-2022-39822
CVE-2022-39820In Network Element Manager in NOKIA NFM-T R19.9, an Unprotected Storage of Credentials vulnerability occurs under /root/RestUploadManager.xml.DRC and /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. A remote user, authenticated to the operating system, with access privileges to the directory /root or /DEPOT, is able to read cleartext credentials to access the web portal NFM-T and control all the PPS Network elements.https://nvd.nist.gov/vuln/detail/CVE-2022-39820
CVE-2022-39818In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands, with root privileges, on the operating system.https://nvd.nist.gov/vuln/detail/CVE-2022-39818
CVE-2023-51771In MicroHttpServer (aka Micro HTTP Server) through a8ab029, _ParseHeader in lib/server.c allows a one-byte recv buffer overflow via a long URI.https://nvd.nist.gov/vuln/detail/CVE-2023-51771
CVE-2023-30451In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][basePath][vDEF].https://nvd.nist.gov/vuln/detail/CVE-2023-30451
CVE-2023-7102Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.

https://nvd.nist.gov/vuln/detail/CVE-2023-7102
CVE-2023-7101Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic.
https://nvd.nist.gov/vuln/detail/CVE-2023-7101
CVE-2023-51714An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.https://nvd.nist.gov/vuln/detail/CVE-2023-51714
CVE-2023-51767OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.https://nvd.nist.gov/vuln/detail/CVE-2023-51767
CVE-2023-51766Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.https://nvd.nist.gov/vuln/detail/CVE-2023-51766
CVE-2023-51765sendmail through at least 8.14.7 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not.https://nvd.nist.gov/vuln/detail/CVE-2023-51765
CVE-2023-51764Postfix through 3.8.4 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required: the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9.https://nvd.nist.gov/vuln/detail/CVE-2023-51764
CVE-2023-51763csv_builder.rb in ActiveAdmin (aka Active Admin) before 3.2.0 allows CSV injection.https://nvd.nist.gov/vuln/detail/CVE-2023-51763
CVE-2023-51035TOTOLINK EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution on the cstecgi.cgi NTPSyncWithHost interface.https://nvd.nist.gov/vuln/detail/CVE-2023-51035
CVE-2023-51034TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi UploadFirmwareFile interface.https://nvd.nist.gov/vuln/detail/CVE-2023-51034
CVE-2023-51033TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi setOpModeCfg interface.https://nvd.nist.gov/vuln/detail/CVE-2023-51033
CVE-2023-51022TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langFlag’ parameter of the setLanguageCfg interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51022
CVE-2023-51021TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51021
CVE-2023-51020TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langType’ parameter of the setLanguageCfg interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51020
CVE-2023-51019TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘key5g’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51019
CVE-2023-51018TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘opmode’ parameter of the setWiFiApConfig interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51018
CVE-2023-51017TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanIp parameter’ of the setLanConfig interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51017
CVE-2023-51016TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the setRebootScheCfg interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51016
CVE-2023-51015TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘enable parameter’ of the setDmzCfg interface of the cstecgi .cgihttps://nvd.nist.gov/vuln/detail/CVE-2023-51015
CVE-2023-51014TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanSecDns parameter’ of the setLanConfig interface of the cstecgi .cgihttps://nvd.nist.gov/vuln/detail/CVE-2023-51014
CVE-2023-51013TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanNetmask parameter’ of the setLanConfig interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51013
CVE-2023-51012TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanGateway parameter’ of the setLanConfig interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51012
CVE-2023-51011TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the lanPriDns parameter’ of the setLanConfig interface of the cstecgi .cgihttps://nvd.nist.gov/vuln/detail/CVE-2023-51011
CVE-2023-50147There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the cstecgi .cgi of the TOTOlink A3700R router device in its firmware version V9.1.2u.5822_B20200513.https://nvd.nist.gov/vuln/detail/CVE-2023-50147
CVE-2023-51028TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cstecgi.cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51028
CVE-2023-51027TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51027
CVE-2023-51026TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51026
CVE-2023-51025TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51025
CVE-2023-51024TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51024
CVE-2023-51023TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi.https://nvd.nist.gov/vuln/detail/CVE-2023-51023
CVE-2023-45957A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via $e->getMessage() error mishandling.https://nvd.nist.gov/vuln/detail/CVE-2023-45957
CVE-2023-42465Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.https://nvd.nist.gov/vuln/detail/CVE-2023-42465
CVE-2023-50569Reflected Cross Site Scripting (XSS) vulnerability in Cacti v1.2.25, allows remote attackers to escalate privileges when uploading an xml template file via templates_import.php.https://nvd.nist.gov/vuln/detail/CVE-2023-50569
CVE-2023-49391An issue was discovered in free5GC version 3.3.0, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) on AMF component via crafted NGAP message.https://nvd.nist.gov/vuln/detail/CVE-2023-49391
CVE-2023-49356A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592.https://nvd.nist.gov/vuln/detail/CVE-2023-49356
CVE-2023-43741A time-of-check-time-of-use race condition vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to bypass a symbolic link check for the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script.https://nvd.nist.gov/vuln/detail/CVE-2023-43741
CVE-2023-43116A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script.https://nvd.nist.gov/vuln/detail/CVE-2023-43116
CVE-2023-24609Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of crafted TLS messages, the CPU becomes heavily loaded. This occurs in tls13VerifyBinder and tls13TranscriptHashUpdate.https://nvd.nist.gov/vuln/detail/CVE-2023-24609
CVE-2022-47532FileRun 20220519 allows SQL Injection via the "dir" parameter in a /?module=users&section=cpanel&page=list request.https://nvd.nist.gov/vuln/detail/CVE-2022-47532
CVE-2023-51713make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics.https://nvd.nist.gov/vuln/detail/CVE-2023-51713
CVE-2023-51708Bentley eB System Management Console applications within Assetwise Integrity Information Server allow an unauthenticated user to view configuration options via a crafted request, leading to information disclosure. This affects eB System management Console before 23.00.02.03 and Assetwise ALIM For Transportation before 23.00.01.25.https://nvd.nist.gov/vuln/detail/CVE-2023-51708
CVE-2023-51707MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected.https://nvd.nist.gov/vuln/detail/CVE-2023-51707
CVE-2023-51704An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. In includes/logging/RightsLogFormatter.php, group-*-member messages can result in XSS on Special:log/rights.https://nvd.nist.gov/vuln/detail/CVE-2023-51704
CVE-2023-7024Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)https://nvd.nist.gov/vuln/detail/CVE-2023-7024
CVE-2023-51052S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_formauth parameter at /admin/ajax.php.https://nvd.nist.gov/vuln/detail/CVE-2023-51052
CVE-2023-51051S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /admin/ajax.php.https://nvd.nist.gov/vuln/detail/CVE-2023-51051
CVE-2023-51050S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php.https://nvd.nist.gov/vuln/detail/CVE-2023-51050
CVE-2023-51049S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php.https://nvd.nist.gov/vuln/detail/CVE-2023-51049
CVE-2023-51048S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php.https://nvd.nist.gov/vuln/detail/CVE-2023-51048
CVE-2023-7047
Inadequate validation of permissions when employing remote tools and
macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and
earlier permits a user to initiate a connection without proper execution
rights via the remote tools feature. This affects only SQL data sources.
https://nvd.nist.gov/vuln/detail/CVE-2023-7047
CVE-2023-50119Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-45292. Reason: This record is a reservation duplicate of CVE-2023-45292. Notes: All CVE users should reference CVE-2023-45292 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.https://nvd.nist.gov/vuln/detail/CVE-2023-50119
CVE-2023-48116SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment.https://nvd.nist.gov/vuln/detail/CVE-2023-48116
CVE-2023-48115SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request.https://nvd.nist.gov/vuln/detail/CVE-2023-48115
CVE-2023-48114SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS by using image/svg+xml and an uploaded SVG document. This occurs because the application tries to allow youtube.com URLs, but actually allows youtube.com followed by an @ character and an attacker-controlled domain name.https://nvd.nist.gov/vuln/detail/CVE-2023-48114
CVE-2023-51656Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4.

Users are recommended to upgrade to version 1.2.2, which fixes the issue.

https://nvd.nist.gov/vuln/detail/CVE-2023-51656
CVE-2023-50481An issue was discovered in blinksocks version 3.3.8, allows remote attackers to obtain sensitive information via weak encryption algorithms in the component /presets/ssr-auth-chain.js.https://nvd.nist.gov/vuln/detail/CVE-2023-50481
CVE-2023-50477An issue was discovered in nos client version 0.6.6, allows remote attackers to escalate privileges via getRPCEndpoint.js.https://nvd.nist.gov/vuln/detail/CVE-2023-50477
CVE-2023-50475An issue was discovered in bcoin-org bcoin version 2.2.0, allows remote attackers to obtain sensitive information via weak hashing algorithms in the component \\vendor\\faye-websocket.js.https://nvd.nist.gov/vuln/detail/CVE-2023-50475
CVE-2023-50473Cross-Site Scripting (XSS) vulnerability in bill-ahmed qbit-matUI version 1.16.4, allows remote attackers to obtain sensitive information via fixed session identifiers (SID) in index.js file.https://nvd.nist.gov/vuln/detail/CVE-2023-50473
CVE-2023-50783Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an authenticated user without the variable edit permission, to update a variable.
This flaw compromises the integrity of variable management, potentially leading to unauthorized data modification.
Users are recommended to upgrade to 2.8.0, which fixes this issue
https://nvd.nist.gov/vuln/detail/CVE-2023-50783
CVE-2023-49920Apache Airflow, version 2.7.0 through 2.7.3, has a vulnerability that allows an attacker to trigger a DAG in a GET request without CSRF validation. As a result, it was possible for a malicious website opened in the same browser - by the user who also had Airflow UI opened - to trigger the execution of DAGs without the user's consent.
Users are advised to upgrade to version 2.8.0 or later which is not affected
https://nvd.nist.gov/vuln/detail/CVE-2023-49920
CVE-2023-48291Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't.

This is a missing fix for CVE-2023-42792 in Apache Airflow 2.7.2 

Users of Apache Airflow are strongly advised to upgrade to version 2.8.0 or newer to mitigate the risk associated with this vulnerability.
https://nvd.nist.gov/vuln/detail/CVE-2023-48291
CVE-2023-47265Apache Airflow, versions 2.6.0 through 2.7.3 has a stored XSS vulnerability that allows a DAG author to add an unbounded and not-sanitized javascript in the parameter description field of the DAG. This Javascript can be executed on the client side of any of the user who looks at the tasks in the browser sandbox. While this issue does not allow to exit the browser sandbox or manipulation of the server-side data - more than the DAG author already has, it allows to modify what the user looking at the DAG details sees in the browser - which opens up all kinds of possibilities of misleading other users.

Users of Apache Airflow are recommended to upgrade to version 2.8.0 or newer to mitigate the risk associated with this vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2023-47265
CVE-2023-29487An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause a denial of service (DoS) via the Threat To Process Correlation threat prevention module.https://nvd.nist.gov/vuln/detail/CVE-2023-29487
CVE-2023-29486An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component.https://nvd.nist.gov/vuln/detail/CVE-2023-29486
CVE-2023-29485An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module.https://nvd.nist.gov/vuln/detail/CVE-2023-29485
CVE-2023-49032An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary phone.https://nvd.nist.gov/vuln/detail/CVE-2023-49032
CVE-2023-47093An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. Sending a crafted ICMP packet may lead to a crash of the ASQ engine.https://nvd.nist.gov/vuln/detail/CVE-2023-47093
CVE-2023-41166An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. It's possible to know if a specific user account exists on the SNS firewall by using remote access commands.https://nvd.nist.gov/vuln/detail/CVE-2023-41166
CVE-2023-50993Ruijie WS6008 v1.x v2.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 and WS6108 v1.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 was discovered to contain a command injection vulnerability via the function downFiles.https://nvd.nist.gov/vuln/detail/CVE-2023-50993
CVE-2023-47990SQL Injection vulnerability in components/table_manager/html/edit_admin_table.php in CuppaCMS V1.0 allows attackers to run arbitrary SQL commands via the table parameter.https://nvd.nist.gov/vuln/detail/CVE-2023-47990
CVE-2023-7018Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.https://nvd.nist.gov/vuln/detail/CVE-2023-7018
CVE-2023-3742Insufficient policy enforcement in ADB in Google Chrome on ChromeOS prior to 114.0.5735.90 allowed a local attacker to bypass device policy restrictions via physical access to the device. (Chromium security severity: High)https://nvd.nist.gov/vuln/detail/CVE-2023-3742
CVE-2023-50628Buffer Overflow vulnerability in libming version 0.4.8, allows attackers to execute arbitrary code and obtain sensitive information via parser.c component.https://nvd.nist.gov/vuln/detail/CVE-2023-50628
CVE-2023-50044Buffer Overflow vulnerability in Cesanta MJS version 2.22.0, allows attackers to execute arbitrary code, cause a denial of service (Dos), and obtain sensitive information via segmentation fault can occur in getprop_builtin_foreign when input string includes a name of Built-in APIs.https://nvd.nist.gov/vuln/detail/CVE-2023-50044
CVE-2023-6977This vulnerability enables malicious users to read sensitive files on the server.https://nvd.nist.gov/vuln/detail/CVE-2023-6977
CVE-2023-6976This vulnerability is capable of writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process.https://nvd.nist.gov/vuln/detail/CVE-2023-6976
CVE-2023-6975A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information.https://nvd.nist.gov/vuln/detail/CVE-2023-6975
CVE-2023-6974A malicious user could use this issue to access internal HTTP(s) servers and in the worst case (ie: aws instance) it could be abuse to get a remote code execution on the victim machine.https://nvd.nist.gov/vuln/detail/CVE-2023-6974
CVE-2023-27172Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sign JWT tokens via a bruteforce attack.https://nvd.nist.gov/vuln/detail/CVE-2023-27172
CVE-2023-45887DS Wireless Communication (DWC) with DWC_VERSION_3 and DWC_VERSION_11 allows remote attackers to execute arbitrary code on a game-playing client's machine via a modified GPCM message.https://nvd.nist.gov/vuln/detail/CVE-2023-45887