Latest vulnerabilities of Friday, November 3, 2023

Latest vulnerabilities of Friday, November 3, 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Last update performed on 11/03/2023 at 11:57:02 PM

(9) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : patchstack.com

Vulnerability ID : CVE-2023-25960

First published on : 03-11-2023 13:15:08
Last modified on : 03-11-2023 13:22:30

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zendrop Zendrop – Global Dropshipping zendrop-dropshipping-and-fulfillment allows SQL Injection.This issue affects Zendrop – Global Dropshipping: from n/a through 1.0.0.

CVE ID : CVE-2023-25960
Source : audit@patchstack.com
CVSS Score : 10.0

References :
https://patchstack.com/database/vulnerability/zendrop-dropshipping-and-fulfillment/wordpress-zendrop-global-dropshipping-plugin-1-0-0-arbitrary-code-execution?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Source : redhat.com

Vulnerability ID : CVE-2023-46847

First published on : 03-11-2023 08:15:08
Last modified on : 03-11-2023 13:22:35

Description :
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.

CVE ID : CVE-2023-46847
Source : secalert@redhat.com
CVSS Score : 9.9

References :
https://access.redhat.com/errata/RHSA-2023:6266 | source : secalert@redhat.com
https://access.redhat.com/errata/RHSA-2023:6267 | source : secalert@redhat.com
https://access.redhat.com/errata/RHSA-2023:6268 | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-46847 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2245916 | source : secalert@redhat.com
https://github.com/squid-cache/squid/security/advisories/GHSA-phqj-m8gv-cq4g | source : secalert@redhat.com


Vulnerability ID : CVE-2023-5824

First published on : 03-11-2023 08:15:08
Last modified on : 03-11-2023 13:22:35

Description :
Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.

CVE ID : CVE-2023-5824
Source : secalert@redhat.com
CVSS Score : 9.6

References :
https://access.redhat.com/security/cve/CVE-2023-5824 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2245914 | source : secalert@redhat.com
https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255 | source : secalert@redhat.com


Vulnerability ID : CVE-2023-46846

First published on : 03-11-2023 08:15:07
Last modified on : 03-11-2023 13:22:35

Description :
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

CVE ID : CVE-2023-46846
Source : secalert@redhat.com
CVSS Score : 9.3

References :
https://access.redhat.com/errata/RHSA-2023:6266 | source : secalert@redhat.com
https://access.redhat.com/errata/RHSA-2023:6267 | source : secalert@redhat.com
https://access.redhat.com/errata/RHSA-2023:6268 | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-46846 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2245910 | source : secalert@redhat.com
https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh | source : secalert@redhat.com


Source : cert.org.tw

Vulnerability ID : CVE-2023-41351

First published on : 03-11-2023 06:15:07
Last modified on : 03-11-2023 13:22:35

Description :
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an unauthenticated remote attacker to bypass the authentication mechanism to log in to the device by an alternative URL. This makes it possible for unauthenticated remote attackers to log in as any existing users, such as an administrator, to perform arbitrary system operations or disrupt service.

CVE ID : CVE-2023-41351
Source : twcert@cert.org.tw
CVSS Score : 9.8

References :
https://www.twcert.org.tw/tw/cp-132-7501-6155a-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-288


Vulnerability ID : CVE-2023-41355

First published on : 03-11-2023 06:15:07
Last modified on : 03-11-2023 13:22:35

Description :
Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect messages. An unauthenticated remote attacker can exploit this vulnerability by sending a crafted package to modify the network routing table, resulting in a denial of service or sensitive information leaking.

CVE ID : CVE-2023-41355
Source : twcert@cert.org.tw
CVSS Score : 9.8

References :
https://www.twcert.org.tw/tw/cp-132-7505-a0c94-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-20


Source : wordfence.com

Vulnerability ID : CVE-2023-3277

First published on : 03-11-2023 12:15:08
Last modified on : 03-11-2023 13:22:30

Description :
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's email address. We are disclosing this issue as the developer has not yet released a patch, but continues to release updates and we escalated this issue to the plugin's team 30 days ago.

CVE ID : CVE-2023-3277
Source : security@wordfence.com
CVSS Score : 9.8

References :
https://plugins.trac.wordpress.org/browser/mstore-api/trunk/controllers/flutter-user.php#L821 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/1c7c0c35-5f44-488f-9fe1-269ea4a73854?source=cve | source : security@wordfence.com

Vulnerability : CWE-288


Source : qnapsecurity.com.tw

Vulnerability ID : CVE-2023-23368

First published on : 03-11-2023 17:15:08
Last modified on : 03-11-2023 18:05:16

Description :
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2376 build 20230421 and later QTS 4.5.4.2374 build 20230416 and later QuTS hero h5.0.1.2376 build 20230421 and later QuTS hero h4.5.4.2374 build 20230417 and later QuTScloud c5.0.1.2374 and later

CVE ID : CVE-2023-23368
Source : security@qnapsecurity.com.tw
CVSS Score : 9.8

References :
https://www.qnap.com/en/security-advisory/qsa-23-31 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-78


Vulnerability ID : CVE-2023-23369

First published on : 03-11-2023 17:15:08
Last modified on : 03-11-2023 18:05:16

Description :
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: Multimedia Console 2.1.2 ( 2023/05/04 ) and later Multimedia Console 1.4.8 ( 2023/05/05 ) and later QTS 5.1.0.2399 build 20230515 and later QTS 4.3.6.2441 build 20230621 and later QTS 4.3.4.2451 build 20230621 and later QTS 4.3.3.2420 build 20230621 and later QTS 4.2.6 build 20230621 and later Media Streaming add-on 500.1.1.2 ( 2023/06/12 ) and later Media Streaming add-on 500.0.0.11 ( 2023/06/16 ) and later

CVE ID : CVE-2023-23369
Source : security@qnapsecurity.com.tw
CVSS Score : 9.0

References :
https://www.qnap.com/en/security-advisory/qsa-23-35 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-77
Vulnerability : CWE-78


(21) HIGH VULNERABILITIES [7.0, 8.9]

Source : cert.org.tw

Vulnerability ID : CVE-2023-41345

First published on : 03-11-2023 05:15:29
Last modified on : 03-11-2023 13:22:46

Description :
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system, or terminate services.

CVE ID : CVE-2023-41345
Source : twcert@cert.org.tw
CVSS Score : 8.8

References :
https://www.twcert.org.tw/tw/cp-132-7496-96e2c-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-78


Vulnerability ID : CVE-2023-41346

First published on : 03-11-2023 05:15:29
Last modified on : 03-11-2023 13:22:46

Description :
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system or terminate services.

CVE ID : CVE-2023-41346
Source : twcert@cert.org.tw
CVSS Score : 8.8

References :
https://www.twcert.org.tw/tw/cp-132-7497-f92ac-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-78


Vulnerability ID : CVE-2023-41347

First published on : 03-11-2023 05:15:29
Last modified on : 03-11-2023 13:22:46

Description :
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system or terminate services.

CVE ID : CVE-2023-41347
Source : twcert@cert.org.tw
CVSS Score : 8.8

References :
https://www.twcert.org.tw/tw/cp-132-7498-18012-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-78


Vulnerability ID : CVE-2023-41348

First published on : 03-11-2023 05:15:29
Last modified on : 03-11-2023 13:22:46

Description :
ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system or terminate services.

CVE ID : CVE-2023-41348
Source : twcert@cert.org.tw
CVSS Score : 8.8

References :
https://www.twcert.org.tw/tw/cp-132-7499-63907-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-78


Vulnerability ID : CVE-2023-41353

First published on : 03-11-2023 06:15:07
Last modified on : 03-11-2023 13:22:35

Description :
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of weak password requirements. A remote attacker with regular user privilege can easily infer the administrator password from system information after logging system, resulting in admin access and performing arbitrary system operations or disrupt service.

CVE ID : CVE-2023-41353
Source : twcert@cert.org.tw
CVSS Score : 8.8

References :
https://www.twcert.org.tw/tw/cp-132-7503-a27ed-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-521


Vulnerability ID : CVE-2023-41357

First published on : 03-11-2023 07:15:14
Last modified on : 03-11-2023 13:22:35

Description :
Galaxy Software Services Corporation Vitals ESP is an online knowledge base management portal, it has insufficient filtering and validation during file upload. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operations or disrupt service.

CVE ID : CVE-2023-41357
Source : twcert@cert.org.tw
CVSS Score : 8.8

References :
https://www.twcert.org.tw/tw/cp-132-7508-6d1ef-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-41350

First published on : 03-11-2023 05:15:29
Last modified on : 03-11-2023 13:22:46

Description :
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient measures to prevent multiple failed authentication attempts. An unauthenticated remote attacker can execute a crafted Javascript to expose captcha in page, making it very easy for bots to bypass the captcha check and more susceptible to brute force attacks.

CVE ID : CVE-2023-41350
Source : twcert@cert.org.tw
CVSS Score : 7.5

References :
https://www.twcert.org.tw/tw/cp-132-7500-0c544-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-307


Vulnerability ID : CVE-2023-41344

First published on : 03-11-2023 07:15:14
Last modified on : 03-11-2023 13:22:35

Description :
NCSIST ManageEngine Mobile Device Manager(MDM) APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files.

CVE ID : CVE-2023-41344
Source : twcert@cert.org.tw
CVSS Score : 7.5

References :
https://www.twcert.org.tw/tw/cp-132-7507-55b28-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-22


Vulnerability ID : CVE-2023-41352

First published on : 03-11-2023 06:15:07
Last modified on : 03-11-2023 13:22:35

Description :
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input. A remote attacker with administrator privilege can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system or terminate services.

CVE ID : CVE-2023-41352
Source : twcert@cert.org.tw
CVSS Score : 7.2

References :
https://www.twcert.org.tw/tw/cp-132-7502-287ec-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-78


Source : liggitt.net

Vulnerability ID : CVE-2023-3893

First published on : 03-11-2023 18:15:08
Last modified on : 03-11-2023 18:33:25

Description :
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy.

CVE ID : CVE-2023-3893
Source : jordan@liggitt.net
CVSS Score : 8.8

References :
https://github.com/kubernetes/kubernetes/issues/119594 | source : jordan@liggitt.net
https://groups.google.com/g/kubernetes-security-announce/c/lWksE2BoCyQ | source : jordan@liggitt.net

Vulnerability : CWE-20


Source : hackerone.com

Vulnerability ID : CVE-2022-44569

First published on : 03-11-2023 20:15:08
Last modified on : 03-11-2023 20:15:08

Description :
A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication.

CVE ID : CVE-2022-44569
Source : support@hackerone.com
CVSS Score : 8.8

References :
https://help.ivanti.com/res/help/en_US/IA/2023/Admin/Content/relnotes.htm | source : support@hackerone.com


Vulnerability ID : CVE-2022-43554

First published on : 03-11-2023 20:15:08
Last modified on : 03-11-2023 20:15:08

Description :
Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation Vulnerability

CVE ID : CVE-2022-43554
Source : support@hackerone.com
CVSS Score : 7.8

References :
https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt | source : support@hackerone.com


Vulnerability ID : CVE-2022-43555

First published on : 03-11-2023 20:15:08
Last modified on : 03-11-2023 20:15:08

Description :
Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation Vulnerability

CVE ID : CVE-2022-43555
Source : support@hackerone.com
CVSS Score : 7.8

References :
https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt | source : support@hackerone.com


Vulnerability ID : CVE-2023-41725

First published on : 03-11-2023 20:15:09
Last modified on : 03-11-2023 20:15:09

Description :
Ivanti Avalanche EnterpriseServer Service Unrestricted File Upload Local Privilege Escalation Vulnerability

CVE ID : CVE-2023-41725
Source : support@hackerone.com
CVSS Score : 7.8

References :
https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt | source : support@hackerone.com


Vulnerability ID : CVE-2023-41726

First published on : 03-11-2023 20:15:09
Last modified on : 03-11-2023 20:15:09

Description :
Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability

CVE ID : CVE-2023-41726
Source : support@hackerone.com
CVSS Score : 7.8

References :
https://download.wavelink.com/Files/avalanche_v6.4.1.236_release_notes.txt | source : support@hackerone.com


Source : redhat.com

Vulnerability ID : CVE-2023-46848

First published on : 03-11-2023 08:15:08
Last modified on : 03-11-2023 13:22:35

Description :
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.

CVE ID : CVE-2023-46848
Source : secalert@redhat.com
CVSS Score : 8.6

References :
https://access.redhat.com/errata/RHSA-2023:6266 | source : secalert@redhat.com
https://access.redhat.com/errata/RHSA-2023:6268 | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-46848 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2245919 | source : secalert@redhat.com
https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w | source : secalert@redhat.com


Vulnerability ID : CVE-2023-1194

First published on : 03-11-2023 08:15:07
Last modified on : 03-11-2023 13:22:35

Description :
An out-of-bounds (OOB) memory read flaw was found in parse_lease_state in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of `NameOffset` in the `parse_lease_state()` function, the `create_context` object can access invalid memory.

CVE ID : CVE-2023-1194
Source : secalert@redhat.com
CVSS Score : 7.1

References :
https://access.redhat.com/security/cve/CVE-2023-1194 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2154176 | source : secalert@redhat.com
https://www.spinics.net/lists/stable-commits/msg303065.html | source : secalert@redhat.com


Vulnerability ID : CVE-2023-1476

First published on : 03-11-2023 09:15:13
Last modified on : 03-11-2023 13:22:35

Description :
A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system.

CVE ID : CVE-2023-1476
Source : secalert@redhat.com
CVSS Score : 7.0

References :
https://access.redhat.com/errata/RHSA-2023:1659 | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-1476 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2176035 | source : secalert@redhat.com
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2 | source : secalert@redhat.com


Source : huntr.dev

Vulnerability ID : CVE-2023-5948

First published on : 03-11-2023 07:15:14
Last modified on : 03-11-2023 13:22:35

Description :
Improper Authorization in GitHub repository teamamaze/amazefileutilities prior to 1.91.

CVE ID : CVE-2023-5948
Source : security@huntr.dev
CVSS Score : 8.2

References :
https://github.com/teamamaze/amazefileutilities/commit/62d02204d452603ab85c50d43c7c680e4256c7d7 | source : security@huntr.dev
https://huntr.com/bounties/ac1363b5-207b-40d9-aac5-e66d6213f692 | source : security@huntr.dev

Vulnerability : CWE-285


Source : incibe.es

Vulnerability ID : CVE-2023-4591

First published on : 03-11-2023 12:15:08
Last modified on : 03-11-2023 13:22:30

Description :
A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion (LFI) via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the loading of a PHP file on the server, leading to a critical webshell exploit.

CVE ID : CVE-2023-4591
Source : cve-coordination@incibe.es
CVSS Score : 7.5

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wpn-xm-serverstack | source : cve-coordination@incibe.es

Vulnerability : CWE-829


Source : qnapsecurity.com.tw

Vulnerability ID : CVE-2023-39299

First published on : 03-11-2023 17:15:08
Last modified on : 03-11-2023 18:05:16

Description :
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: Music Station 4.8.11 and later Music Station 5.1.16 and later Music Station 5.3.23 and later

CVE ID : CVE-2023-39299
Source : security@qnapsecurity.com.tw
CVSS Score : 7.5

References :
https://www.qnap.com/en/security-advisory/qsa-23-61 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-22


(26) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : eclipse.org

Vulnerability ID : CVE-2023-5763

First published on : 03-11-2023 07:15:14
Last modified on : 03-11-2023 13:22:35

Description :
In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.

CVE ID : CVE-2023-5763
Source : emo@eclipse.org
CVSS Score : 6.8

References :
https://gitlab.eclipse.org/security/cve-assignement/-/issues/14 | source : emo@eclipse.org
https://glassfish.org/docs/latest/security-guide.html#securing-glassfish-server | source : emo@eclipse.org

Vulnerability : CWE-20
Vulnerability : CWE-913


Vulnerability ID : CVE-2023-4043

First published on : 03-11-2023 09:15:13
Last modified on : 03-11-2023 13:22:35

Description :
In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much larger processing time than one would expect. To mitigate the risk, parsson put in place a size limit for the numbers as well as their scale.

CVE ID : CVE-2023-4043
Source : emo@eclipse.org
CVSS Score : 5.9

References :
https://github.com/eclipse-ee4j/parsson/pull/100 | source : emo@eclipse.org
https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/13 | source : emo@eclipse.org

Vulnerability : CWE-20
Vulnerability : CWE-834


Source : us.ibm.com

Vulnerability ID : CVE-2023-46176

First published on : 03-11-2023 01:15:08
Last modified on : 03-11-2023 13:22:51

Description :
IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. IBM X-Force ID: 269535.

CVE ID : CVE-2023-46176
Source : psirt@us.ibm.com
CVSS Score : 6.7

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/269535 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7060769 | source : psirt@us.ibm.com

Vulnerability : CWE-424


Vulnerability ID : CVE-2023-43018

First published on : 03-11-2023 00:15:12
Last modified on : 03-11-2023 13:22:46

Description :
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 266163.

CVE ID : CVE-2023-43018
Source : psirt@us.ibm.com
CVSS Score : 5.9

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/266163 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7063668 | source : psirt@us.ibm.com

Vulnerability : CWE-250


Vulnerability ID : CVE-2023-35896

First published on : 03-11-2023 03:15:07
Last modified on : 03-11-2023 13:22:51

Description :
IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 259247.

CVE ID : CVE-2023-35896
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/259247 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7065203 | source : psirt@us.ibm.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-42029

First published on : 03-11-2023 00:15:12
Last modified on : 03-11-2023 13:22:46

Description :
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266059.

CVE ID : CVE-2023-42029
Source : psirt@us.ibm.com
CVSS Score : 4.8

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/266059 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7063659 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7063663 | source : psirt@us.ibm.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-42027

First published on : 03-11-2023 00:15:12
Last modified on : 03-11-2023 13:22:46

Description :
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 266057.

CVE ID : CVE-2023-42027
Source : psirt@us.ibm.com
CVSS Score : 4.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/266057 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7063659 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7063664 | source : psirt@us.ibm.com

Vulnerability : CWE-352


Source : microsoft.com

Vulnerability ID : CVE-2023-36022

First published on : 03-11-2023 01:15:07
Last modified on : 03-11-2023 13:22:51

Description :
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE ID : CVE-2023-36022
Source : secure@microsoft.com
CVSS Score : 6.6

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36022 | source : secure@microsoft.com


Vulnerability ID : CVE-2023-36034

First published on : 03-11-2023 01:15:08
Last modified on : 03-11-2023 13:22:51

Description :
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE ID : CVE-2023-36034
Source : secure@microsoft.com
CVSS Score : 6.6

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36034 | source : secure@microsoft.com


Vulnerability ID : CVE-2023-36029

First published on : 03-11-2023 01:15:07
Last modified on : 03-11-2023 13:22:51

Description :
Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE ID : CVE-2023-36029
Source : secure@microsoft.com
CVSS Score : 4.3

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36029 | source : secure@microsoft.com


Source : incibe.es

Vulnerability ID : CVE-2023-4769

First published on : 03-11-2023 11:15:08
Last modified on : 03-11-2023 13:22:30

Description :
A SSRF vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0, specifically the /smtpConfig.do component. This vulnerability could allow an authenticated attacker to launch targeted attacks, such as a cross-port attack, service enumeration and other attacks via HTTP requests.

CVE ID : CVE-2023-4769
Source : cve-coordination@incibe.es
CVSS Score : 6.6

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-manageengine-desktop-central | source : cve-coordination@incibe.es

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-4767

First published on : 03-11-2023 11:15:08
Last modified on : 03-11-2023 13:22:30

Description :
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fileName parameter in /STATE_ID/1613157927228/InvSWMetering.csv.

CVE ID : CVE-2023-4767
Source : cve-coordination@incibe.es
CVSS Score : 6.1

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-manageengine-desktop-central | source : cve-coordination@incibe.es

Vulnerability : CWE-93


Vulnerability ID : CVE-2023-4768

First published on : 03-11-2023 11:15:08
Last modified on : 03-11-2023 13:22:30

Description :
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fileName parameter in /STATE_ID/1613157927228/InvSWMetering.pdf.

CVE ID : CVE-2023-4768
Source : cve-coordination@incibe.es
CVSS Score : 6.1

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-manageengine-desktop-central | source : cve-coordination@incibe.es

Vulnerability : CWE-93


Vulnerability ID : CVE-2023-4592

First published on : 03-11-2023 12:15:08
Last modified on : 03-11-2023 13:22:30

Description :
A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an authenticated user, resulting in a session hijacking.

CVE ID : CVE-2023-4592
Source : cve-coordination@incibe.es
CVSS Score : 6.1

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wpn-xm-serverstack | source : cve-coordination@incibe.es

Vulnerability : CWE-79


Source : cert.org.tw

Vulnerability ID : CVE-2023-41356

First published on : 03-11-2023 07:15:14
Last modified on : 03-11-2023 13:22:35

Description :
NCSIST ManageEngine Mobile Device Manager(MDM) APP's special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files.

CVE ID : CVE-2023-41356
Source : twcert@cert.org.tw
CVSS Score : 6.5

References :
https://www.twcert.org.tw/tw/cp-132-7506-b4e29-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-639


Vulnerability ID : CVE-2023-41343

First published on : 03-11-2023 05:15:29
Last modified on : 03-11-2023 13:22:57

Description :
Rogic No-Code Database Builder's file uploading function has insufficient filtering for special characters. A remote attacker with regular user privilege can inject JavaScript to perform XSS (Stored Cross-Site Scripting) attack.

CVE ID : CVE-2023-41343
Source : twcert@cert.org.tw
CVSS Score : 5.4

References :
https://www.twcert.org.tw/tw/cp-132-7509-5b734-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-41354

First published on : 03-11-2023 06:15:07
Last modified on : 03-11-2023 13:22:35

Description :
Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauthenticated remote attacker can exploit this vulnerability by sending a crafted package, resulting in partially sensitive information exposed to an actor.

CVE ID : CVE-2023-41354
Source : twcert@cert.org.tw
CVSS Score : 4.0

References :
https://www.twcert.org.tw/tw/cp-132-7504-c6a5e-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-200


Source : redhat.com

Vulnerability ID : CVE-2023-42670

First published on : 03-11-2023 08:15:07
Last modified on : 03-11-2023 22:15:10

Description :
A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for example, NT4-emulation "classic DCs") can erroneously start and compete for the same unix domain sockets. This issue leads to partial query responses from the AD DC, causing issues such as "The procedure number is out of range" when using tools like Active Directory Users. This flaw allows an attacker to disrupt AD DC services.

CVE ID : CVE-2023-42670
Source : secalert@redhat.com
CVSS Score : 6.5

References :
https://access.redhat.com/security/cve/CVE-2023-42670 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2241885 | source : secalert@redhat.com
https://bugzilla.samba.org/show_bug.cgi?id=15473 | source : secalert@redhat.com
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/ | source : secalert@redhat.com
https://www.samba.org/samba/security/CVE-2023-42670.html | source : secalert@redhat.com


Vulnerability ID : CVE-2023-4091

First published on : 03-11-2023 08:15:08
Last modified on : 03-11-2023 22:15:11

Description :
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions.

CVE ID : CVE-2023-4091
Source : secalert@redhat.com
CVSS Score : 6.5

References :
https://access.redhat.com/errata/RHSA-2023:6209 | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-4091 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2241882 | source : secalert@redhat.com
https://bugzilla.samba.org/show_bug.cgi?id=15439 | source : secalert@redhat.com
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/ | source : secalert@redhat.com
https://www.samba.org/samba/security/CVE-2023-4091.html | source : secalert@redhat.com


Vulnerability ID : CVE-2023-3961

First published on : 03-11-2023 13:15:08
Last modified on : 03-11-2023 22:15:10

Description :
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates on demand. However, due to inadequate sanitization of incoming client pipe names, allowing a client to send a pipe name containing Unix directory traversal characters (../). This could result in SMB clients connecting as root to Unix domain sockets outside the private directory. If an attacker or client managed to send a pipe name resolving to an external service using an existing Unix domain socket, it could potentially lead to unauthorized access to the service and consequential adverse events, including compromise or service crashes.

CVE ID : CVE-2023-3961
Source : secalert@redhat.com
CVSS Score : 6.5

References :
https://access.redhat.com/errata/RHSA-2023:6209 | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-3961 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2241881 | source : secalert@redhat.com
https://bugzilla.samba.org/show_bug.cgi?id=15422 | source : secalert@redhat.com
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/ | source : secalert@redhat.com
https://www.samba.org/samba/security/CVE-2023-3961.html | source : secalert@redhat.com


Vulnerability ID : CVE-2023-5088

First published on : 03-11-2023 14:15:08
Last modified on : 03-11-2023 16:26:21

Description :
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, for example, by L2 guests with a virtual disk (vdiskL2) stored on a virtual disk of an L1 (vdiskL1) hypervisor to read and/or write data to LBA 0 of vdiskL1, potentially gaining control of L1 at its next reboot.

CVE ID : CVE-2023-5088
Source : secalert@redhat.com
CVSS Score : 6.4

References :
https://access.redhat.com/security/cve/CVE-2023-5088 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2247283 | source : secalert@redhat.com
https://lore.kernel.org/all/20230921160712.99521-1-simon.rowe@nutanix.com/T/ | source : secalert@redhat.com


Source : wordfence.com

Vulnerability ID : CVE-2023-5707

First published on : 03-11-2023 13:15:08
Last modified on : 03-11-2023 13:22:30

Description :
The SEO Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'slider' shortcode and post meta in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5707
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/seo-slider/trunk/includes/shortcode.php?rev=2367856#L68 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/seo-slider/trunk/includes/shortcode.php?rev=2367856#L71 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2987802/seo-slider#file3 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/32bc88a7-93ed-4d67-9383-b6d935a0df4d?source=cve | source : security@wordfence.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5946

First published on : 03-11-2023 14:15:08
Last modified on : 03-11-2023 16:26:21

Description :
The Digirisk plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'current_group_id' parameter in version 6.0.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

CVE ID : CVE-2023-5946
Source : security@wordfence.com
CVSS Score : 6.1

References :
https://plugins.trac.wordpress.org/changeset/1428184/digirisk/trunk/modules/society/controller/group.controller.01.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/d41355ed-77d0-48b3-bbb3-4cc3b4df4b2a?source=cve | source : security@wordfence.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5945

First published on : 03-11-2023 13:15:08
Last modified on : 03-11-2023 13:22:30

Description :
The video carousel slider with lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the responsive_video_gallery_with_lightbox_video_management_func() function. This makes it possible for unauthenticated attackers to delete videos hosted from the video slider via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE ID : CVE-2023-5945
Source : security@wordfence.com
CVSS Score : 4.3

References :
https://github.com/wp-plugins/wp-responsive-video-gallery-with-lightbox/blob/master/wp-responsive-video-gallery-with-lightbox.php | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/wp-responsive-video-gallery-with-lightbox/tags/1.0.1/wp-responsive-video-gallery-with-lightbox.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/dc052b00-65a7-4668-8bdd-b06d69d12a4a?source=cve | source : security@wordfence.com

Vulnerability : CWE-352


Source : liggitt.net

Vulnerability ID : CVE-2022-3172

First published on : 03-11-2023 20:15:08
Last modified on : 03-11-2023 20:15:08

Description :
A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties.

CVE ID : CVE-2022-3172
Source : jordan@liggitt.net
CVSS Score : 5.1

References :
https://github.com/kubernetes/kubernetes/issues/112513 | source : jordan@liggitt.net
https://groups.google.com/g/kubernetes-security-announce/c/_aLzYMpPRak | source : jordan@liggitt.net

Vulnerability : CWE-918


Source : qnapsecurity.com.tw

Vulnerability ID : CVE-2023-39301

First published on : 03-11-2023 17:15:08
Last modified on : 03-11-2023 18:05:16

Description :
A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read application data via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2514 build 20230906 and later QTS 5.1.1.2491 build 20230815 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.1.2488 build 20230812 and later QuTScloud c5.1.0.2498 and later

CVE ID : CVE-2023-39301
Source : security@qnapsecurity.com.tw
CVSS Score : 4.3

References :
https://www.qnap.com/en/security-advisory/qsa-23-51 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-918


(0) LOW VULNERABILITIES [0.1, 3.9]

(45) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2017-7252

First published on : 03-11-2023 01:15:07
Last modified on : 03-11-2023 13:22:46

Description :
bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.

CVE ID : CVE-2017-7252
Source : cve@mitre.org
CVSS Score : /

References :
https://botan.randombit.net/security.html | source : cve@mitre.org
https://bugzilla.suse.com/show_bug.cgi?id=1034591 | source : cve@mitre.org


Vulnerability ID : CVE-2023-46954

First published on : 03-11-2023 03:15:07
Last modified on : 03-11-2023 13:22:57

Description :
SQL Injection vulnerability in Relativity ODA LLC RelativityOne v.12.1.537.3 Patch 2 and earlier allows a remote attacker to execute arbitrary code via the name parameter.

CVE ID : CVE-2023-46954
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/jakedmurphy1/CVE-2023-46954 | source : cve@mitre.org


Vulnerability ID : CVE-2020-28407

First published on : 03-11-2023 04:15:15
Last modified on : 03-11-2023 13:22:51

Description :
In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

CVE ID : CVE-2020-28407
Source : cve@mitre.org
CVSS Score : /

References :
https://bugzilla.suse.com/show_bug.cgi?id=1198395 | source : cve@mitre.org
https://github.com/stefanberger/swtpm/releases/tag/v0.4.2 | source : cve@mitre.org
https://github.com/stefanberger/swtpm/releases/tag/v0.5.1 | source : cve@mitre.org


Vulnerability ID : CVE-2023-31102

First published on : 03-11-2023 04:15:20
Last modified on : 03-11-2023 13:22:41

Description :
7-Zip through 22.01 on Linux allows an integer underflow and code execution via a crafted 7Z archive.

CVE ID : CVE-2023-31102
Source : cve@mitre.org
CVSS Score : /

References :
https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/ | source : cve@mitre.org
https://www.7-zip.org/download.html | source : cve@mitre.org
https://www.zerodayinitiative.com/advisories/ZDI-23-1165/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-34259

First published on : 03-11-2023 04:15:20
Last modified on : 03-11-2023 13:22:51

Description :
Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow /wlmdeu%2f%2e%2e%2f%2e%2e directory traversal to read arbitrary files on the filesystem, even files that require root privileges. NOTE: this issue exists because of an incomplete fix for CVE-2020-23575.

CVE ID : CVE-2023-34259
Source : cve@mitre.org
CVSS Score : /

References :
https://sec-consult.com/vulnerability-lab/ | source : cve@mitre.org
https://seclists.org/fulldisclosure/2023/Jul/15 | source : cve@mitre.org


Vulnerability ID : CVE-2023-34260

First published on : 03-11-2023 04:15:20
Last modified on : 03-11-2023 13:22:51

Description :
Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow a denial of service (service outage) via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory.

CVE ID : CVE-2023-34260
Source : cve@mitre.org
CVSS Score : /

References :
https://sec-consult.com/vulnerability-lab/ | source : cve@mitre.org
https://seclists.org/fulldisclosure/2023/Jul/15 | source : cve@mitre.org


Vulnerability ID : CVE-2023-34261

First published on : 03-11-2023 04:15:20
Last modified on : 03-11-2023 13:22:51

Description :
Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error.

CVE ID : CVE-2023-34261
Source : cve@mitre.org
CVSS Score : /

References :
https://sec-consult.com/vulnerability-lab/ | source : cve@mitre.org
https://seclists.org/fulldisclosure/2023/Jul/15 | source : cve@mitre.org


Vulnerability ID : CVE-2023-36620

First published on : 03-11-2023 04:15:21
Last modified on : 03-11-2023 13:22:46

Description :
An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is used to authenticate requests to the API.

CVE ID : CVE-2023-36620
Source : cve@mitre.org
CVSS Score : /

References :
https://sec-consult.com/blog/detail/the-hidden-costs-of-parental-control-apps/ | source : cve@mitre.org
https://seclists.org/fulldisclosure/2023/Jul/12 | source : cve@mitre.org
https://useboomerang.com/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-36621

First published on : 03-11-2023 04:15:21
Last modified on : 03-11-2023 13:22:46

Description :
An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing.

CVE ID : CVE-2023-36621
Source : cve@mitre.org
CVSS Score : /

References :
https://sec-consult.com/blog/detail/the-hidden-costs-of-parental-control-apps/ | source : cve@mitre.org
https://seclists.org/fulldisclosure/2023/Jul/12 | source : cve@mitre.org
https://useboomerang.com/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-38965

First published on : 03-11-2023 05:15:29
Last modified on : 03-11-2023 13:22:51

Description :
Lost and Found Information System 1.0 allows account takeover via username and password to a /classes/Users.php?f=save URI.

CVE ID : CVE-2023-38965
Source : cve@mitre.org
CVSS Score : /

References :
http://packetstormsecurity.com/files/175077/Lost-And-Found-Information-System-1.0-Insecure-Direct-Object-Reference.html | source : cve@mitre.org
https://github.com/Or4ngm4n/vulnreability-code-review-php/blob/main/Lost%20and%20Found%20Information%20System%20v1.0.txt | source : cve@mitre.org


Vulnerability ID : CVE-2023-41164

First published on : 03-11-2023 05:15:29
Last modified on : 03-11-2023 22:15:10

Description :
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.

CVE ID : CVE-2023-41164
Source : cve@mitre.org
CVSS Score : /

References :
https://docs.djangoproject.com/en/4.2/releases/security/ | source : cve@mitre.org
https://groups.google.com/forum/#!forum/django-announce | source : cve@mitre.org
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU/ | source : cve@mitre.org
https://www.djangoproject.com/weblog/2023/sep/04/security-releases/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-41259

First published on : 03-11-2023 05:15:29
Last modified on : 03-11-2023 13:22:46

Description :
Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call.

CVE ID : CVE-2023-41259
Source : cve@mitre.org
CVSS Score : /

References :
https://docs.bestpractical.com/release-notes/rt/4.4.7 | source : cve@mitre.org
https://docs.bestpractical.com/release-notes/rt/5.0.5 | source : cve@mitre.org
https://docs.bestpractical.com/release-notes/rt/index.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-41260

First published on : 03-11-2023 05:15:29
Last modified on : 03-11-2023 13:22:46

Description :
Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls.

CVE ID : CVE-2023-41260
Source : cve@mitre.org
CVSS Score : /

References :
https://docs.bestpractical.com/release-notes/rt/4.4.7 | source : cve@mitre.org
https://docs.bestpractical.com/release-notes/rt/5.0.5 | source : cve@mitre.org
https://docs.bestpractical.com/release-notes/rt/index.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-41914

First published on : 03-11-2023 05:15:30
Last modified on : 03-11-2023 22:15:10

Description :
SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files.

CVE ID : CVE-2023-41914
Source : cve@mitre.org
CVSS Score : /

References :
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OWKTCYZT3DXEH66QXQJYB7NI7ONDRS4M/ | source : cve@mitre.org
https://lists.schedmd.com/pipermail/slurm-announce/2023/000100.html | source : cve@mitre.org
https://schedmd.com/security.php | source : cve@mitre.org


Vulnerability ID : CVE-2023-43665

First published on : 03-11-2023 05:15:30
Last modified on : 03-11-2023 22:15:10

Description :
In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232.

CVE ID : CVE-2023-43665
Source : cve@mitre.org
CVSS Score : /

References :
https://docs.djangoproject.com/en/4.2/releases/security/ | source : cve@mitre.org
https://groups.google.com/forum/#!forum/django-announce | source : cve@mitre.org
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU/ | source : cve@mitre.org
https://www.djangoproject.com/weblog/2023/oct/04/security-releases/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-43982

First published on : 03-11-2023 05:15:30
Last modified on : 03-11-2023 13:22:46

Description :
Bon Presta boninstagramcarousel between v5.2.1 to v7.0.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter at insta_parser.php. This vulnerability allows attackers to use the vulnerable website as proxy to attack other websites or exfiltrate data via a HTTP call.

CVE ID : CVE-2023-43982
Source : cve@mitre.org
CVSS Score : /

References :
https://security.friendsofpresta.org/modules/2023/11/02/boninstagramcarousel.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-44271

First published on : 03-11-2023 05:15:30
Last modified on : 03-11-2023 13:22:46

Description :
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument.

CVE ID : CVE-2023-44271
Source : cve@mitre.org
CVSS Score : /

References :
https://devhub.checkmarx.com/cve-details/CVE-2023-44271/ | source : cve@mitre.org
https://github.com/python-pillow/Pillow/commit/1fe1bb49c452b0318cad12ea9d97c3bef188e9a7 | source : cve@mitre.org
https://github.com/python-pillow/Pillow/pull/7244 | source : cve@mitre.org


Vulnerability ID : CVE-2023-45024

First published on : 03-11-2023 05:15:30
Last modified on : 03-11-2023 13:22:46

Description :
Best Practical Request Tracker (RT) 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder.

CVE ID : CVE-2023-45024
Source : cve@mitre.org
CVSS Score : /

References :
https://docs.bestpractical.com/release-notes/rt/5.0.5 | source : cve@mitre.org
https://docs.bestpractical.com/release-notes/rt/index.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-45360

First published on : 03-11-2023 05:15:30
Last modified on : 03-11-2023 13:22:46

Description :
An issue was discovered in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is XSS in youhavenewmessagesmanyusers and youhavenewmessages i18n messages. This is related to MediaWiki:Youhavenewmessagesfromusers.

CVE ID : CVE-2023-45360
Source : cve@mitre.org
CVSS Score : /

References :
https://phabricator.wikimedia.org/T340221 | source : cve@mitre.org


Vulnerability ID : CVE-2023-45362

First published on : 03-11-2023 05:15:30
Last modified on : 03-11-2023 13:22:41

Description :
An issue was discovered in DifferenceEngine.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. diff-multi-sameuser (aka "X intermediate revisions by the same user not shown") ignores username suppression. This is an information leak.

CVE ID : CVE-2023-45362
Source : cve@mitre.org
CVSS Score : /

References :
https://phabricator.wikimedia.org/T341529 | source : cve@mitre.org


Vulnerability ID : CVE-2023-46517

First published on : 03-11-2023 05:15:30
Last modified on : 03-11-2023 05:15:30

Description :
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-46517
Source : cve@mitre.org
CVSS Score : /

References :


Vulnerability ID : CVE-2023-46817

First published on : 03-11-2023 05:15:30
Last modified on : 03-11-2023 13:22:35

Description :
An issue was discovered in phpFox before 4.8.14. The url request parameter passed to the /core/redirect route is not properly sanitized before being used in a call to the unserialize() PHP function. This can be exploited by remote, unauthenticated attackers to inject arbitrary PHP objects into the application scope, allowing them to perform a variety of attacks, such as executing arbitrary PHP code.

CVE ID : CVE-2023-46817
Source : cve@mitre.org
CVSS Score : /

References :
http://seclists.org/fulldisclosure/2023/Oct/30 | source : cve@mitre.org
https://docs.phpfox.com/display/FOX4MAN/phpFox+4.8.14 | source : cve@mitre.org
https://karmainsecurity.com/KIS-2023-12 | source : cve@mitre.org
https://karmainsecurity.com/pocs/CVE-2023-46817.php | source : cve@mitre.org
https://www.phpfox.com/blog/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-46947

First published on : 03-11-2023 13:15:08
Last modified on : 03-11-2023 13:22:30

Description :
Subrion 4.2.1 has a remote command execution vulnerability in the backend.

CVE ID : CVE-2023-46947
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/intelliants/subrion/issues/909 | source : cve@mitre.org


Vulnerability ID : CVE-2023-46404

First published on : 03-11-2023 16:15:31
Last modified on : 03-11-2023 16:26:21

Description :
PCRS <= 3.11 (d0de1e) “Questions” page and “Code editor” page are vulnerable to remote code execution (RCE) by escaping Python sandboxing.

CVE ID : CVE-2023-46404
Source : cve@mitre.org
CVSS Score : /

References :
https://bitbucket.org/utmandrew/pcrs/commits/5f18bcbb383b7d73f7a8b399cc52b23597d752ae | source : cve@mitre.org
https://github.com/windecks/CVE-2023-46404 | source : cve@mitre.org


Vulnerability ID : CVE-2023-46980

First published on : 03-11-2023 16:15:31
Last modified on : 03-11-2023 16:26:21

Description :
An issue in Best Courier Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the userID parameter.

CVE ID : CVE-2023-46980
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/sajaljat/CVE-2023-46980/tree/main | source : cve@mitre.org
https://youtu.be/3Mz2lSElg7Y | source : cve@mitre.org


Vulnerability ID : CVE-2023-47233

First published on : 03-11-2023 21:15:17
Last modified on : 03-11-2023 21:15:17

Description :
The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.

CVE ID : CVE-2023-47233
Source : cve@mitre.org
CVSS Score : /

References :
https://bugzilla.suse.com/show_bug.cgi?id=1216702 | source : cve@mitre.org


Vulnerability ID : CVE-2023-47234

First published on : 03-11-2023 21:15:17
Last modified on : 03-11-2023 21:15:17

Description :
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).

CVE ID : CVE-2023-47234
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/FRRouting/frr/pull/14716/commits/c37119df45bbf4ef713bc10475af2ee06e12f3bf | source : cve@mitre.org


Vulnerability ID : CVE-2023-47235

First published on : 03-11-2023 21:15:17
Last modified on : 03-11-2023 21:15:17

Description :
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome.

CVE ID : CVE-2023-47235
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/FRRouting/frr/pull/14716/commits/6814f2e0138a6ea5e1f83bdd9085d9a77999900b | source : cve@mitre.org


Source : patchstack.com

Vulnerability ID : CVE-2022-47588

First published on : 03-11-2023 12:15:08
Last modified on : 03-11-2023 13:22:30

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tips and Tricks HQ, Peter Petreski Simple Photo Gallery simple-photo-gallery allows SQL Injection.This issue affects Simple Photo Gallery: from n/a through v1.8.1.

CVE ID : CVE-2022-47588
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/simple-photo-gallery/wordpress-simple-photo-gallery-plugin-v1-8-1-sql-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-34383

First published on : 03-11-2023 12:15:08
Last modified on : 03-11-2023 13:22:30

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP Project Manager wedevs-project-manager allows SQL Injection.This issue affects WP Project Manager: from n/a through 2.6.0.

CVE ID : CVE-2023-34383
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/wedevs-project-manager/wordpress-wp-project-manager-task-team-and-project-management-plugin-featuring-kanban-board-and-gantt-charts-plugin-2-6-0-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-41652

First published on : 03-11-2023 12:15:08
Last modified on : 03-11-2023 13:22:30

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 10.6.6.

CVE ID : CVE-2023-41652
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/rsvpmaker/wordpress-rsvpmaker-plugin-10-6-6-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2022-45805

First published on : 03-11-2023 13:15:08
Last modified on : 03-11-2023 13:22:30

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Paytm Paytm Payment Gateway paytm-payments allows SQL Injection.This issue affects Paytm Payment Gateway: from n/a through 2.7.3.

CVE ID : CVE-2022-45805
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/paytm-payments/wordpress-paytm-payment-gateway-plugin-2-7-3-auth-sql-injection-sqli-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2022-46808

First published on : 03-11-2023 13:15:08
Last modified on : 03-11-2023 13:22:30

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems ARMember armember-membership allows SQL Injection.This issue affects ARMember: from n/a through 3.4.11.

CVE ID : CVE-2022-46808
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/armember-membership/wordpress-armember-3-4-11-sql-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2022-46859

First published on : 03-11-2023 13:15:08
Last modified on : 03-11-2023 13:22:30

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar spiffy-calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.1.

CVE ID : CVE-2022-46859
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/spiffy-calendar/wordpress-spiffy-calendar-plugin-4-9-1-auth-sql-injection-sqli-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2022-47426

First published on : 03-11-2023 13:15:08
Last modified on : 03-11-2023 13:22:30

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Neshan Maps Platform Neshan Maps neshan-maps allows SQL Injection.This issue affects Neshan Maps: from n/a through 1.1.4.

CVE ID : CVE-2022-47426
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/neshan-maps/wordpress-neshan-maps-plugin-1-1-4-sql-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2022-47445

First published on : 03-11-2023 13:15:08
Last modified on : 03-11-2023 13:22:30

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Web-X Be POPIA Compliant be-popia-compliant allows SQL Injection.This issue affects Be POPIA Compliant: from n/a through 1.2.0.

CVE ID : CVE-2022-47445
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/be-popia-compliant/wordpress-be-popia-compliant-plugin-1-2-0-sql-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-26015

First published on : 03-11-2023 13:15:08
Last modified on : 03-11-2023 13:22:30

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Richardson MapPress Maps for WordPress mappress-google-maps-for-wordpress allows SQL Injection.This issue affects MapPress Maps for WordPress: from n/a through 2.85.4.

CVE ID : CVE-2023-26015
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/mappress-google-maps-for-wordpress/wordpress-mappress-maps-for-wordpress-plugin-2-85-4-authenticated-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2022-46818

First published on : 03-11-2023 16:15:30
Last modified on : 03-11-2023 16:26:21

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Gopi Ramasamy Email posts to subscribers allows SQL Injection.This issue affects Email posts to subscribers: from n/a through 6.2.

CVE ID : CVE-2022-46818
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/email-posts-to-subscribers/wordpress-email-posts-to-subscribers-plugin-6-2-sql-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-25700

First published on : 03-11-2023 17:15:08
Last modified on : 03-11-2023 18:05:16

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.

CVE ID : CVE-2023-25700
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-unauthenticated-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-25800

First published on : 03-11-2023 17:15:08
Last modified on : 03-11-2023 18:05:16

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.2.0.

CVE ID : CVE-2023-25800
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-student-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-25990

First published on : 03-11-2023 17:15:08
Last modified on : 03-11-2023 18:05:16

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS allows SQL Injection.This issue affects Tutor LMS: from n/a through 2.1.10.

CVE ID : CVE-2023-25990
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/tutor/wordpress-tutor-lms-plugin-2-1-10-multiple-tutor-instructor-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-32121

First published on : 03-11-2023 17:15:08
Last modified on : 03-11-2023 18:05:16

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Highfivery LLC Zero Spam for WordPress allows SQL Injection.This issue affects Zero Spam for WordPress: from n/a through 5.4.4.

CVE ID : CVE-2023-32121
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/zero-spam/wordpress-zero-spam-for-wordpress-plugin-5-4-4-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-32508

First published on : 03-11-2023 17:15:08
Last modified on : 03-11-2023 18:05:16

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolf van Gelder Order Your Posts Manually allows SQL Injection.This issue affects Order Your Posts Manually: from n/a through 2.2.5.

CVE ID : CVE-2023-32508
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/order-your-posts-manually/wordpress-order-your-posts-manually-plugin-2-2-5-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-34179

First published on : 03-11-2023 17:15:08
Last modified on : 03-11-2023 18:05:16

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Groundhogg Inc. Groundhogg allows SQL Injection.This issue affects Groundhogg: from n/a through 2.7.11.

CVE ID : CVE-2023-34179
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/groundhogg/wordpress-groundhogg-plugin-2-7-10-3-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-36529

First published on : 03-11-2023 17:15:08
Last modified on : 03-11-2023 18:05:16

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Favethemes Houzez - Real Estate WordPress Theme allows SQL Injection.This issue affects Houzez - Real Estate WordPress Theme: from n/a through 1.3.4.

CVE ID : CVE-2023-36529
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/houzez-crm/wordpress-houzez-crm-plugin-1-3-3-sql-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.