Dernières vulnérabilités du Lundi 10 Juillet 2023 + weekend

Dernières vulnérabilités du Lundi 10 Juillet 2023 + weekend
{{titre}}

Dernière mise à jour efféctuée le 10/07/2023 à 21:52:49

(18) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : puiterwijk.org

Vulnérabilité ID : CVE-2021-33796

Première publication le : 07-07-2023 18:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.

CVE ID : CVE-2021-33796
Source : patrick@puiterwijk.org
Score CVSS : 10.0

Références :
https://github.com/ccxvii/mujs/commit/7ef066a3bb95bf83e7c5be50d859e62e58fe8515 | source : patrick@puiterwijk.org

Vulnérabilité : CWE-416


Vulnérabilité ID : CVE-2021-32494

Première publication le : 07-07-2023 19:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service.

CVE ID : CVE-2021-32494
Source : patrick@puiterwijk.org
Score CVSS : 10.0

Références :
https://github.com/radareorg/radare2/commit/a07dedb804a82bc01c07072861942dd80c6b6d62 | source : patrick@puiterwijk.org
https://github.com/radareorg/radare2/issues/18667 | source : patrick@puiterwijk.org

Vulnérabilité : CWE-369


Vulnérabilité ID : CVE-2021-32495

Première publication le : 07-07-2023 19:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.

CVE ID : CVE-2021-32495
Source : patrick@puiterwijk.org
Score CVSS : 10.0

Références :
https://github.com/radareorg/radare2/commit/5e16e2d1c9fe245e4c17005d779fde91ec0b9c05 | source : patrick@puiterwijk.org
https://github.com/radareorg/radare2/issues/18666 | source : patrick@puiterwijk.org

Vulnérabilité : CWE-416


Source : redhat.com

Vulnérabilité ID : CVE-2022-4361

Première publication le : 07-07-2023 20:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirect_uri.

CVE ID : CVE-2022-4361
Source : secalert@redhat.com
Score CVSS : 10.0

Références :
https://bugzilla.redhat.com/show_bug.cgi?id=2151618 | source : secalert@redhat.com
https://github.com/keycloak/keycloak/commit/a1cfe6e24e5b34792699a00b8b4a8016a5929e3a | source : secalert@redhat.com

Vulnérabilité : CWE-81


Vulnérabilité ID : CVE-2023-32254

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:27:17

Description :
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.

CVE ID : CVE-2023-32254
Source : secalert@redhat.com
Score CVSS : 9.8

Références :
https://access.redhat.com/security/cve/CVE-2023-32254 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2191658 | source : secalert@redhat.com
https://www.zerodayinitiative.com/advisories/ZDI-23-702/ | source : secalert@redhat.com


Vulnérabilité ID : CVE-2023-32250

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:27:17

Description :
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel.

CVE ID : CVE-2023-32250
Source : secalert@redhat.com
Score CVSS : 9.0

Références :
https://access.redhat.com/security/cve/CVE-2023-32250 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2208849 | source : secalert@redhat.com
https://www.zerodayinitiative.com/advisories/ZDI-23-698/ | source : secalert@redhat.com


Source : cert.org.tw

Vulnérabilité ID : CVE-2023-37286

Première publication le : 10-07-2023 02:15:45
Dernière modification le : 10-07-2023 16:27:17

Description :
SmartSoft SmartBPM.NET has a vulnerability of using hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code and disrupt service.

CVE ID : CVE-2023-37286
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7221-438c6-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-798


Vulnérabilité ID : CVE-2023-37287

Première publication le : 10-07-2023 02:15:45
Dernière modification le : 10-07-2023 16:27:17

Description :
SmartBPM.NET has a vulnerability of using hard-coded authentication key. An unauthenticated remote attacker can exploit this vulnerability to access system with regular user privilege to read application data, and execute submission and approval processes.

CVE ID : CVE-2023-37287
Source : twcert@cert.org.tw
Score CVSS : 9.1

Références :
https://www.twcert.org.tw/tw/cp-132-7222-cdfd0-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-798


Source : usom.gov.tr

Vulnérabilité ID : CVE-2023-2046

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yontem Informatics Vehicle Tracking System allows SQL Injection.This issue affects Vehicle Tracking System: before 8.

CVE ID : CVE-2023-2046
Source : cve@usom.gov.tr
Score CVSS : 9.8

Références :
https://www.usom.gov.tr/bildirim/tr-23-0389 | source : cve@usom.gov.tr

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-2852

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Softmed SelfPatron allows SQL Injection.This issue affects SelfPatron : before 2.0.

CVE ID : CVE-2023-2852
Source : cve@usom.gov.tr
Score CVSS : 9.8

Références :
https://www.usom.gov.tr/bildirim/tr-23-0388 | source : cve@usom.gov.tr

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3045

Première publication le : 10-07-2023 16:15:54
Dernière modification le : 10-07-2023 16:27:17

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tise Technology Parking Web Report allows SQL Injection.This issue affects Parking Web Report: before 2.1.

CVE ID : CVE-2023-3045
Source : cve@usom.gov.tr
Score CVSS : 9.8

Références :
https://www.usom.gov.tr/bildirim/tr-23-0387 | source : cve@usom.gov.tr

Vulnérabilité : CWE-89


Source : hq.dhs.gov

Vulnérabilité ID : CVE-2023-34347

Première publication le : 10-07-2023 19:15:09
Dernière modification le : 10-07-2023 19:15:09

Description :
?Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code.

CVE ID : CVE-2023-34347
Source : ics-cert@hq.dhs.gov
Score CVSS : 9.8

Références :
https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-01 | source : ics-cert@hq.dhs.gov

Vulnérabilité : CWE-502


Source : github.com

Vulnérabilité ID : CVE-2023-37261

Première publication le : 07-07-2023 21:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
OpenComputers is a Minecraft mod that adds programmable computers and robots to the game. This issue affects every version of OpenComputers with the Internet Card feature enabled; that is, OpenComputers 1.2.0 until 1.8.3 in their most common, default configurations. If the OpenComputers mod is installed as part of a Minecraft server hosted on a popular cloud hosting provider, such as AWS, GCP and Azure, those metadata services' API endpoints are not forbidden (aka "blacklisted") by default. As such, any player can gain access to sensitive information exposed via those metadata servers, potentially allowing them to pivot or privilege escalate into the hosting provider. In addition, IPv6 addresses are not correctly filtered at all, allowing broader access into the local IPv6 network. This can allow a player on a server using an OpenComputers computer to access parts of the private IPv4 address space, as well as the whole IPv6 address space, in order to retrieve sensitive information. OpenComputers v1.8.3 for Minecraft 1.7.10 and 1.12.2 contains a patch for this issue. Some workarounds are also available. One may disable the Internet Card feature completely. If using OpenComputers 1.3.0 or above, using the allow list (`opencomputers.internet.whitelist` option) will prohibit connections to any IP addresses and/or domains not listed; or one may add entries to the block list (`opencomputers.internet.blacklist` option). More information about mitigations is available in the GitHub Security Advisory.

CVE ID : CVE-2023-37261
Source : security-advisories@github.com
Score CVSS : 9.6

Références :
https://github.com/MightyPirates/OpenComputers/blob/5b2ba76a4c242b369b9b6ac6196fd04d96580ad0/src/main/resources/application.conf#L966-L986 | source : security-advisories@github.com
https://github.com/MightyPirates/OpenComputers/blob/5b2ba76a4c242b369b9b6ac6196fd04d96580ad0/src/main/scala/li/cil/oc/Settings.scala#L614-L637 | source : security-advisories@github.com
https://github.com/MightyPirates/OpenComputers/commit/d13c015357fd6c42e0a1bdd6e1ef9462f0450a15 | source : security-advisories@github.com
https://github.com/MightyPirates/OpenComputers/issues/2365 | source : security-advisories@github.com
https://github.com/MightyPirates/OpenComputers/releases/tag/1.12.2-forge%2F1.8.3 | source : security-advisories@github.com
https://github.com/MightyPirates/OpenComputers/security/advisories/GHSA-vvfj-xh7c-j2cm | source : security-advisories@github.com
https://github.com/cc-tweaked/CC-Tweaked/security/advisories/GHSA-7p4w-mv69-2wm2 | source : security-advisories@github.com

Vulnérabilité : CWE-918


Vulnérabilité ID : CVE-2023-37262

Première publication le : 07-07-2023 21:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
CC: Tweaked is a mod for Minecraft which adds programmable computers, turtles, and more to the game. Prior to versions 1.20.1-1.106.0, 1.19.4-1.106.0, 1.19.2-1.101.3, 1.18.2-1.101.3, and 1.16.5-1.101.3, if the cc-tweaked plugin is running on a Minecraft server hosted on a popular cloud hosting providers, like AWS, GCP, and Azure, those metadata services API endpoints are not forbidden (aka "blacklisted") by default. As such, any player can gain access to sensitive information exposed via those metadata servers, potentially allowing them to pivot or privilege escalate into the hosting provider. Versions 1.20.1-1.106.0, 1.19.4-1.106.0, 1.19.2-1.101.3, 1.18.2-1.101.3, and 1.16.5-1.101.3 contain a fix for this issue.

CVE ID : CVE-2023-37262
Source : security-advisories@github.com
Score CVSS : 9.6

Références :
https://github.com/MightyPirates/OpenComputers/security/advisories/GHSA-vvfj-xh7c-j2cm | source : security-advisories@github.com
https://github.com/cc-tweaked/CC-Tweaked/blob/96847bb8c28df51e5e49f2dd2978ff6cc4e2821b/projects/core/src/main/java/dan200/computercraft/core/apis/http/options/AddressPredicate.java#L116-L126 | source : security-advisories@github.com
https://github.com/cc-tweaked/CC-Tweaked/commit/4bbde8c50c00bc572578ab2cff609b3443d10ddf | source : security-advisories@github.com
https://github.com/cc-tweaked/CC-Tweaked/security/advisories/GHSA-7p4w-mv69-2wm2 | source : security-advisories@github.com
https://github.com/dan200/ComputerCraft/issues/170 | source : security-advisories@github.com

Vulnérabilité : CWE-918


Vulnérabilité ID : CVE-2023-37277

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The REST API allows executing all actions via POST requests and accepts `text/plain`, `multipart/form-data` or `application/www-form-urlencoded` as content types which can be sent via regular HTML forms, thus allowing cross-site request forgery. With the interaction of a user with programming rights, this allows remote code execution through script macros and thus impacts the integrity, availability and confidentiality of the whole XWiki installation. For regular cookie-based authentication, the vulnerability is mitigated by SameSite cookie restrictions but as of March 2023, these are not enabled by default in Firefox and Safari. The vulnerability has been patched in XWiki 14.10.8 and 15.2 by requiring a CSRF token header for certain request types that are susceptible to CSRF attacks.

CVE ID : CVE-2023-37277
Source : security-advisories@github.com
Score CVSS : 9.6

Références :
https://github.com/xwiki/xwiki-platform/commit/4c175405faa0e62437df397811c7526dfc0fbae7 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-6xxr-648m-gch6 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20135 | source : security-advisories@github.com

Vulnérabilité : CWE-352


Source : huntr.dev

Vulnérabilité ID : CVE-2023-3551

Première publication le : 08-07-2023 09:15:42
Dernière modification le : 08-07-2023 10:25:54

Description :
Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.10.

CVE ID : CVE-2023-3551
Source : security@huntr.dev
Score CVSS : 9.1

Références :
https://github.com/nilsteampassnet/teampass/commit/cc6abc76aa46ed4a27736c1d2f21e432a5d54e6f | source : security@huntr.dev
https://huntr.dev/bounties/cf8878ff-6cd9-49be-b313-7ac2a94fc7f7 | source : security@huntr.dev

Vulnérabilité : CWE-94


Source : divd.nl

Vulnérabilité ID : CVE-2021-42081

Première publication le : 10-07-2023 16:15:47
Dernière modification le : 10-07-2023 16:27:17

Description :
An authenticated administrator is allowed to remotely execute arbitrary shell commands via the API.

CVE ID : CVE-2021-42081
Source : csirt@divd.nl
Score CVSS : 9.1

Références :
https://csirt.divd.nl/CVE-2021-42081 | source : csirt@divd.nl
https://www.divd.nl/DIVD-2021-00020 | source : csirt@divd.nl
https://www.osnexus.com/products/software-defined-storage | source : csirt@divd.nl
https://www.wbsec.nl/osnexus | source : csirt@divd.nl

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2021-4406

Première publication le : 10-07-2023 16:15:47
Dernière modification le : 10-07-2023 16:27:17

Description :
An administrator is able to execute commands as root via the alerts management dialog

CVE ID : CVE-2021-4406
Source : csirt@divd.nl
Score CVSS : 9.1

Références :
https://csirt.divd.nl/CVE-2021-4406 | source : csirt@divd.nl
https://www.divd.nl/DIVD-2021-00020 | source : csirt@divd.nl
https://www.osnexus.com/products/software-defined-storage | source : csirt@divd.nl

Vulnérabilité : CWE-77


(22) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : hq.dhs.gov

Vulnérabilité ID : CVE-2023-35120

Première publication le : 07-07-2023 00:15:09
Dernière modification le : 07-07-2023 12:50:22

Description :
PiiGAB M-Bus is vulnerable to cross-site request forgery. An attacker who wants to execute a certain command could send a phishing mail to the owner of the device and hope that the owner clicks on the link. If the owner of the device has a cookie stored that allows the owner to be logged in, then the device could execute the GET or POST link request.

CVE ID : CVE-2023-35120
Source : ics-cert@hq.dhs.gov
Score CVSS : 8.8

Références :
https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01 | source : ics-cert@hq.dhs.gov

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-32652

Première publication le : 07-07-2023 00:15:09
Dernière modification le : 07-07-2023 12:50:22

Description :
PiiGAB M-Bus does not validate identification strings before processing, which could make it vulnerable to cross-site scripting attacks.

CVE ID : CVE-2023-32652
Source : ics-cert@hq.dhs.gov
Score CVSS : 8.0

Références :
https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01 | source : ics-cert@hq.dhs.gov

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-34433

Première publication le : 07-07-2023 00:15:09
Dernière modification le : 07-07-2023 12:50:22

Description :
PiiGAB M-Bus stores passwords using a weak hash algorithm.

CVE ID : CVE-2023-34433
Source : ics-cert@hq.dhs.gov
Score CVSS : 7.5

Références :
https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01 | source : ics-cert@hq.dhs.gov

Vulnérabilité : CWE-916


Vulnérabilité ID : CVE-2023-34995

Première publication le : 07-07-2023 00:15:09
Dernière modification le : 07-07-2023 12:50:22

Description :
There are no requirements for setting a complex password for PiiGAB M-Bus, which could contribute to a successful brute force attack if the password is inline with recommended password guidelines.

CVE ID : CVE-2023-34995
Source : ics-cert@hq.dhs.gov
Score CVSS : 7.5

Références :
https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01 | source : ics-cert@hq.dhs.gov

Vulnérabilité : CWE-521


Source : divd.nl

Vulnérabilité ID : CVE-2021-42083

Première publication le : 10-07-2023 16:15:47
Dernière modification le : 10-07-2023 16:27:17

Description :
An authenticated attacker is able to create alerts that trigger a stored XSS attack.

CVE ID : CVE-2021-42083
Source : csirt@divd.nl
Score CVSS : 8.7

Références :
https://csirt.divd.nl/CVE-2021-42083 | source : csirt@divd.nl
https://www.divd.nl/DIVD-2021-00020 | source : csirt@divd.nl
https://www.osnexus.com/products/software-defined-storage | source : csirt@divd.nl
https://www.wbsec.nl/osnexus | source : csirt@divd.nl

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2021-42082

Première publication le : 10-07-2023 16:15:47
Dernière modification le : 10-07-2023 16:27:17

Description :
Local users are able to execute scripts under root privileges.

CVE ID : CVE-2021-42082
Source : csirt@divd.nl
Score CVSS : 7.1

Références :
https://csirt.divd.nl/CVE-2021-42082 | source : csirt@divd.nl
https://www.divd.nl/DIVD-2021-00020 | source : csirt@divd.nl
https://www.osnexus.com/products/software-defined-storage | source : csirt@divd.nl
https://www.wbsec.nl/osnexus | source : csirt@divd.nl

Vulnérabilité : CWE-269


Source : sick.de

Vulnérabilité ID : CVE-2023-3270

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the system.

CVE ID : CVE-2023-3270
Source : psirt@sick.de
Score CVSS : 8.6

Références :
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json | source : psirt@sick.de
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf | source : psirt@sick.de
https://sick.com/psirt | source : psirt@sick.de


Vulnérabilité ID : CVE-2023-3271

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints.

CVE ID : CVE-2023-3271
Source : psirt@sick.de
Score CVSS : 8.2

Références :
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json | source : psirt@sick.de
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf | source : psirt@sick.de
https://sick.com/psirt | source : psirt@sick.de

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-35696

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:27:17

Description :
Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests.

CVE ID : CVE-2023-35696
Source : psirt@sick.de
Score CVSS : 7.5

Références :
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json | source : psirt@sick.de
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf | source : psirt@sick.de
https://sick.com/psirt | source : psirt@sick.de

Vulnérabilité : CWE-668


Vulnérabilité ID : CVE-2023-3272

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted.

CVE ID : CVE-2023-3272
Source : psirt@sick.de
Score CVSS : 7.5

Références :
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json | source : psirt@sick.de
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf | source : psirt@sick.de
https://sick.com/psirt | source : psirt@sick.de

Vulnérabilité : CWE-319


Vulnérabilité ID : CVE-2023-3273

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.

CVE ID : CVE-2023-3273
Source : psirt@sick.de
Score CVSS : 7.5

Références :
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json | source : psirt@sick.de
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf | source : psirt@sick.de
https://sick.com/psirt | source : psirt@sick.de

Vulnérabilité : CWE-284


Source : huntr.dev

Vulnérabilité ID : CVE-2023-3532

Première publication le : 07-07-2023 03:15:09
Dernière modification le : 07-07-2023 12:50:22

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository outline/outline prior to 0.70.1.

CVE ID : CVE-2023-3532
Source : security@huntr.dev
Score CVSS : 8.5

Références :
https://github.com/outline/outline/commit/9431df45c210e85b77cd27f2ffaf0358b837afa3 | source : security@huntr.dev
https://huntr.dev/bounties/ebd2428a-e2cb-480e-ba37-dd89ad62cf1b | source : security@huntr.dev

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3552

Première publication le : 08-07-2023 09:15:43
Dernière modification le : 08-07-2023 10:25:54

Description :
Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.10.

CVE ID : CVE-2023-3552
Source : security@huntr.dev
Score CVSS : 7.6

Références :
https://github.com/nilsteampassnet/teampass/commit/8acb4dacc2d008a4186a4e13cc143e978f113955 | source : security@huntr.dev
https://huntr.dev/bounties/aeb2f43f-0602-4ac6-9685-273e87ff4ded | source : security@huntr.dev

Vulnérabilité : CWE-116


Source : us.ibm.com

Vulnérabilité ID : CVE-2023-27558

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 on Windows 10.5, 11.1, and 11.5 may be vulnerable to a privilege escalation caused by at least one installed service using an unquoted service path. A local attacker could exploit this vulnerability to gain elevated privileges by inserting an executable file in the path of the affected service. IBM X-Force ID: 249194.

CVE ID : CVE-2023-27558
Source : psirt@us.ibm.com
Score CVSS : 8.4

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/249194 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010571 | source : psirt@us.ibm.com


Vulnérabilité ID : CVE-2023-30431

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow the buffer and execute arbitrary code. IBM X-Force ID: 252184.

CVE ID : CVE-2023-30431
Source : psirt@us.ibm.com
Score CVSS : 8.4

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/252184 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010565 | source : psirt@us.ibm.com

Vulnérabilité : CWE-119


Vulnérabilité ID : CVE-2023-30445

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253357.

CVE ID : CVE-2023-30445
Source : psirt@us.ibm.com
Score CVSS : 7.5

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/253357 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010557 | source : psirt@us.ibm.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-30449

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 253439.

CVE ID : CVE-2023-30449
Source : psirt@us.ibm.com
Score CVSS : 7.5

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/253439 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010557 | source : psirt@us.ibm.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-28958

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 251782.

CVE ID : CVE-2023-28958
Source : psirt@us.ibm.com
Score CVSS : 7.0

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/251782 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7009747 | source : psirt@us.ibm.com

Vulnérabilité : CWE-1236


Source : suse.de

Vulnérabilité ID : CVE-2023-32183

Première publication le : 07-07-2023 09:15:10
Dernière modification le : 07-07-2023 12:50:22

Description :
Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed hawk2 package allows users with access to the hacluster to escalate to root This issue affects openSUSE Tumbleweed.

CVE ID : CVE-2023-32183
Source : meissner@suse.de
Score CVSS : 7.8

Références :
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32183 | source : meissner@suse.de

Vulnérabilité : CWE-276


Source : redhat.com

Vulnérabilité ID : CVE-2023-34318

Première publication le : 10-07-2023 18:15:10
Dernière modification le : 10-07-2023 18:15:29

Description :
A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.

CVE ID : CVE-2023-34318
Source : secalert@redhat.com
Score CVSS : 7.8

Références :
https://access.redhat.com/security/cve/CVE-2023-34318 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2212283 | source : secalert@redhat.com


Source : github.com

Vulnérabilité ID : CVE-2023-37270

Première publication le : 07-07-2023 22:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
Piwigo is open source photo gallery software. Prior to version 13.8.0, there is a SQL Injection vulnerability in the login of the administrator screen. The SQL statement that acquires the HTTP Header `User-Agent` is vulnerable at the endpoint that records user information when logging in to the administrator screen. It is possible to execute arbitrary SQL statements. Someone who wants to exploit the vulnerability must be log in to the administrator screen, even with low privileges. Any SQL statement can be executed. Doing so may leak information from the database. Version 13.8.0 contains a fix for this issue. As another mitigation, those who want to execute a SQL statement verbatim with user-enterable parameters should be sure to escape the parameter contents appropriately.

CVE ID : CVE-2023-37270
Source : security-advisories@github.com
Score CVSS : 7.6

Références :
https://github.com/Piwigo/Piwigo/blob/c01ec38bc43f09424a8d404719c35f963d63cf00/include/dblayer/functions_mysqli.inc.php#L491 | source : security-advisories@github.com
https://github.com/Piwigo/Piwigo/blob/c01ec38bc43f09424a8d404719c35f963d63cf00/include/functions.inc.php#L621 | source : security-advisories@github.com
https://github.com/Piwigo/Piwigo/commit/978425527d6c113887f845d75cf982bbb62d761a | source : security-advisories@github.com
https://github.com/Piwigo/Piwigo/security/advisories/GHSA-934w-qj9p-3qcx | source : security-advisories@github.com
https://piwigo.org/release-13.8.0 | source : security-advisories@github.com

Vulnérabilité : CWE-89


Source : patchstack.com

Vulnérabilité ID : CVE-2023-29095

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
Auth. (admin+) SQL Injection (SQLi) vulnerability in David F. Carr RSVPMaker plugin < 10.5.5 versions.

CVE ID : CVE-2023-29095
Source : audit@patchstack.com
Score CVSS : 7.6

Références :
https://patchstack.com/database/vulnerability/rsvpmaker/wordpress-rsvpmaker-plugin-10-5-3-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-89


(61) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : zephyrproject.org

Vulnérabilité ID : CVE-2023-2234

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
Union variant confusion allows any malicious BT controller to execute arbitrary code on the Zephyr host.

CVE ID : CVE-2023-2234
Source : vulnerabilities@zephyrproject.org
Score CVSS : 6.8

Références :
https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx9g-8fr2-q899 | source : vulnerabilities@zephyrproject.org

Vulnérabilité : CWE-843


Vulnérabilité ID : CVE-2023-0359

Première publication le : 10-07-2023 16:15:48
Dernière modification le : 10-07-2023 16:27:17

Description :
A missing nullptr-check in handle_ra_input can cause a nullptr-deref.

CVE ID : CVE-2023-0359
Source : vulnerabilities@zephyrproject.org
Score CVSS : 5.9

Références :
https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c7fq-vqm6-v5pf | source : vulnerabilities@zephyrproject.org

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-1901

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
The bluetooth HCI host layer logic not clearing a global reference to a semaphore after synchronously sending HCI commands may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer.

CVE ID : CVE-2023-1901
Source : vulnerabilities@zephyrproject.org
Score CVSS : 5.9

Références :
https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xvvm-8mcm-9cq3 | source : vulnerabilities@zephyrproject.org


Vulnérabilité ID : CVE-2023-1902

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
The bluetooth HCI host layer logic not clearing a global reference to a state pointer after handling connection events may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer.

CVE ID : CVE-2023-1902
Source : vulnerabilities@zephyrproject.org
Score CVSS : 5.9

Références :
https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx9g-8fr2-q899 | source : vulnerabilities@zephyrproject.org


Source : hq.dhs.gov

Vulnérabilité ID : CVE-2023-35765

Première publication le : 07-07-2023 00:15:09
Dernière modification le : 07-07-2023 12:50:22

Description :
PiiGAB M-Bus stores credentials in a plaintext file, which could allow a low-level user to gain admin credentials.

CVE ID : CVE-2023-35765
Source : ics-cert@hq.dhs.gov
Score CVSS : 6.5

Références :
https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01 | source : ics-cert@hq.dhs.gov

Vulnérabilité : CWE-256


Source : cert.org.tw

Vulnérabilité ID : CVE-2023-37288

Première publication le : 10-07-2023 02:15:45
Dernière modification le : 10-07-2023 16:27:17

Description :
SmartBPM.NET component has a vulnerability of path traversal within its file download function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files.

CVE ID : CVE-2023-37288
Source : twcert@cert.org.tw
Score CVSS : 6.5

Références :
https://www.twcert.org.tw/tw/cp-132-7223-af8f8-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-23


Source : divd.nl

Vulnérabilité ID : CVE-2021-42080

Première publication le : 10-07-2023 16:15:47
Dernière modification le : 10-07-2023 16:27:17

Description :
An attacker is able to launch a Reflected XSS attack using a crafted URL.

CVE ID : CVE-2021-42080
Source : csirt@divd.nl
Score CVSS : 6.5

Références :
https://csirt.divd.nl/CVE-2021-42080 | source : csirt@divd.nl
https://www.divd.nl/DIVD-2021-00020 | source : csirt@divd.nl
https://www.osnexus.com/products/software-defined-storage | source : csirt@divd.nl
https://www.wbsec.nl/osnexus | source : csirt@divd.nl

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2021-42079

Première publication le : 10-07-2023 16:15:47
Dernière modification le : 10-07-2023 16:27:17

Description :
An authenticated administrator is able to prepare an alert that is able to execute an SSRF attack. This is exclusively with POST requests.

CVE ID : CVE-2021-42079
Source : csirt@divd.nl
Score CVSS : 6.2

Références :
https://csirt.divd.nl/CVE-2021-42079 | source : csirt@divd.nl
https://www.divd.nl/DIVD-2021-00020 | source : csirt@divd.nl
https://www.osnexus.com/products/software-defined-storage | source : csirt@divd.nl
https://www.wbsec.nl/osnexus | source : csirt@divd.nl

Vulnérabilité : CWE-918


Source : us.ibm.com

Vulnérabilité ID : CVE-2023-28955

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 could allow an authenticated user send a specially crafted request that could cause a denial of service. IBM X-Force ID: 251704.

CVE ID : CVE-2023-28955
Source : psirt@us.ibm.com
Score CVSS : 6.5

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/251704 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7009747 | source : psirt@us.ibm.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2021-39014

Première publication le : 07-07-2023 19:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
IBM Cloud Object System 3.15.8.97 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213650.

CVE ID : CVE-2021-39014
Source : psirt@us.ibm.com
Score CVSS : 6.4

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/213650 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/6517124 | source : psirt@us.ibm.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-27867

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code via JNDI Injection. By sending a specially crafted request using the property clientRerouteServerListJNDIName, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 249514.

CVE ID : CVE-2023-27867
Source : psirt@us.ibm.com
Score CVSS : 6.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/249514 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010029 | source : psirt@us.ibm.com

Vulnérabilité : CWE-94


Vulnérabilité ID : CVE-2023-27868

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked class instantiation when providing plugin classes. By sending a specially crafted request using the named pluginClassName class, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 249516.

CVE ID : CVE-2023-27868
Source : psirt@us.ibm.com
Score CVSS : 6.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/249516 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010029 | source : psirt@us.ibm.com

Vulnérabilité : CWE-94


Vulnérabilité ID : CVE-2023-27869

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked logger injection. By sending a specially crafted request using the named traceFile property, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 249517.

CVE ID : CVE-2023-27869
Source : psirt@us.ibm.com
Score CVSS : 6.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/249517 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010029 | source : psirt@us.ibm.com

Vulnérabilité : CWE-94


Vulnérabilité ID : CVE-2023-27540

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. IBM X-Force ID: 248924.

CVE ID : CVE-2023-27540
Source : psirt@us.ibm.com
Score CVSS : 5.9

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/248924 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7009883 | source : psirt@us.ibm.com

Vulnérabilité : CWE-770


Vulnérabilité ID : CVE-2023-30442

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper using certain options. IBM X-Force ID: 253202.

CVE ID : CVE-2023-30442
Source : psirt@us.ibm.com
Score CVSS : 5.9

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/253202 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010561 | source : psirt@us.ibm.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-30446

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253361 .

CVE ID : CVE-2023-30446
Source : psirt@us.ibm.com
Score CVSS : 5.9

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/253361 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010557 | source : psirt@us.ibm.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-30447

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253436.

CVE ID : CVE-2023-30447
Source : psirt@us.ibm.com
Score CVSS : 5.9

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/253436 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010557 | source : psirt@us.ibm.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-30448

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253437.

CVE ID : CVE-2023-30448
Source : psirt@us.ibm.com
Score CVSS : 5.9

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/253437 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010557 | source : psirt@us.ibm.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-29256

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to an information disclosure due to improper privilege management when certain federation features are used. IBM X-Force ID: 252046.

CVE ID : CVE-2023-29256
Source : psirt@us.ibm.com
Score CVSS : 5.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/252046 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010573 | source : psirt@us.ibm.com


Vulnérabilité ID : CVE-2023-35890

Première publication le : 07-07-2023 03:15:09
Dernière modification le : 07-07-2023 12:50:22

Description :
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused by the improper encoding in a local configuration file. IBM X-Force ID: 258637.

CVE ID : CVE-2023-35890
Source : psirt@us.ibm.com
Score CVSS : 5.1

Références :
https://https://www.ibm.com/support/pages/node/7007857 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7007857 | source : psirt@us.ibm.com

Vulnérabilité : CWE-327


Vulnérabilité ID : CVE-2023-23487

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to insufficient audit logging. IBM X-Force ID: 245918.

CVE ID : CVE-2023-23487
Source : psirt@us.ibm.com
Score CVSS : 4.3

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/245918 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7010567 | source : psirt@us.ibm.com


Source : vuldb.com

Vulnérabilité ID : CVE-2023-3534

Première publication le : 07-07-2023 12:15:09
Dernière modification le : 07-07-2023 12:50:22

Description :
A vulnerability was found in SourceCodester Shopping Website 1.0. It has been classified as critical. Affected is an unknown function of the file check_availability.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-233286 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3534
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/DUA0G/cve/blob/main/1.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.233286 | source : cna@vuldb.com
https://vuldb.com/?id.233286 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3599

Première publication le : 10-07-2023 18:15:11
Dernière modification le : 10-07-2023 18:15:29

Description :
A vulnerability was found in SourceCodester Best Fee Management System 1.0. It has been rated as critical. Affected by this issue is the function save_user of the file admin_class.php of the component Add User Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-233450 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3599
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/movonow/demo/blob/main/click_fees.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.233450 | source : cna@vuldb.com
https://vuldb.com/?id.233450 | source : cna@vuldb.com

Vulnérabilité : CWE-264


Vulnérabilité ID : CVE-2023-3578

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability classified as critical was found in DedeCMS 5.7.109. Affected by this vulnerability is an unknown functionality of the file co_do.php. The manipulation of the argument rssurl leads to server-side request forgery. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-233371.

CVE ID : CVE-2023-3578
Source : cna@vuldb.com
Score CVSS : 5.5

Références :
https://github.com/nightcloudos/cve/blob/main/SSRF.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.233371 | source : cna@vuldb.com
https://vuldb.com/?id.233371 | source : cna@vuldb.com

Vulnérabilité : CWE-918


Vulnérabilité ID : CVE-2016-15034

Première publication le : 10-07-2023 18:15:10
Dernière modification le : 10-07-2023 18:15:29

Description :
A vulnerability was found in Dynacase Webdesk and classified as critical. Affected by this issue is the function freedomrss_search of the file freedomrss_search.php. The manipulation leads to sql injection. Upgrading to version 3.2-20180305 is able to address this issue. The patch is identified as 750a9b35af182950c952faf6ddfdcc50a2b25f8b. It is recommended to upgrade the affected component. VDB-233366 is the identifier assigned to this vulnerability.

CVE ID : CVE-2016-15034
Source : cna@vuldb.com
Score CVSS : 5.5

Références :
https://github.com/dynacase-labs/dynacase-webdesk/commit/750a9b35af182950c952faf6ddfdcc50a2b25f8b | source : cna@vuldb.com
https://github.com/dynacase-labs/dynacase-webdesk/releases/tag/3.2-20180305 | source : cna@vuldb.com
https://vuldb.com/?ctiid.233366 | source : cna@vuldb.com
https://vuldb.com/?id.233366 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3579

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability, which was classified as problematic, has been found in HadSky 7.11.8. Affected by this issue is some unknown functionality of the component User Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-233372.

CVE ID : CVE-2023-3579
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
https://github.com/nightcloudos/cve/blob/main/CSRF.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.233372 | source : cna@vuldb.com
https://vuldb.com/?id.233372 | source : cna@vuldb.com

Vulnérabilité : CWE-352


Source : huntr.dev

Vulnérabilité ID : CVE-2023-3574

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
Improper Authorization in GitHub repository pimcore/customer-data-framework prior to 3.4.1.

CVE ID : CVE-2023-3574
Source : security@huntr.dev
Score CVSS : 6.3

Références :
https://github.com/pimcore/customer-data-framework/commit/f15668c86db254e86ba7ac895bc3cdd1a2a3cc45 | source : security@huntr.dev
https://huntr.dev/bounties/1dcb4f01-e668-4aa3-a6a3-838532e500c6 | source : security@huntr.dev

Vulnérabilité : CWE-285


Vulnérabilité ID : CVE-2023-3580

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
Improper Handling of Additional Special Element in GitHub repository squidex/squidex prior to 7.4.0.

CVE ID : CVE-2023-3580
Source : security@huntr.dev
Score CVSS : 5.4

Références :
https://github.com/squidex/squidex/commit/2aca7621845ce18ed4065cba8e3d0fa68aaf02bf | source : security@huntr.dev
https://huntr.dev/bounties/4eed53ca-06c2-43aa-aea8-c03ea5f13ce4 | source : security@huntr.dev

Vulnérabilité : CWE-167


Vulnérabilité ID : CVE-2023-3553

Première publication le : 08-07-2023 09:15:43
Dernière modification le : 08-07-2023 10:25:54

Description :
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository nilsteampassnet/teampass prior to 3.0.10.

CVE ID : CVE-2023-3553
Source : security@huntr.dev
Score CVSS : 5.3

Références :
https://github.com/nilsteampassnet/teampass/commit/e9f90b746fdde135da3c7fbe4fa22fe2bd32e66b | source : security@huntr.dev
https://huntr.dev/bounties/857f002a-2794-4807-aa5d-2f340de01870 | source : security@huntr.dev

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-3565

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-site Scripting (XSS) - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10.

CVE ID : CVE-2023-3565
Source : security@huntr.dev
Score CVSS : 5.2

Références :
https://github.com/nilsteampassnet/teampass/commit/820bb49a362a566c9038e4a3048b26d654babb0e | source : security@huntr.dev
https://huntr.dev/bounties/fcf46e1f-2ab6-4057-9d25-cf493ab09530 | source : security@huntr.dev

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3568

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
Improper Input Validation in GitHub repository fossbilling/fossbilling prior to 0.5.4.

CVE ID : CVE-2023-3568
Source : security@huntr.dev
Score CVSS : 4.8

Références :
https://github.com/fossbilling/fossbilling/commit/f6348643d230a13427d8ab9213463dadbb68818f | source : security@huntr.dev
https://huntr.dev/bounties/f3782eb1-049b-4998-aac4-d9798ec1c123 | source : security@huntr.dev

Vulnérabilité : CWE-20


Source : redhat.com

Vulnérabilité ID : CVE-2023-26590

Première publication le : 10-07-2023 18:15:10
Dernière modification le : 10-07-2023 18:15:29

Description :
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.

CVE ID : CVE-2023-26590
Source : secalert@redhat.com
Score CVSS : 6.2

Références :
https://access.redhat.com/security/cve/CVE-2023-26590 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2212279 | source : secalert@redhat.com


Vulnérabilité ID : CVE-2023-32627

Première publication le : 10-07-2023 18:15:10
Dernière modification le : 10-07-2023 18:15:29

Description :
A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.

CVE ID : CVE-2023-32627
Source : secalert@redhat.com
Score CVSS : 6.2

Références :
https://access.redhat.com/security/cve/CVE-2023-32627 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2212282 | source : secalert@redhat.com


Vulnérabilité ID : CVE-2023-1183

Première publication le : 10-07-2023 16:15:48
Dernière modification le : 10-07-2023 16:27:17

Description :
A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.

CVE ID : CVE-2023-1183
Source : secalert@redhat.com
Score CVSS : 5.0

Références :
https://access.redhat.com/security/cve/CVE-2023-1183 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2208506 | source : secalert@redhat.com
https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/ | source : secalert@redhat.com


Source : usom.gov.tr

Vulnérabilité ID : CVE-2023-2853

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Softmed SelfPatron allows Reflected XSS.This issue affects SelfPatron : before 2.0.

CVE ID : CVE-2023-2853
Source : cve@usom.gov.tr
Score CVSS : 6.1

Références :
https://www.usom.gov.tr/bildirim/tr-23-0388 | source : cve@usom.gov.tr

Vulnérabilité : CWE-79


Source : cisco.com

Vulnérabilité ID : CVE-2023-20133

Première publication le : 07-07-2023 20:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
A vulnerability in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because of insufficient validation of user-supplied input in Webex Events (classic) programs, email templates, and survey questions. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

CVE ID : CVE-2023-20133
Source : ykramarz@cisco.com
Score CVSS : 5.4

Références :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sxsscsrf-2L24bBx6 | source : ykramarz@cisco.com


Vulnérabilité ID : CVE-2023-20180

Première publication le : 07-07-2023 20:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions. These actions could include joining meetings and scheduling training sessions.

CVE ID : CVE-2023-20180
Source : ykramarz@cisco.com
Score CVSS : 4.3

Références :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sxsscsrf-2L24bBx6 | source : ykramarz@cisco.com


Source : patchstack.com

Vulnérabilité ID : CVE-2023-22673

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in MageNet Website Monetization by MageNet plugin <= 1.0.29.1 versions.

CVE ID : CVE-2023-22673
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/website-monetization-by-magenet/wordpress-website-monetization-by-magenet-plugin-1-0-29-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23993

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.Com LionScripts: IP Blocker Lite plugin <= 11.1.1 versions.

CVE ID : CVE-2023-23993
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/ip-address-blocker/wordpress-lionscripts-ip-blocker-lite-plugin-11-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-24395

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Contact Form 7 Redirect & Thank You Page plugin <= 1.0.3 versions.

CVE ID : CVE-2023-24395
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/cf7-redirect-thank-you-page/wordpress-contact-form-7-redirect-thank-you-page-plugin-1-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-24405

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on plugin <= 1.9.3 versions.

CVE ID : CVE-2023-24405
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/contact-form-7-paypal-add-on/wordpress-contact-form-7-paypal-stripe-add-on-plugin-1-9-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-28986

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in wp.Insider, wpaffiliatemgr Affiliates Manager plugin <= 2.9.20 versions.

CVE ID : CVE-2023-28986
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/affiliates-manager/wordpress-affiliates-manager-plugin-2-9-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-28995

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Keith Solomon Configurable Tag Cloud (CTC) plugin <= 5.2 versions.

CVE ID : CVE-2023-28995
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/configurable-tag-cloud-widget/wordpress-configurable-tag-cloud-plugin-5-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-36691

Première publication le : 10-07-2023 16:15:53
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Albert Peschar WebwinkelKeur plugin <= 3.24 versions.

CVE ID : CVE-2023-36691
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/webwinkelkeur/wordpress-webwinkelkeu-plugin-3-24-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-37392

Première publication le : 10-07-2023 16:15:53
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Deepak Anand WP Dummy Content Generator plugin <= 2.3.0 versions.

CVE ID : CVE-2023-37392
Source : audit@patchstack.com
Score CVSS : 5.4

Références :
https://patchstack.com/database/vulnerability/wp-dummy-content-generator/wordpress-wp-dummy-content-generator-plugin-2-3-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-22694

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Arian Khosravi, Norik Davtian BigContact Contact Page plugin <= 1.5.8 versions.

CVE ID : CVE-2023-22694
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/bigcontact/wordpress-bigcontact-contact-page-plugin-1-5-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-22695

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki Miyashita Custom Field Template plugin <= 2.5.8 versions.

CVE ID : CVE-2023-22695
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/custom-field-template/wordpress-custom-field-template-plugin-2-5-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23787

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Redirect Manager plugin <= 1.0.9 versions.

CVE ID : CVE-2023-23787
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/premmerce-redirect-manager/wordpress-premmerce-redirect-manager-plugin-1-0-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23804

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Feed plugin <= 1.2.7 versions.

CVE ID : CVE-2023-23804
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/ht-instagram/wordpress-ht-feed-plugin-1-2-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23869

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Mobile plugin <= 1.6.1 versions.

CVE ID : CVE-2023-23869
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/google-mobile-sitemap/wordpress-google-xml-sitemap-for-mobile-plugin-1-6-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-23897

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Ozette Plugins Simple Mobile URL Redirect plugin <= 1.7.2 versions.

CVE ID : CVE-2023-23897
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/simple-mobile-url-redirect/wordpress-simple-mobile-url-redirect-plugin-1-7-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-25478

Première publication le : 10-07-2023 16:15:49
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Jason Rouet Weather Station plugin <= 3.8.12 versions.

CVE ID : CVE-2023-25478
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/live-weather-station/wordpress-weather-station-plugin-3-8-11-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-28989

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in weDevs Happy Addons for Elementor plugin <= 3.8.2 versions.

CVE ID : CVE-2023-28989
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/happy-elementor-addons/wordpress-happy-addons-for-elementor-plugin-3-8-2-cross-site-request-forgery-csrf-on-collect-data-popup?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-35912

Première publication le : 10-07-2023 16:15:53
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in WP Zone Potent Donations for WooCommerce plugin <= 1.1.9 versions.

CVE ID : CVE-2023-35912
Source : audit@patchstack.com
Score CVSS : 4.3

Références :
https://patchstack.com/database/vulnerability/donations-for-woocommerce/wordpress-potent-donations-for-woocommerce-plugin-1-1-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-352


Source : sick.de

Vulnérabilité ID : CVE-2023-35697

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:27:17

Description :
Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials.

CVE ID : CVE-2023-35697
Source : psirt@sick.de
Score CVSS : 5.3

Références :
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json | source : psirt@sick.de
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf | source : psirt@sick.de
https://sick.com/psirt | source : psirt@sick.de

Vulnérabilité : CWE-307


Vulnérabilité ID : CVE-2023-35698

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:27:17

Description :
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.

CVE ID : CVE-2023-35698
Source : psirt@sick.de
Score CVSS : 5.3

Références :
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json | source : psirt@sick.de
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf | source : psirt@sick.de
https://sick.com/psirt | source : psirt@sick.de

Vulnérabilité : CWE-204


Vulnérabilité ID : CVE-2023-35699

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:27:17

Description :
Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.

CVE ID : CVE-2023-35699
Source : psirt@sick.de
Score CVSS : 5.3

Références :
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json | source : psirt@sick.de
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf | source : psirt@sick.de
https://sick.com/psirt | source : psirt@sick.de

Vulnérabilité : CWE-313


Source : hcl.com

Vulnérabilité ID : CVE-2023-23348

Première publication le : 10-07-2023 18:15:10
Dernière modification le : 10-07-2023 18:15:29

Description :
HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed.

CVE ID : CVE-2023-23348
Source : psirt@hcl.com
Score CVSS : 5.1

Références :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105978 | source : psirt@hcl.com


Source : apache.org

Vulnérabilité ID : CVE-2023-35887

Première publication le : 10-07-2023 16:15:53
Dernière modification le : 10-07-2023 16:27:17

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information about items outside the rooted tree via paths including parent navigation ("..") beyond the root, or involving symlinks. This issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10

CVE ID : CVE-2023-35887
Source : security@apache.org
Score CVSS : 5.0

Références :
https://lists.apache.org/thread/b9qgtqvhnvgfpn0w1gz918p21p53tqk2 | source : security@apache.org

Vulnérabilité : CWE-200


Source : puiterwijk.org

Vulnérabilité ID : CVE-2021-33798

Première publication le : 07-07-2023 18:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
A null pointer dereference was found in libpano13, version libpano13-2.9.20. The flow allows attackers to cause a denial of service and potential code execute via a crafted file.

CVE ID : CVE-2021-33798
Source : patrick@puiterwijk.org
Score CVSS : 4.7

Références :
https://groups.google.com/u/1/g/hugin-ptx/c/gLtz2vweD74 | source : patrick@puiterwijk.org
https://sourceforge.net/p/panotools/libpano13/ci/62aa7eed8fae5d8f247a2508a757f31000de386f/ | source : patrick@puiterwijk.org

Vulnérabilité : CWE-476


Source : google.com

Vulnérabilité ID : CVE-2020-8934

Première publication le : 07-07-2023 12:15:09
Dernière modification le : 07-07-2023 12:50:22

Description :
The Site Kit by Google plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to, and including, 1.8.0 This is due to the lack of capability checks on the admin_enqueue_scripts action which displays the connection key. This makes it possible for authenticated attackers with any level of access obtaining owner access to a site in the Google Search Console. We recommend upgrading to V1.8.1 or above.

CVE ID : CVE-2020-8934
Source : cve-coordination@google.com
Score CVSS : 4.3

Références :
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/google-site-kit/site-kit-by-google-171-sensitive-information-disclosure | source : cve-coordination@google.com

Vulnérabilité : CWE-252


(28) Vulnérabilité(s) LOW [0.1, 3.9]

Source : github.com

Vulnérabilité ID : CVE-2023-37264

Première publication le : 07-07-2023 17:15:10
Dernière modification le : 07-07-2023 17:36:20

Description :
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to create TaskRuns can create their own Tasks that the Pipelines controller will accept as the child Task. While the software stores and validates the PipelineRun's (api version, kind, name, uid) in the child Run's OwnerReference, it only store (api version, kind, name) in the ChildStatusReference. This means that if a client had access to create TaskRuns on a cluster, they could create a child TaskRun for a pipeline with the same name + owner reference, and the Pipeline controller picks it up as if it was the original TaskRun. This is problematic since it can let users modify the config of Pipelines at runtime, which violates SLSA L2 Service Generated / Non-falsifiable requirements. This issue can be used to trick the Pipeline controller into associating unrelated Runs to the Pipeline, feeding its data through the rest of the Pipeline. This requires access to create TaskRuns, so impact may vary depending on one Tekton setup. If users already have unrestricted access to create any Task/PipelineRun, this does not grant any additional capabilities. As of time of publication, there are no known patches for this issue.

CVE ID : CVE-2023-37264
Source : security-advisories@github.com
Score CVSS : 3.7

Références :
https://github.com/tektoncd/pipeline/blob/2d38f5fa840291395178422d34b36b1bc739e2a2/pkg/reconciler/pipelinerun/pipelinerun.go#L1358-L1372 | source : security-advisories@github.com
https://github.com/tektoncd/pipeline/security/advisories/GHSA-w2h3-vvvq-3m53 | source : security-advisories@github.com
https://pkg.go.dev/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1#ChildStatusReference | source : security-advisories@github.com

Vulnérabilité : CWE-345


Vulnérabilité ID : CVE-2023-37269

Première publication le : 07-07-2023 22:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
Winter is a free, open-source content management system (CMS) based on the Laravel PHP framework. Users with the `backend.manage_branding` permission can upload SVGs as the application logo. Prior to version 1.2.3, SVG uploads were not sanitized, which could have allowed a stored cross-site scripting (XSS) attack. To exploit the vulnerability, an attacker would already need to have developer or super user level permissions in Winter CMS. This means they would already have extensive access and control within the system. Additionally, to execute the XSS, the attacker would need to convince the victim to directly visit the URL of the maliciously uploaded SVG, and the application would have to be using local storage where uploaded files are served under the same domain as the application itself instead of a CDN. This is because all SVGs in Winter CMS are rendered through an `img` tag, which prevents any payloads from being executed directly. These two factors significantly limit the potential harm of this vulnerability. This issue has been patched in v1.2.3 through the inclusion of full support for SVG uploads and automatic sanitization of uploaded SVG files. As a workaround, one may apply the patches manually.

CVE ID : CVE-2023-37269
Source : security-advisories@github.com
Score CVSS : 2.0

Références :
https://github.com/wintercms/storm/commit/186d85d8fea2cae43afc807d39f68553c24e56be | source : security-advisories@github.com
https://github.com/wintercms/winter/commit/fa50b4c7489b67ea80072f8ac9fe5294fce1df1c | source : security-advisories@github.com
https://github.com/wintercms/winter/releases/tag/v1.2.3 | source : security-advisories@github.com
https://github.com/wintercms/winter/security/advisories/GHSA-wjw2-4j7j-6gc3 | source : security-advisories@github.com

Vulnérabilité : CWE-79


Source : vuldb.com

Vulnérabilité ID : CVE-2023-3535

Première publication le : 07-07-2023 13:15:09
Dernière modification le : 07-07-2023 14:54:15

Description :
A vulnerability was found in SimplePHPscripts FAQ Script PHP 2.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-233287.

CVE ID : CVE-2023-3535
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233287 | source : cna@vuldb.com
https://vuldb.com/?id.233287 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3536

Première publication le : 07-07-2023 13:15:09
Dernière modification le : 07-07-2023 14:54:15

Description :
A vulnerability was found in SimplePHPscripts Funeral Script PHP 3.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-233288.

CVE ID : CVE-2023-3536
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233288 | source : cna@vuldb.com
https://vuldb.com/?id.233288 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3537

Première publication le : 07-07-2023 14:15:09
Dernière modification le : 07-07-2023 14:54:15

Description :
A vulnerability classified as problematic has been found in SimplePHPscripts News Script PHP Pro 2.4. This affects an unknown part of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-233289 was assigned to this vulnerability.

CVE ID : CVE-2023-3537
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233289 | source : cna@vuldb.com
https://vuldb.com/?id.233289 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3538

Première publication le : 07-07-2023 14:15:09
Dernière modification le : 07-07-2023 14:54:15

Description :
A vulnerability classified as problematic was found in SimplePHPscripts Photo Gallery PHP 2.0. This vulnerability affects unknown code of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. VDB-233290 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3538
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233290 | source : cna@vuldb.com
https://vuldb.com/?id.233290 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3539

Première publication le : 07-07-2023 15:15:10
Dernière modification le : 07-07-2023 15:46:57

Description :
A vulnerability, which was classified as problematic, has been found in SimplePHPscripts Simple Forum PHP 2.7. This issue affects some unknown processing of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-233291.

CVE ID : CVE-2023-3539
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233291 | source : cna@vuldb.com
https://vuldb.com/?id.233291 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3540

Première publication le : 07-07-2023 15:15:10
Dernière modification le : 07-07-2023 15:46:57

Description :
A vulnerability, which was classified as problematic, was found in SimplePHPscripts NewsLetter Script PHP 2.4. Affected is an unknown function of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-233292.

CVE ID : CVE-2023-3540
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233292 | source : cna@vuldb.com
https://vuldb.com/?id.233292 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3541

Première publication le : 07-07-2023 16:15:09
Dernière modification le : 07-07-2023 17:36:20

Description :
A vulnerability has been found in ThinuTech ThinuCMS 1.5 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /author_posts.php. The manipulation of the argument author with the input g6g12<script>alert(1)</script>o8sdm leads to cross site scripting. The attack can be launched remotely. The identifier VDB-233293 was assigned to this vulnerability.

CVE ID : CVE-2023-3541
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233293 | source : cna@vuldb.com
https://vuldb.com/?id.233293 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3542

Première publication le : 07-07-2023 16:15:09
Dernière modification le : 07-07-2023 17:36:20

Description :
A vulnerability was found in ThinuTech ThinuCMS 1.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /contact.php. The manipulation of the argument name/body leads to cross site scripting. The attack may be launched remotely. VDB-233294 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3542
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233294 | source : cna@vuldb.com
https://vuldb.com/?id.233294 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3543

Première publication le : 07-07-2023 17:15:10
Dernière modification le : 07-07-2023 17:36:20

Description :
A vulnerability was found in GZ Scripts Availability Booking Calendar PHP 1.8. It has been classified as problematic. This affects an unknown part of the file load.php of the component HTTP POST Request Handler. The manipulation of the argument cid/first_name/second_name/address_1/country leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-233295. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3543
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233295 | source : cna@vuldb.com
https://vuldb.com/?id.233295 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3544

Première publication le : 07-07-2023 17:15:10
Dernière modification le : 07-07-2023 17:36:20

Description :
A vulnerability was found in GZ Scripts Time Slot Booking Calendar PHP 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-233296. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3544
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233296 | source : cna@vuldb.com
https://vuldb.com/?id.233296 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2015-10119

Première publication le : 10-07-2023 16:15:47
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability, which was classified as problematic, has been found in View All Posts Page Plugin up to 0.9.0 on WordPress. This issue affects the function action_admin_notices_activation of the file view-all-posts-pages.php. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 0.9.1 is able to address this issue. The patch is named bf914f3a59063fa4df8fd4925ae18a5d852396d7. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-233363.

CVE ID : CVE-2015-10119
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/wp-plugins/view-all-posts-pages/commit/bf914f3a59063fa4df8fd4925ae18a5d852396d7 | source : cna@vuldb.com
https://vuldb.com/?ctiid.233363 | source : cna@vuldb.com
https://vuldb.com/?id.233363 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2015-10120

Première publication le : 10-07-2023 16:15:47
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability, which was classified as problematic, was found in WDS Multisite Aggregate Plugin up to 1.0.0 on WordPress. Affected is the function update_options of the file includes/WDS_Multisite_Aggregate_Options.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.0.1 is able to address this issue. The name of the patch is 49e0bbcb6ff70e561365d9e0d26426598f63ca12. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-233364.

CVE ID : CVE-2015-10120
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/wp-plugins/wds-multisite-aggregate/commit/49e0bbcb6ff70e561365d9e0d26426598f63ca12 | source : cna@vuldb.com
https://vuldb.com/?ctiid.233364 | source : cna@vuldb.com
https://vuldb.com/?id.233364 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2015-10121

Première publication le : 10-07-2023 16:15:47
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability has been found in Beeliked Microsite Plugin up to 1.0.1 on WordPress and classified as problematic. Affected by this vulnerability is the function embed_handler of the file beelikedmicrosite.php. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.0.2 is able to address this issue. The identifier of the patch is d23bafb5d05fb2636a2b78331f9d3fca152903dc. It is recommended to upgrade the affected component. The identifier VDB-233365 was assigned to this vulnerability.

CVE ID : CVE-2015-10121
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/wp-plugins/beeliked-microsite/commit/d23bafb5d05fb2636a2b78331f9d3fca152903dc | source : cna@vuldb.com
https://vuldb.com/?ctiid.233365 | source : cna@vuldb.com
https://vuldb.com/?id.233365 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3554

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability was found in GZ Scripts GZ Forum Script 1.8 and classified as problematic. Affected by this issue is some unknown functionality of the file /preview.php. The manipulation of the argument catid/topicid/topic/topic_message/free_name leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-233348. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3554
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233348 | source : cna@vuldb.com
https://vuldb.com/?id.233348 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3555

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability was found in GZ Scripts PHP Vacation Rental Script 1.8. It has been classified as problematic. This affects an unknown part of the file /preview.php. The manipulation of the argument page/layout/sort_by/property_id leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-233349 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3555
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233349 | source : cna@vuldb.com
https://vuldb.com/?id.233349 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3556

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability was found in GZ Scripts Car Listing Script PHP 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file /preview.php. The manipulation of the argument page/sort_by leads to cross site scripting. The attack can be initiated remotely. VDB-233350 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3556
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233350 | source : cna@vuldb.com
https://vuldb.com/?id.233350 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3557

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability was found in GZ Scripts Property Listing Script 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /preview.php. The manipulation of the argument page/layout/sort_by leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-233351. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3557
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233351 | source : cna@vuldb.com
https://vuldb.com/?id.233351 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3558

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability classified as problematic has been found in GZ Scripts Event Booking Calendar 1.8. Affected is an unknown function of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-233352. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3558
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233352 | source : cna@vuldb.com
https://vuldb.com/?id.233352 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3559

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability classified as problematic was found in GZ Scripts PHP GZ Appointment Scheduling Script 1.8. Affected by this vulnerability is an unknown functionality of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. The attack can be launched remotely. The identifier VDB-233353 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3559
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233353 | source : cna@vuldb.com
https://vuldb.com/?id.233353 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3560

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability, which was classified as problematic, has been found in GZ Scripts Ticket Booking Script 1.8. Affected by this issue is some unknown functionality of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. The attack may be launched remotely. VDB-233354 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3560
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233354 | source : cna@vuldb.com
https://vuldb.com/?id.233354 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3561

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability, which was classified as problematic, was found in GZ Scripts PHP GZ Hotel Booking Script 1.8. This affects an unknown part of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-233355. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3561
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233355 | source : cna@vuldb.com
https://vuldb.com/?id.233355 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3562

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability has been found in GZ Scripts PHP CRM Platform 1.8 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-233356. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3562
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233356 | source : cna@vuldb.com
https://vuldb.com/?id.233356 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3563

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability was found in GZ Scripts GZ E Learning Platform 1.8 and classified as problematic. This issue affects some unknown processing of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-233357 was assigned to this vulnerability.

CVE ID : CVE-2023-3563
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233357 | source : cna@vuldb.com
https://vuldb.com/?id.233357 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3564

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability was found in GZ Scripts GZ Multi Hotel Booking System 1.8. It has been classified as problematic. Affected is an unknown function of the file /index.php. The manipulation of the argument adults/children/cal_id leads to cross site scripting. It is possible to launch the attack remotely. VDB-233358 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3564
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.233358 | source : cna@vuldb.com
https://vuldb.com/?id.233358 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3566

Première publication le : 10-07-2023 16:15:56
Dernière modification le : 10-07-2023 16:27:17

Description :
A vulnerability was found in wallabag 2.5.4. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /config of the component Profile Config. The manipulation of the argument Name leads to allocation of resources. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-233359. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3566
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://github.com/ctflearner/Vulnerability/blob/main/WALLABAG/NAME-LIMIT.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.233359 | source : cna@vuldb.com
https://vuldb.com/?id.233359 | source : cna@vuldb.com
https://youtu.be/ouwud0PlHkE | source : cna@vuldb.com

Vulnérabilité : CWE-770


Source : us.ibm.com

Vulnérabilité ID : CVE-2023-28953

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
IBM Cognos Analytics on Cloud Pak for Data 4.0 could allow an attacker to make system calls that might compromise the security of the containers due to misconfigured security context. IBM X-Force ID: 251465.

CVE ID : CVE-2023-28953
Source : psirt@us.ibm.com
Score CVSS : 3.1

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/251465 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7006413 | source : psirt@us.ibm.com


(80) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2023-37192

Première publication le : 07-07-2023 00:15:10
Dernière modification le : 07-07-2023 12:50:22

Description :
Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.

CVE ID : CVE-2023-37192
Source : cve@mitre.org
Score CVSS : /

Références :
https://bitcoin.org/en/bitcoin-core/ | source : cve@mitre.org
https://satoshihunter1.blogspot.com/2023/06/the-bitcoin-app-is-vulnerable-to-hackers.html | source : cve@mitre.org
https://www.youtube.com/watch?v=oEl4M1oZim0 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34197

Première publication le : 07-07-2023 13:15:09
Dernière modification le : 07-07-2023 14:54:15

Description :
Zoho ManageEngine ServiceDesk Plus before 14202, ServiceDesk Plus MSP before 14300, and SupportCenter Plus before 14300 have a privilege escalation vulnerability in the Release module that allows unprivileged users to access the Reminders of a release ticket and make modifications.

CVE ID : CVE-2023-34197
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.manageengine.com/products/service-desk/CVE-2023-34197.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37308

Première publication le : 07-07-2023 13:15:09
Dernière modification le : 07-07-2023 14:54:15

Description :
Zoho ManageEngine ADAudit Plus before 7100 allows XSS via the username field.

CVE ID : CVE-2023-37308
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.manageengine.com/products/active-directory-audit/cve-2023-37308.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37144

Première publication le : 07-07-2023 14:15:09
Dernière modification le : 07-07-2023 14:54:15

Description :
Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac.

CVE ID : CVE-2023-37144
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DaDong-G/Vulnerability_info/blob/main/ac10_command_injection/Readme.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37145

Première publication le : 07-07-2023 14:15:09
Dernière modification le : 07-07-2023 14:54:15

Description :
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function.

CVE ID : CVE-2023-37145
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DaDong-G/Vulnerability_info/blob/main/TOTOLINK/lr350/1/Readme.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37146

Première publication le : 07-07-2023 14:15:09
Dernière modification le : 07-07-2023 14:54:15

Description :
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function.

CVE ID : CVE-2023-37146
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DaDong-G/Vulnerability_info/tree/main/TOTOLINK/lr350/2 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37148

Première publication le : 07-07-2023 14:15:09
Dernière modification le : 07-07-2023 14:54:15

Description :
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the ussd parameter in the setUssd function.

CVE ID : CVE-2023-37148
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DaDong-G/Vulnerability_info/blob/main/TOTOLINK/lr350/3/README.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37149

Première publication le : 07-07-2023 14:15:09
Dernière modification le : 07-07-2023 14:54:15

Description :
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function.

CVE ID : CVE-2023-37149
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DaDong-G/Vulnerability_info/blob/main/TOTOLINK/lr350/4/README.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-25201

Première publication le : 07-07-2023 16:15:09
Dernière modification le : 07-07-2023 17:36:20

Description :
Cross Site Request Forgery (CSRF) vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload.

CVE ID : CVE-2023-25201
Source : cve@mitre.org
Score CVSS : /

Références :
https://herolab.usd.de/security-advisories/ | source : cve@mitre.org
https://www.multitech.com | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-29998

Première publication le : 07-07-2023 16:15:09
Dernière modification le : 07-07-2023 17:36:20

Description :
A Cross-site scripting (XSS) vulnerability in the content editor in Gis3W g3w-suite 3.5 allows remote authenticated users to inject arbitrary web script or HTML and gain privileges via the description parameter.

CVE ID : CVE-2023-29998
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/g3w-suite | source : cve@mitre.org
https://labs.yarix.com/2023/07/gis3w-persistent-xss-in-g3wsuite-3-5-cve-2023-29998/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33664

Première publication le : 07-07-2023 16:15:09
Dernière modification le : 07-07-2023 17:36:20

Description :
ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php.

CVE ID : CVE-2023-33664
Source : cve@mitre.org
Score CVSS : /

Références :
https://security.friendsofpresta.org/modules/2023/06/28/aicombinationsonfly.html | source : cve@mitre.org
https://www.boutique.ai-dev.fr/en/ergonomie/61-combinations-on-fly.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36201

Première publication le : 07-07-2023 16:15:09
Dernière modification le : 07-07-2023 17:36:20

Description :
An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the arrays.

CVE ID : CVE-2023-36201
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jerryscript-project/jerryscript/issues/5026 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-27845

Première publication le : 07-07-2023 17:15:09
Dernière modification le : 07-07-2023 17:36:20

Description :
SQL injection vulnerability found in PrestaShop lekerawen_ocs before v.1.4.1 allow a remote attacker to gain privileges via the KerawenHelper::setCartOperationInfo, and KerawenHelper::resetCheckoutSessionData components.

CVE ID : CVE-2023-27845
Source : cve@mitre.org
Score CVSS : /

Références :
https://kerawen.com/logiciel-de-caisse/ | source : cve@mitre.org
https://security.friendsofpresta.org/modules/2023/07/06/kerawen_ocs.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33715

Première publication le : 07-07-2023 17:15:09
Dernière modification le : 10-07-2023 16:15:52

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-33715
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37061

Première publication le : 07-07-2023 17:15:09
Dernière modification le : 07-07-2023 17:36:20

Description :
Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section.

CVE ID : CVE-2023-37061
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/chamilo/chamilo-lms/commit/75e9b3e0acac6f7a643da6ff19a00d55a94417a1 | source : cve@mitre.org
https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-116-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-languages-management | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37062

Première publication le : 07-07-2023 17:15:09
Dernière modification le : 07-07-2023 17:36:20

Description :
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the course categories' definition.

CVE ID : CVE-2023-37062
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/chamilo/chamilo-lms/commit/c263933d1d958edee3999820f636c8cb919d03d1 | source : cve@mitre.org
https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-115-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-course-category | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37063

Première publication le : 07-07-2023 17:15:09
Dernière modification le : 07-07-2023 17:36:20

Description :
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section.

CVE ID : CVE-2023-37063
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/chamilo/chamilo-lms/commit/546a18b0bd1446123f4e29f81f42e71b761f51b7 | source : cve@mitre.org
https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-117-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-careers-amp-promotions-management | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37064

Première publication le : 07-07-2023 17:15:10
Dernière modification le : 07-07-2023 17:36:20

Description :
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section.

CVE ID : CVE-2023-37064
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/chamilo/chamilo-lms/commit/91ecc6141de6de9483c5a31fbb9fa91450f24940 | source : cve@mitre.org
https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-119-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-extra-fields-management | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37065

Première publication le : 07-07-2023 17:15:10
Dernière modification le : 07-07-2023 17:36:20

Description :
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section.

CVE ID : CVE-2023-37065
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/chamilo/chamilo-lms/commit/da61f287d2e508a5e940953b474051d0f21e91c0 | source : cve@mitre.org
https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-118-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-session-category-management | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37066

Première publication le : 07-07-2023 17:15:10
Dernière modification le : 07-07-2023 17:36:20

Description :
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel.

CVE ID : CVE-2023-37066
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/chamilo/chamilo-lms/commit/4f7b5ebf90c35999917c231276e47a4184275690 | source : cve@mitre.org
https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-114-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-skills | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37067

Première publication le : 07-07-2023 17:15:10
Dernière modification le : 07-07-2023 17:36:20

Description :
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section.

CVE ID : CVE-2023-37067
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/chamilo/chamilo-lms/commit/c75ff227bcf00e9f88e9477b78eaeed9e0668905 | source : cve@mitre.org
https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-120-2023-06-07-Low-impact-Low-risk-XSS-through-admin-account-classesusergroups-management | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36256

Première publication le : 07-07-2023 18:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
The Online Examination System Project 1.0 version is vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can craft a malicious link that, when clicked by an admin user, will delete a user account from the database without the admin's consent. The email of the user to be deleted is passed as a parameter in the URL, which can be manipulated by the attacker. This could result in a loss of data.

CVE ID : CVE-2023-36256
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.exploit-db.com/exploits/51511 | source : cve@mitre.org
https://www.hackersnotes.com/blog/pentest/online-examination-system-project-1-0-cross-site-request-forgery-csrf/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36992

Première publication le : 07-07-2023 19:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
PHP injection in TravianZ 8.3.4 and 8.3.3 in the config editor in the admin page allows remote attackers to execute PHP code.

CVE ID : CVE-2023-36992
Source : cve@mitre.org
Score CVSS : /

Références :
https://bramdoessecurity.com/travianz-hacked/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36993

Première publication le : 07-07-2023 19:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
The cryptographically insecure random number generator being used in TravianZ 8.3.4 and 8.3.3 in the password reset function allows an attacker to guess the password reset.parameters and to take over accounts.

CVE ID : CVE-2023-36993
Source : cve@mitre.org
Score CVSS : /

Références :
https://bramdoessecurity.com/travianz-hacked/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36994

Première publication le : 07-07-2023 19:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an attacker to overwrite the server configuration and inject PHP code.

CVE ID : CVE-2023-36994
Source : cve@mitre.org
Score CVSS : /

Références :
https://bramdoessecurity.com/travianz-hacked/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37170

Première publication le : 07-07-2023 20:15:10
Dernière modification le : 08-07-2023 10:25:54

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function.

CVE ID : CVE-2023-37170
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/kafroc/Vuls/tree/main/TOTOLINK/A3300R/cmdi_1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37171

Première publication le : 07-07-2023 20:15:10
Dernière modification le : 08-07-2023 10:25:54

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.

CVE ID : CVE-2023-37171
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/kafroc/Vuls/tree/main/TOTOLINK/A3300R/cmdi_2 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37172

Première publication le : 07-07-2023 20:15:10
Dernière modification le : 08-07-2023 10:25:54

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function.

CVE ID : CVE-2023-37172
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/kafroc/Vuls/tree/main/TOTOLINK/A3300R/cmdi_3 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37173

Première publication le : 07-07-2023 20:15:10
Dernière modification le : 08-07-2023 10:25:54

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the command parameter in the setTracerouteCfg function.

CVE ID : CVE-2023-37173
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/kafroc/Vuls/tree/main/TOTOLINK/A3300R/cmdi_4 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34682

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:15:52

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-34682
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-36360

Première publication le : 10-07-2023 16:15:53
Dernière modification le : 10-07-2023 16:15:53

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-36360
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-36376

Première publication le : 10-07-2023 16:15:53
Dernière modification le : 10-07-2023 16:27:17

Description :
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the add course section.

CVE ID : CVE-2023-36376
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@ridheshgohil1092/cve-2023-36376-xss-on-hostel-management-system-c6891993527 | source : cve@mitre.org
https://packetstormsecurity.com | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36935

Première publication le : 10-07-2023 16:15:53
Dernière modification le : 10-07-2023 16:15:53

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-36935
Source : cve@mitre.org
Score CVSS : /

Références :


Vulnérabilité ID : CVE-2023-37150

Première publication le : 10-07-2023 16:15:53
Dernière modification le : 10-07-2023 16:27:17

Description :
Sourcecodester Online Pizza Ordering System v1.0 has a Cross-site scripting (XSS) vulnerability in "/admin/index.php?page=categories" Category item.

CVE ID : CVE-2023-37150
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Pizza%20Ordering%20System%20v1.0.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37151

Première publication le : 10-07-2023 16:15:53
Dernière modification le : 10-07-2023 16:27:17

Description :
Sourcecodester Online Pizza Ordering System v1.0 allows the upload of malicious PHP files resulting in Remote Code Execution (RCE).

CVE ID : CVE-2023-37151
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Trinity-SYT-SECURITY/arbitrary-file-upload-RCE/blob/main/Online%20Pizza%20Ordering%20System%201.0.md | source : cve@mitre.org
https://www.exploit-db.com/exploits/51431 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37152

Première publication le : 10-07-2023 16:15:53
Dernière modification le : 10-07-2023 16:27:17

Description :
Projectworlds Online Art Gallery Project 1.0 allows unauthenticated users to perform arbitrary file uploads via the adminHome.php page.

CVE ID : CVE-2023-37152
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Trinity-SYT-SECURITY/arbitrary-file-upload-RCE/blob/main/Online%20Art%20gallery%20project%201.0.md | source : cve@mitre.org
https://www.exploit-db.com/exploits/51524 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37153

Première publication le : 10-07-2023 16:15:53
Dernière modification le : 10-07-2023 16:27:17

Description :
KodExplorer 4.51 contains a Cross-Site Scripting (XSS) vulnerability in the Description box of the Light App creation feature. An attacker can exploit this vulnerability by injecting XSS syntax into the Description field.

CVE ID : CVE-2023-37153
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/KodExplorer4.51.03.md | source : cve@mitre.org
https://github.com/kalcaddle/KodExplorer | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36375

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the Guardian name, Guardian relation, complimentary address, city, permanent address, and city parameters in the Book Hostel & Room Details page.

CVE ID : CVE-2023-36375
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@ridheshgohil1092/cve-2023-36375-xss-on-hostel-management-system-d654e6df26bc | source : cve@mitre.org
https://packetstormsecurity.com | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37700

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.

CVE ID : CVE-2023-37700
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/6905 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37701

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.

CVE ID : CVE-2023-37701
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/6908 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37702

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function.

CVE ID : CVE-2023-37702
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/6801 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37703

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.

CVE ID : CVE-2023-37703
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/6907 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37704

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.

CVE ID : CVE-2023-37704
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/6901 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37705

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the page parameter in the fromAddressNat function.

CVE ID : CVE-2023-37705
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/6902 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37706

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the entrys parameter in the fromAddressNat function.

CVE ID : CVE-2023-37706
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/6903 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37707

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function.

CVE ID : CVE-2023-37707
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/6904 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37710

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the wpapsk_crypto parameter in the fromSetWirelessRepeat function.

CVE ID : CVE-2023-37710
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/fromSetWirelessRepeat | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37711

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the deviceId parameter in the saveParentControlInfo function.

CVE ID : CVE-2023-37711
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/saveParentControlInfo | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37712

Première publication le : 10-07-2023 17:15:09
Dernière modification le : 10-07-2023 17:43:10

Description :
Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20(408) were discovered to contain a stack overflow in the page parameter in the fromSetIpBind function.

CVE ID : CVE-2023-37712
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/fromSetIpBind | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36936

Première publication le : 10-07-2023 18:15:10
Dernière modification le : 10-07-2023 18:15:29

Description :
Cross-Site Scripting (XSS) vulnerability in PHPGurukul Online Security Guards Hiring System using PHP and MySQL 1.0 allows attackers to execute arbitrary code via a crafted payload to the search booking box.

CVE ID : CVE-2023-36936
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@ridheshgohil1092/cve-2023-36936-xss-online-security-guards-hiring-system-773f394f6117 | source : cve@mitre.org
https://packetstormsecurity.com | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36939

Première publication le : 10-07-2023 18:15:10
Dernière modification le : 10-07-2023 18:15:29

Description :
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field.

CVE ID : CVE-2023-36939
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@ridheshgohil1092/cve-2023-36939-xss-online-security-guards-hiring-system-7547ee114134 | source : cve@mitre.org
https://packetstormsecurity.com | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36940

Première publication le : 10-07-2023 18:15:11
Dernière modification le : 10-07-2023 18:15:29

Description :
Cross Site Scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL v.1.2 allows attackers to execute arbitrary code via a crafted payload injected into the search field.

CVE ID : CVE-2023-36940
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@ridheshgohil1092/cve-2023-36940-xss-on-online-fire-reporting-system-v-1-2-1d3fa170e4d6 | source : cve@mitre.org
https://packetstormsecurity.com | source : cve@mitre.org


Source : apache.org

Vulnérabilité ID : CVE-2023-33008

Première publication le : 07-07-2023 10:15:09
Dernière modification le : 07-07-2023 12:50:22

Description :
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache Johnzon. A malicious attacker can craft up some JSON input that uses large numbers (numbers such as 1e20000000) that Apache Johnzon will deserialize into BigDecimal and maybe use numbers too large which may result in a slow conversion (Denial of service risk). Apache Johnzon 1.2.21 mitigates this by setting a scale limit of 1000 (by default) to the BigDecimal. This issue affects Apache Johnzon: through 1.2.20.

CVE ID : CVE-2023-33008
Source : security@apache.org
Score CVSS : /

Références :
https://lists.apache.org/thread/qbg14djo95gfpk7o560lr8wcrzfyw43l | source : security@apache.org

Vulnérabilité : CWE-502


Vulnérabilité ID : CVE-2023-34442

Première publication le : 10-07-2023 16:15:52
Dernière modification le : 10-07-2023 16:27:17

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3. Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1

CVE ID : CVE-2023-34442
Source : security@apache.org
Score CVSS : /

Références :
https://lists.apache.org/thread/x4vy2hhbltb1xrvy1g6m8hpjgj2k7wgh | source : security@apache.org

Vulnérabilité : CWE-200


Source : hackerone.com

Vulnérabilité ID : CVE-2023-32000

Première publication le : 08-07-2023 00:15:09
Dernière modification le : 08-07-2023 10:25:54

Description :
A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page.

CVE ID : CVE-2023-32000
Source : support@hackerone.com
Score CVSS : /

Références :
https://community.ui.com/releases/Security-Advisory-Bulletin-034-034/53cfcb84-b42b-4f8f-afbf-07c0ca7cabe2 | source : support@hackerone.com


Source : wpscan.com

Vulnérabilité ID : CVE-2023-1119

Première publication le : 10-07-2023 16:15:48
Dernière modification le : 10-07-2023 16:27:17

Description :
The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin through 2.4 use a third-party library that removes the escaping on some HTML characters, leading to a Cross-Site Scripting vulnerability.

CVE ID : CVE-2023-1119
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/2e78735a-a7fc-41fe-8284-45bf451eff06 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-1208

Première publication le : 10-07-2023 16:15:48
Dernière modification le : 10-07-2023 16:27:17

Description :
This HTTP Headers WordPress plugin before 1.18.11 allows arbitrary data to be written to arbitrary files, leading to a Remote Code Execution vulnerability.

CVE ID : CVE-2023-1208
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/e0cc6740-866a-4a81-a93d-ff486b79b7f7 | source : contact@wpscan.com

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-1597

Première publication le : 10-07-2023 16:15:48
Dernière modification le : 10-07-2023 16:27:17

Description :
The tagDiv Cloud Library WordPress plugin before 2.7 does not have authorisation and CSRF in an AJAX action accessible to both unauthenticated and authenticated users, allowing unauthenticated users to change arbitrary user metadata, which could lead to privilege escalation by setting themselves as an admin of the blog.

CVE ID : CVE-2023-1597
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/4eafe111-8874-4560-83ff-394abe7a803b | source : contact@wpscan.com

Vulnérabilité : CWE-269Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-1780

Première publication le : 10-07-2023 16:15:48
Dernière modification le : 10-07-2023 16:27:17

Description :
The Companion Sitemap Generator WordPress plugin before 4.5.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

CVE ID : CVE-2023-1780
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/8176308f-f210-4109-9c88-9372415dbed3 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2026

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
The Image Protector WordPress plugin through 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

CVE ID : CVE-2023-2026
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/2b59f640-5568-42bb-87b7-36eb448db5be | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2028

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
The Call Now Accessibility Button WordPress plugin before 1.1 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

CVE ID : CVE-2023-2028
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/0f1c1f1c-acdd-4c8a-bd5e-a21f4915e69f | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2029

Première publication le : 10-07-2023 16:15:50
Dernière modification le : 10-07-2023 16:27:17

Description :
The PrePost SEO WordPress plugin through 3.0 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-2029
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/4889ad5a-c8c4-4958-b176-64560490497b | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2493

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
The All In One Redirection WordPress plugin before 2.2.0 does not properly sanitise and escape multiple parameters before using them in an SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.

CVE ID : CVE-2023-2493
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/a9a205a4-eef9-4f30-877a-4c562930650c | source : contact@wpscan.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-2495

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
The Greeklish-permalink WordPress plugin through 3.3 does not implement correct authorization or nonce checks in the cyrtrans_ajax_old AJAX action, allowing unauthenticated and low-privilege users to trigger the plugin's functionality to change Post slugs either directly or through CSRF.

CVE ID : CVE-2023-2495
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/45878983-7e9b-49c2-8f99-4c28aab24f09 | source : contact@wpscan.com

Vulnérabilité : CWE-269Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-2529

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
The Enable SVG Uploads WordPress plugin through 2.1.5 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.

CVE ID : CVE-2023-2529
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/4ac03907-2373-48f0-bca1-8f7073c06b18 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2578

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
The Buy Me a Coffee WordPress plugin before 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

CVE ID : CVE-2023-2578
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/4dad1c0d-bcf9-4486-bd8e-387ac8e6c892 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2635

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
The Call Now Accessibility Button WordPress plugin before 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-2635
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/81b89613-18d0-4c13-84e3-9e2e1802fd7c | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2709

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
The AN_GradeBook WordPress plugin through 5.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

CVE ID : CVE-2023-2709
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/2504dadb-1086-4fa9-8fc7-b93018423515 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2796

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
The EventON WordPress plugin before 2.1.2 lacks authentication and authorization in its eventon_ics_download ajax action, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id.

CVE ID : CVE-2023-2796
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/e9ef793c-e5a3-4c55-beee-56b0909f7a0d | source : contact@wpscan.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-2964

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute's content, which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks.

CVE ID : CVE-2023-2964
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/97aac334-5323-41bb-90f0-d180bcc9162f | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2967

Première publication le : 10-07-2023 16:15:51
Dernière modification le : 10-07-2023 16:27:17

Description :
The TinyMCE Custom Styles WordPress plugin before 1.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

CVE ID : CVE-2023-2967
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/9afec4aa-1210-4c40-b566-64e37acf2b64 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3076

Première publication le : 10-07-2023 16:15:54
Dernière modification le : 10-07-2023 16:27:17

Description :
The MStore API WordPress plugin before 3.9.9 does not prevent visitors from creating user accounts with the role of their choice via their wholesale REST API endpoint. This is only exploitable if the site owner paid to access the plugin's pro features.

CVE ID : CVE-2023-3076
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/ac662436-29d7-4ea6-84e1-f9e229b44f5b | source : contact@wpscan.com

Vulnérabilité : CWE-269


Vulnérabilité ID : CVE-2023-3077

Première publication le : 10-07-2023 16:15:54
Dernière modification le : 10-07-2023 16:27:17

Description :
The MStore API WordPress plugin before 3.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to a Blind SQL injection exploitable by unauthenticated users. This is only exploitable if the site owner elected to pay to get access to the plugins' pro features, and uses the woocommerce-appointments plugin.

CVE ID : CVE-2023-3077
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/9480d0b5-97da-467d-98f6-71a32599a432 | source : contact@wpscan.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3118

Première publication le : 10-07-2023 16:15:54
Dernière modification le : 10-07-2023 16:27:17

Description :
The Export All URLs WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVE ID : CVE-2023-3118
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/8a9efc8d-561a-42c6-8e61-ae5c3be581ea | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3129

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
The URL Shortify WordPress plugin before 1.7.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-3129
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/5717d729-c24b-4415-bb99-fcdd259328c4 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3131

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

CVE ID : CVE-2023-3131
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c | source : contact@wpscan.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-3175

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
The AI ChatBot WordPress plugin before 4.6.1 does not adequately escape some settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

CVE ID : CVE-2023-3175
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/7643980b-eaa2-45d1-bd9d-9afae0943f43 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3209

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

CVE ID : CVE-2023-3209
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c | source : contact@wpscan.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-3219

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
The EventON WordPress plugin before 2.1.2 does not validate that the event_id parameter in its eventon_ics_download ajax action is a valid Event, allowing unauthenticated visitors to access any Post (including unpublished or protected posts) content via the ics export functionality by providing the numeric id of the post.

CVE ID : CVE-2023-3219
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/72d80887-0270-4987-9739-95b1a178c1fd | source : contact@wpscan.com

Vulnérabilité : CWE-639


Vulnérabilité ID : CVE-2023-3225

Première publication le : 10-07-2023 16:15:55
Dernière modification le : 10-07-2023 16:27:17

Description :
The Float menu WordPress plugin before 5.0.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-3225
Source : contact@wpscan.com
Score CVSS : /

Références :
https://wpscan.com/vulnerability/3c76d0f4-2ea8-433d-afb2-e35e45630899 | source : contact@wpscan.com

Vulnérabilité : CWE-79


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.