Dernières vulnérabilités du 25-06-2023

Dernières vulnérabilités du 25-06-2023
{{titre}}

Dernière mise à jour efféctuée le 25/06/2023 à 10:00:04

Vulnérabilité(s) CRITICAL [9.0, 10.0]

Vulnérabilité ID : CVE-2023-1721

Première publication le : 2023-06-24T00:15:09.140

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators.

CVE ID : CVE-2023-1721

Source : help@fluidattacks.com

Score CVSS : 9.1

Références :
https://fluidattacks.com/advisories/blessd/ | source : help@fluidattacks.com
https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html | source : help@fluidattacks.com


Vulnérabilité ID : CVE-2023-1722

Première publication le : 2023-06-24T02:15:08.233

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators.

CVE ID : CVE-2023-1722

Source : help@fluidattacks.com

Score CVSS : 9.1

Références :
https://fluidattacks.com/advisories/wyckoff/ | source : help@fluidattacks.com
https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html | source : help@fluidattacks.com


Vulnérabilité ID : CVE-2023-3197

Première publication le : 2023-06-24T03:15:09.080

Dernière modification le : 2023-06-24T12:41:30.800

Description :
The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to, and including, 4.0.1 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE ID : CVE-2023-3197

Source : security@wordfence.com

Score CVSS : 9.8

Références :
https://plugins.trac.wordpress.org/changeset/2929891/mstore-api/trunk/controllers/helpers/vendor-wcfm.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/30aab1af-a78f-4bac-b3c5-30ea854ccef7?source=cve | source : security@wordfence.com


Vulnérabilité(s) HIGH [7.0, 8.9]

Vulnérabilité ID : CVE-2023-1724

Première publication le : 2023-06-24T01:15:08.543

Dernière modification le : 2023-06-24T12:41:30.800

Description :
Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS.

CVE ID : CVE-2023-1724

Source : help@fluidattacks.com

Score CVSS : 7.3

Références :
https://fluidattacks.com/advisories/towers/ | source : help@fluidattacks.com
https://github.com/ladybirdweb/faveo-helpdesk/ | source : help@fluidattacks.com


Vulnérabilité ID : CVE-2023-3388

Première publication le : 2023-06-24T03:15:09.230

Dernière modification le : 2023-06-24T12:41:30.800

Description :
The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the 'nsc_bar_content_href' parameter in versions up to, and including, 2.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. A partial patch was made available in 2.10.1 and the issue was fully patched in 2.10.2.

CVE ID : CVE-2023-3388

Source : security@wordfence.com

Score CVSS : 7.2

Références :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2857982%40beautiful-and-responsive-cookie-consent&new=2857982%40beautiful-and-responsive-cookie-consent&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/blog/2023/05/wordfence-firewall-blocks-bizarre-large-scale-xss-campaign/ | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/542a4079-b1a2-49bc-9ddd-ba7978c9992e?source=cve | source : security@wordfence.com


Vulnérabilité(s) MEDIUM [4.0, 6.9]

Vulnérabilité ID : CVE-2023-3387

Première publication le : 2023-06-24T03:15:09.157

Dernière modification le : 2023-06-24T12:41:30.800

Description :
The Lana Text to Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'lana_text_to_image' and 'lana_text_to_img' shortcode in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-3387

Source : security@wordfence.com

Score CVSS : 6.4

Références :
https://plugins.trac.wordpress.org/browser/lana-text-to-image/tags/1.0.0/lana-text-to-image.php#L97 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2929913/lana-text-to-image | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/8acb7893-85b2-404a-b3fe-b4c1a835b3eb?source=cve | source : security@wordfence.com


Vulnérabilité(s) LOW [0.1, 3.9]

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.