Latest vulnerabilities of Friday, September 29, 2023

Latest vulnerabilities of Friday, September 29, 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Last update performed on 09/29/2023 at 11:58:02 PM

(1) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : sick.de

Vulnerability ID : CVE-2023-5288

First published on : 29-09-2023 12:15:13
Last modified on : 29-09-2023 12:45:25

Description :
A remote unauthorized attacker may connect to the SIM1012, interact with the device and change configuration settings. The adversary may also reset the SIM and in the worst case upload a new firmware version to the device.

CVE ID : CVE-2023-5288
Source : psirt@sick.de
CVSS Score : 9.8

References :
https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.json | source : psirt@sick.de
https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.pdf | source : psirt@sick.de
https://sick.com/psirt | source : psirt@sick.de

Vulnerability : CWE-284


(10) HIGH VULNERABILITIES [7.0, 8.9]

Source : tibco.com

Vulnerability ID : CVE-2023-26218

First published on : 29-09-2023 18:15:09
Last modified on : 29-09-2023 18:22:47

Description :
The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network access to execute scripts targeting the affected system or the victim's local system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Nimbus: versions 10.6.0 and below.

CVE ID : CVE-2023-26218
Source : security@tibco.com
CVSS Score : 8.0

References :
https://www.tibco.com/services/support/advisories | source : security@tibco.com

Vulnerability : CWE-79


Source : emc.com

Vulnerability ID : CVE-2023-32477

First published on : 29-09-2023 08:15:09
Last modified on : 29-09-2023 12:45:25

Description :
Dell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. A local low-privileged malicious user may potentially exploit this vulnerability to gain elevated privileges.

CVE ID : CVE-2023-32477
Source : security_alert@emc.com
CVSS Score : 7.8

References :
https://www.dell.com/support/kbdoc/en-us/000218120/dsa-2023-310-security-update-for-dell-emc-common-event-enabler | source : security_alert@emc.com

Vulnerability : CWE-284


Source : hashicorp.com

Vulnerability ID : CVE-2023-5077

First published on : 29-09-2023 00:15:12
Last modified on : 29-09-2023 04:19:01

Description :
The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0.

CVE ID : CVE-2023-5077
Source : security@hashicorp.com
CVSS Score : 7.6

References :
https://discuss.hashicorp.com/t/hcsec-2023-30-vault-s-google-cloud-secrets-engine-removed-existing-iam-conditions-when-creating-updating-rolesets/58654 | source : security@hashicorp.com

Vulnerability : CWE-732


Source : starlabs.sg

Vulnerability ID : CVE-2023-30591

First published on : 29-09-2023 06:15:09
Last modified on : 29-09-2023 12:45:33

Description :
Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively.

CVE ID : CVE-2023-30591
Source : info@starlabs.sg
CVSS Score : 7.5

References :
https://github.com/NodeBB/NodeBB/commit/37b48b82a4bc7680c6e4c42647209010cb239c2c | source : info@starlabs.sg
https://github.com/NodeBB/NodeBB/commit/4d2d76897a02e7068ab74c81d17a2febfae8bfb9 | source : info@starlabs.sg
https://github.com/NodeBB/NodeBB/commit/830f142b7aea2e597294a84d52c05aab3a3539ca | source : info@starlabs.sg
https://starlabs.sg/advisories/23/23-30591/ | source : info@starlabs.sg

Vulnerability : CWE-241


Source : patchstack.com

Vulnerability ID : CVE-2023-39308

First published on : 29-09-2023 14:15:10
Last modified on : 29-09-2023 16:15:10

Description :
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in UserFeedback Team User Feedback plugin <= 1.0.7 versions.

CVE ID : CVE-2023-39308
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/userfeedback-lite/wordpress-userfeedback-lite-plugin-1-0-7-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com
https://revan-ar.medium.com/cve-2023-39308-wordpress-plugin-user-feedback-1-0-7-unauthenticated-stored-xss-db992a01686a | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-41658

First published on : 29-09-2023 14:15:10
Last modified on : 29-09-2023 15:52:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Photo Gallery Slideshow & Masonry Tiled Gallery plugin <= 1.0.13 versions.

CVE ID : CVE-2023-41658
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/wp-responsive-photo-gallery/wordpress-photo-gallery-slideshow-masonry-tiled-gallery-plugin-1-0-13-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-41662

First published on : 29-09-2023 14:15:10
Last modified on : 29-09-2023 15:52:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ulf Benjaminsson WP-dTree plugin <= 4.4.5 versions.

CVE ID : CVE-2023-41662
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/wp-dtree-30/wordpress-wp-dtree-plugin-4-4-5-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-41663

First published on : 29-09-2023 14:15:10
Last modified on : 29-09-2023 15:52:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin <= 1.6.9 versions.

CVE ID : CVE-2023-41663
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/wp-bannerize-pro/wordpress-wp-bannerize-pro-plugin-1-6-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-41691

First published on : 29-09-2023 14:15:10
Last modified on : 29-09-2023 15:52:15

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pensopay WooCommerce PensoPay plugin <= 6.3.1 versions.

CVE ID : CVE-2023-41691
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/woo-pensopay/wordpress-woocommerce-pensopay-plugin-6-3-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Source : huntr.dev

Vulnerability ID : CVE-2023-5289

First published on : 29-09-2023 14:15:11
Last modified on : 29-09-2023 15:52:15

Description :
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4.

CVE ID : CVE-2023-5289
Source : security@huntr.dev
CVSS Score : 7.1

References :
https://github.com/ikus060/rdiffweb/commit/06f89b43469aae70e8833e55192721523f86c5a2 | source : security@huntr.dev
https://huntr.dev/bounties/8d0e0804-d3fd-49fe-bfa4-7a91135767ce | source : security@huntr.dev

Vulnerability : CWE-770


(47) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : gitlab.com

Vulnerability ID : CVE-2023-3413

First published on : 29-09-2023 09:15:10
Last modified on : 29-09-2023 12:45:25

Description :
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to only project members.

CVE ID : CVE-2023-3413
Source : cve@gitlab.com
CVSS Score : 6.5

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/416284 | source : cve@gitlab.com
https://hackerone.com/reports/2027967 | source : cve@gitlab.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-3115

First published on : 29-09-2023 07:15:13
Last modified on : 29-09-2023 12:45:33

Description :
An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members accessing public members-only project repositories.

CVE ID : CVE-2023-3115
Source : cve@gitlab.com
CVSS Score : 5.4

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/414367 | source : cve@gitlab.com
https://hackerone.com/reports/2004158 | source : cve@gitlab.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-3914

First published on : 29-09-2023 07:15:13
Last modified on : 29-09-2023 12:45:33

Description :
A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projects.

CVE ID : CVE-2023-3914
Source : cve@gitlab.com
CVSS Score : 5.4

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/418115 | source : cve@gitlab.com
https://hackerone.com/reports/2040822 | source : cve@gitlab.com

Vulnerability : CWE-840


Vulnerability ID : CVE-2023-0989

First published on : 29-09-2023 07:15:12
Last modified on : 29-09-2023 13:15:10

Description :
An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration.

CVE ID : CVE-2023-0989
Source : cve@gitlab.com
CVSS Score : 4.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/417275 | source : cve@gitlab.com
https://hackerone.com/reports/1875515 | source : cve@gitlab.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-3917

First published on : 29-09-2023 07:15:13
Last modified on : 29-09-2023 12:45:25

Description :
Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail.

CVE ID : CVE-2023-3917
Source : cve@gitlab.com
CVSS Score : 4.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/417896 | source : cve@gitlab.com
https://hackerone.com/reports/2055158 | source : cve@gitlab.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-3920

First published on : 29-09-2023 07:15:13
Last modified on : 29-09-2023 12:45:25

Description :
An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that a maintainer to create a fork relationship between existing projects contrary to the documentation.

CVE ID : CVE-2023-3920
Source : cve@gitlab.com
CVSS Score : 4.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/417481 | source : cve@gitlab.com
https://hackerone.com/reports/2058121 | source : cve@gitlab.com

Vulnerability : CWE-345


Vulnerability ID : CVE-2023-4532

First published on : 29-09-2023 07:15:14
Last modified on : 29-09-2023 12:45:25

Description :
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were capable of linking CI/CD jobs of private projects which they are not a member of.

CVE ID : CVE-2023-4532
Source : cve@gitlab.com
CVSS Score : 4.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/423357 | source : cve@gitlab.com
https://hackerone.com/reports/2084199 | source : cve@gitlab.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-5198

First published on : 29-09-2023 08:15:09
Last modified on : 29-09-2023 12:45:25

Description :
An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys.

CVE ID : CVE-2023-5198
Source : cve@gitlab.com
CVSS Score : 4.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/416957 | source : cve@gitlab.com
https://hackerone.com/reports/2041789 | source : cve@gitlab.com

Vulnerability : CWE-284


Source : mattermost.com

Vulnerability ID : CVE-2023-5195

First published on : 29-09-2023 10:15:10
Last modified on : 29-09-2023 12:45:25

Description :
Mattermost fails to properly validate the permissions when soft deleting a team allowing a team member to soft delete other teams that they are not part of

CVE ID : CVE-2023-5195
Source : responsibledisclosure@mattermost.com
CVSS Score : 6.5

References :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnerability : CWE-863


Vulnerability ID : CVE-2023-5196

First published on : 29-09-2023 10:15:10
Last modified on : 29-09-2023 12:45:25

Description :
Mattermost fails to enforce character limits in all possible notification props allowing an attacker to send a really long value for a notification_prop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming temporarily unavailable for its users.

CVE ID : CVE-2023-5196
Source : responsibledisclosure@mattermost.com
CVSS Score : 6.5

References :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnerability : CWE-400


Vulnerability ID : CVE-2023-5193

First published on : 29-09-2023 10:15:10
Last modified on : 29-09-2023 12:45:25

Description :
Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation.

CVE ID : CVE-2023-5193
Source : responsibledisclosure@mattermost.com
CVSS Score : 4.9

References :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnerability : CWE-863


Source : patchstack.com

Vulnerability ID : CVE-2023-41666

First published on : 29-09-2023 14:15:10
Last modified on : 29-09-2023 15:52:15

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Stockdio Stock Quotes List plugin <= 2.9.9 versions.

CVE ID : CVE-2023-41666
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/stock-quotes-list/wordpress-stock-quotes-list-plugin-2-9-9-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-41687

First published on : 29-09-2023 14:15:10
Last modified on : 29-09-2023 15:52:15

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Irina Sokolovskaya Goods Catalog plugin <= 2.4.1 versions.

CVE ID : CVE-2023-41687
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/goods-catalog/wordpress-goods-catalog-plugin-2-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-41655

First published on : 29-09-2023 14:15:10
Last modified on : 29-09-2023 15:52:15

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Andreas Heigl authLdap plugin <= 2.5.9 versions.

CVE ID : CVE-2023-41655
Source : audit@patchstack.com
CVSS Score : 5.9

References :
https://patchstack.com/database/vulnerability/authldap/wordpress-authldap-plugin-2-5-8-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-41657

First published on : 29-09-2023 14:15:10
Last modified on : 29-09-2023 15:52:15

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Groundhogg Inc. HollerBox plugin <= 2.3.2 versions.

CVE ID : CVE-2023-41657
Source : audit@patchstack.com
CVSS Score : 5.9

References :
https://patchstack.com/database/vulnerability/holler-box/wordpress-hollerbox-plugin-2-3-2-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-41661

First published on : 29-09-2023 14:15:10
Last modified on : 29-09-2023 15:52:15

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions.

CVE ID : CVE-2023-41661
Source : audit@patchstack.com
CVSS Score : 5.9

References :
https://patchstack.com/database/vulnerability/smarty-for-wordpress/wordpress-smarty-for-wordpress-plugin-3-1-35-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Source : github.com

Vulnerability ID : CVE-2023-43655

First published on : 29-09-2023 20:15:09
Last modified on : 29-09-2023 20:15:09

Description :
Composer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has `register_argc_argv` enabled in php.ini. Versions 2.6.4, 2.2.22 and 1.10.27 patch this vulnerability. Users are advised to upgrade. Users unable to upgrade should make sure `register_argc_argv` is disabled in php.ini, and avoid publishing composer.phar to the web as this is not best practice.

CVE ID : CVE-2023-43655
Source : security-advisories@github.com
CVSS Score : 6.4

References :
https://github.com/composer/composer/commit/4fce14795aba98e40b6c4f5047305aba17a6120d | source : security-advisories@github.com
https://github.com/composer/composer/commit/955a48e6319c8962e5cd421b07c00ab3c728968c | source : security-advisories@github.com
https://github.com/composer/composer/commit/95e091c921037b7b6564942845e7b738f6b95c9c | source : security-advisories@github.com
https://github.com/composer/composer/security/advisories/GHSA-jm6m-4632-36hf | source : security-advisories@github.com

Vulnerability : CWE-74


Source : vuldb.com

Vulnerability ID : CVE-2023-5258

First published on : 29-09-2023 12:15:13
Last modified on : 29-09-2023 12:45:25

Description :
A vulnerability classified as critical has been found in OpenRapid RapidCMS 1.3.1. This affects an unknown part of the file /resource/addgood.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240867.

CVE ID : CVE-2023-5258
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/OpenRapid/rapidcms/issues/9 | source : cna@vuldb.com
https://github.com/yhy217/rapidcms-vul/issues/4 | source : cna@vuldb.com
https://vuldb.com/?ctiid.240867 | source : cna@vuldb.com
https://vuldb.com/?id.240867 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5260

First published on : 29-09-2023 12:15:13
Last modified on : 29-09-2023 12:45:25

Description :
A vulnerability, which was classified as critical, has been found in SourceCodester Simple Membership System 1.0. This issue affects some unknown processing of the file group_validator.php. The manipulation of the argument club_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240869 was assigned to this vulnerability.

CVE ID : CVE-2023-5260
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/E1even-321/Membership-System/blob/main/Simple-Membership-System%20group_validator.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240869 | source : cna@vuldb.com
https://vuldb.com/?id.240869 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5262

First published on : 29-09-2023 14:15:11
Last modified on : 29-09-2023 15:52:15

Description :
A vulnerability has been found in OpenRapid RapidCMS 1.3.1 and classified as critical. Affected by this vulnerability is the function isImg of the file /admin/config/uploadicon.php. The manipulation of the argument fileName leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240871.

CVE ID : CVE-2023-5262
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/OpenRapid/rapidcms/issues/10 | source : cna@vuldb.com
https://github.com/yhy217/rapidcms-vul/issues/5 | source : cna@vuldb.com
https://vuldb.com/?ctiid.240871 | source : cna@vuldb.com
https://vuldb.com/?id.240871 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-5263

First published on : 29-09-2023 14:15:11
Last modified on : 29-09-2023 15:52:15

Description :
A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240872.

CVE ID : CVE-2023-5263
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/yhy217/zzzcms-vul/issues/1 | source : cna@vuldb.com
https://vuldb.com/?ctiid.240872 | source : cna@vuldb.com
https://vuldb.com/?id.240872 | source : cna@vuldb.com

Vulnerability : CWE-275


Vulnerability ID : CVE-2023-5264

First published on : 29-09-2023 15:15:10
Last modified on : 29-09-2023 15:52:15

Description :
A vulnerability classified as critical was found in huakecms 3.0. Affected by this vulnerability is an unknown functionality of the file /admin/cms_content.php. The manipulation of the argument cid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240877 was assigned to this vulnerability.

CVE ID : CVE-2023-5264
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/yhy217/huakecms-vul/issues/1 | source : cna@vuldb.com
https://vuldb.com/?ctiid.240877 | source : cna@vuldb.com
https://vuldb.com/?id.240877 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5266

First published on : 29-09-2023 15:15:10
Last modified on : 29-09-2023 15:52:15

Description :
A vulnerability, which was classified as critical, was found in DedeBIZ 6.2. This affects an unknown part of the file /src/admin/tags_main.php. The manipulation of the argument ids leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240879.

CVE ID : CVE-2023-5266
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/yhy217/dedebiz--vul/blob/main/time_injection.zip | source : cna@vuldb.com
https://github.com/yhy217/dedebiz--vul/issues/1 | source : cna@vuldb.com
https://vuldb.com/?ctiid.240879 | source : cna@vuldb.com
https://vuldb.com/?id.240879 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5268

First published on : 29-09-2023 16:15:10
Last modified on : 29-09-2023 17:27:25

Description :
A vulnerability was found in DedeBIZ 6.2 and classified as critical. This issue affects some unknown processing of the file /src/admin/makehtml_taglist_action.php. The manipulation of the argument mktime leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240881 was assigned to this vulnerability.

CVE ID : CVE-2023-5268
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/yhy217/dedebiz--vul/issues/2 | source : cna@vuldb.com
https://vuldb.com/?ctiid.240881 | source : cna@vuldb.com
https://vuldb.com/?id.240881 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5276

First published on : 29-09-2023 18:15:09
Last modified on : 29-09-2023 18:22:47

Description :
A vulnerability classified as critical was found in SourceCodester Engineers Online Portal 1.0. This vulnerability affects unknown code of the file downloadable_student.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-240904.

CVE ID : CVE-2023-5276
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20downloadable_student.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240904 | source : cna@vuldb.com
https://vuldb.com/?id.240904 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5277

First published on : 29-09-2023 18:15:09
Last modified on : 29-09-2023 18:22:47

Description :
A vulnerability, which was classified as critical, has been found in SourceCodester Engineers Online Portal 1.0. This issue affects some unknown processing of the file student_avatar.php. The manipulation of the argument change leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240905 was assigned to this vulnerability.

CVE ID : CVE-2023-5277
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20has%20a%20file%20upload%20(RCE)%20vulnerability.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240905 | source : cna@vuldb.com
https://vuldb.com/?id.240905 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-5278

First published on : 29-09-2023 18:15:10
Last modified on : 29-09-2023 18:22:47

Description :
A vulnerability, which was classified as critical, was found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-240906 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-5278
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20login.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240906 | source : cna@vuldb.com
https://vuldb.com/?id.240906 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5279

First published on : 29-09-2023 18:15:10
Last modified on : 29-09-2023 18:22:47

Description :
A vulnerability has been found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file my_classmates.php. The manipulation of the argument teacher_class_student_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240907.

CVE ID : CVE-2023-5279
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20my_classmates.php%20%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240907 | source : cna@vuldb.com
https://vuldb.com/?id.240907 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5280

First published on : 29-09-2023 18:15:10
Last modified on : 29-09-2023 18:22:47

Description :
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file my_students.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240908.

CVE ID : CVE-2023-5280
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20my_students.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240908 | source : cna@vuldb.com
https://vuldb.com/?id.240908 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5281

First published on : 29-09-2023 19:15:09
Last modified on : 29-09-2023 19:15:09

Description :
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as critical. This affects an unknown part of the file remove_inbox_message.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240909 was assigned to this vulnerability.

CVE ID : CVE-2023-5281
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20remove_inbox_message.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240909 | source : cna@vuldb.com
https://vuldb.com/?id.240909 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5282

First published on : 29-09-2023 19:15:09
Last modified on : 29-09-2023 19:15:09

Description :
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as critical. This vulnerability affects unknown code of the file seed_message_student.php. The manipulation of the argument teacher_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-240910 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-5282
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20seed_message_student.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240910 | source : cna@vuldb.com
https://vuldb.com/?id.240910 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5283

First published on : 29-09-2023 20:15:10
Last modified on : 29-09-2023 20:15:10

Description :
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file teacher_signup.php. The manipulation of the argument firstname/lastname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240911.

CVE ID : CVE-2023-5283
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20teacher_signup.php%20%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240911 | source : cna@vuldb.com
https://vuldb.com/?id.240911 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5284

First published on : 29-09-2023 20:15:10
Last modified on : 29-09-2023 20:15:10

Description :
A vulnerability classified as critical has been found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file upload_save_student.php. The manipulation of the argument uploaded_file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240912.

CVE ID : CVE-2023-5284
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Engineers%20Online%20Portal%20System%20upload_save_student.php%20has%20a%20file%20upload%20(RCE)%20vulnerability.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240912 | source : cna@vuldb.com
https://vuldb.com/?id.240912 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-5285

First published on : 29-09-2023 20:15:10
Last modified on : 29-09-2023 20:15:10

Description :
A vulnerability classified as critical was found in Tongda OA 2017. Affected by this vulnerability is an unknown functionality of the file general/hr/recruit/recruitment/delete.php. The manipulation of the argument RECRUITMENT_ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-240913 was assigned to this vulnerability.

CVE ID : CVE-2023-5285
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/OliverWu23/cve/blob/main/sql.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.240913 | source : cna@vuldb.com
https://vuldb.com/?id.240913 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5261

First published on : 29-09-2023 12:15:13
Last modified on : 29-09-2023 12:45:25

Description :
A vulnerability, which was classified as critical, was found in Tongda OA 2017. Affected is an unknown function of the file general/hr/manage/staff_title_evaluation/delete.php. The manipulation of the argument EVALUATION_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240870 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-5261
Source : cna@vuldb.com
CVSS Score : 5.5

References :
https://github.com/csbsong/bug_report/blob/main/sql2.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.240870 | source : cna@vuldb.com
https://vuldb.com/?id.240870 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5265

First published on : 29-09-2023 15:15:10
Last modified on : 29-09-2023 15:52:15

Description :
A vulnerability, which was classified as critical, has been found in Tongda OA 2017. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_transfer/delete.php. The manipulation of the argument TRANSFER_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240878 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-5265
Source : cna@vuldb.com
CVSS Score : 5.5

References :
https://github.com/YaGaoT/cve/blob/main/sql.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.240878 | source : cna@vuldb.com
https://vuldb.com/?id.240878 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5267

First published on : 29-09-2023 15:15:10
Last modified on : 29-09-2023 15:52:15

Description :
A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/hr_pool/delete.php. The manipulation of the argument EXPERT_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-240880.

CVE ID : CVE-2023-5267
Source : cna@vuldb.com
CVSS Score : 5.5

References :
https://github.com/kpz-wm/cve/blob/main/sql.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.240880 | source : cna@vuldb.com
https://vuldb.com/?id.240880 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5269

First published on : 29-09-2023 16:15:10
Last modified on : 29-09-2023 17:27:25

Description :
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as critical. Affected is an unknown function of the file parcel_list.php of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-240882 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-5269
Source : cna@vuldb.com
CVSS Score : 5.5

References :
https://github.com/E1CHO/cve_hub/blob/main/Best%20courier%20management%20system/Best%20courier%20management%20system%20project%20in%20php%20-%20vuln%201.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240882 | source : cna@vuldb.com
https://vuldb.com/?id.240882 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5270

First published on : 29-09-2023 16:15:10
Last modified on : 29-09-2023 17:27:25

Description :
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_parcel.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240883.

CVE ID : CVE-2023-5270
Source : cna@vuldb.com
CVSS Score : 5.5

References :
https://github.com/E1CHO/cve_hub/blob/main/Best%20courier%20management%20system/Best%20courier%20management%20system%20project%20in%20php%20-%20vuln%202.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240883 | source : cna@vuldb.com
https://vuldb.com/?id.240883 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5271

First published on : 29-09-2023 16:15:10
Last modified on : 29-09-2023 17:27:25

Description :
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file edit_parcel.php. The manipulation of the argument email leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240884.

CVE ID : CVE-2023-5271
Source : cna@vuldb.com
CVSS Score : 5.5

References :
https://github.com/E1CHO/cve_hub/blob/main/Best%20courier%20management%20system/Best%20courier%20management%20system%20project%20in%20php%20-%20vuln%203.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240884 | source : cna@vuldb.com
https://vuldb.com/?id.240884 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5272

First published on : 29-09-2023 17:15:48
Last modified on : 29-09-2023 17:27:25

Description :
A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. This affects an unknown part of the file edit_parcel.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-240885 was assigned to this vulnerability.

CVE ID : CVE-2023-5272
Source : cna@vuldb.com
CVSS Score : 5.5

References :
https://github.com/E1CHO/cve_hub/blob/main/Best%20courier%20management%20system/Best%20courier%20management%20system%20project%20in%20php%20-%20vuln%204.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240885 | source : cna@vuldb.com
https://vuldb.com/?id.240885 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5293

First published on : 29-09-2023 21:15:10
Last modified on : 29-09-2023 21:15:10

Description :
A vulnerability, which was classified as critical, was found in ECshop 4.1.5. Affected is an unknown function of the file /admin/leancloud.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240924.

CVE ID : CVE-2023-5293
Source : cna@vuldb.com
CVSS Score : 4.7

References :
https://github.com/xhcccan/code/issues/1 | source : cna@vuldb.com
https://vuldb.com/?ctiid.240924 | source : cna@vuldb.com
https://vuldb.com/?id.240924 | source : cna@vuldb.com

Vulnerability : CWE-89


Source : snyk.io

Vulnerability ID : CVE-2023-26146

First published on : 29-09-2023 05:15:46
Last modified on : 29-09-2023 12:45:33

Description :
All versions of the package ithewei/libhv are vulnerable to Cross-site Scripting (XSS) such that when a file with a name containing a malicious payload is served by the application, the filename is displayed without proper sanitization when it is rendered.

CVE ID : CVE-2023-26146
Source : report@snyk.io
CVSS Score : 6.1

References :
https://gist.github.com/dellalibera/c53448135480cbe12257c4b413a90d20 | source : report@snyk.io
https://security.snyk.io/vuln/SNYK-UNMANAGED-ITHEWEILIBHV-5730766 | source : report@snyk.io


Vulnerability ID : CVE-2023-26148

First published on : 29-09-2023 05:15:46
Last modified on : 29-09-2023 12:45:33

Description :
All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An attacker can add the \r\n (carriage return line feeds) characters and inject additional headers in the request sent.

CVE ID : CVE-2023-26148
Source : report@snyk.io
CVSS Score : 5.4

References :
https://gist.github.com/dellalibera/65d136066fdd5ea4dddaadaa9b0ba90e | source : report@snyk.io
https://security.snyk.io/vuln/SNYK-UNMANAGED-ITHEWEILIBHV-5730769 | source : report@snyk.io


Vulnerability ID : CVE-2023-26147

First published on : 29-09-2023 05:15:46
Last modified on : 29-09-2023 12:45:33

Description :
All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. An attacker can add the \r\n (carriage return line feeds) characters to end the HTTP response headers and inject malicious content, like for example additional headers or new response body, leading to a potential XSS vulnerability.

CVE ID : CVE-2023-26147
Source : report@snyk.io
CVSS Score : 5.3

References :
https://gist.github.com/dellalibera/2be265b56b7b3b00de1a777b9dec0c7b | source : report@snyk.io
https://security.snyk.io/vuln/SNYK-UNMANAGED-ITHEWEILIBHV-5730768 | source : report@snyk.io


Source : silabs.com

Vulnerability ID : CVE-2023-3024

First published on : 29-09-2023 17:15:47
Last modified on : 29-09-2023 17:27:25

Description :
Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access.

CVE ID : CVE-2023-3024
Source : product-security@silabs.com
CVSS Score : 5.9

References :
https://github.com/SiliconLabs/gecko_sdk | source : product-security@silabs.com
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ViQvHQAV/?operationContext=S1 | source : product-security@silabs.com

Vulnerability : CWE-119


Source : hashicorp.com

Vulnerability ID : CVE-2023-3775

First published on : 29-09-2023 00:15:12
Last modified on : 29-09-2023 04:19:01

Description :
A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in denial of service. Fixed in Vault Enterprise 1.15.0, 1.14.4, 1.13.8.

CVE ID : CVE-2023-3775
Source : security@hashicorp.com
CVSS Score : 4.2

References :
https://discuss.hashicorp.com/t/hcsec-2023-29-vault-enterprise-s-sentinel-rgp-policies-allowed-for-cross-namespace-denial-of-service/58653 | source : security@hashicorp.com

Vulnerability : CWE-20


(11) LOW VULNERABILITIES [0.1, 3.9]

Source : mattermost.com

Vulnerability ID : CVE-2023-5159

First published on : 29-09-2023 10:15:10
Last modified on : 29-09-2023 12:45:25

Description :
Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots.

CVE ID : CVE-2023-5159
Source : responsibledisclosure@mattermost.com
CVSS Score : 3.8

References :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnerability : CWE-863


Vulnerability ID : CVE-2023-5194

First published on : 29-09-2023 10:15:10
Last modified on : 29-09-2023 12:45:25

Description :
Mattermost fails to properly validate permissions when demoting and deactivating a user allowing for a system/user manager to demote / deactivate another manager

CVE ID : CVE-2023-5194
Source : responsibledisclosure@mattermost.com
CVSS Score : 2.7

References :
https://mattermost.com/security-updates | source : responsibledisclosure@mattermost.com

Vulnerability : CWE-863


Source : gitlab.com

Vulnerability ID : CVE-2023-3906

First published on : 29-09-2023 07:15:13
Last modified on : 29-09-2023 12:45:33

Description :
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy.

CVE ID : CVE-2023-3906
Source : cve@gitlab.com
CVSS Score : 3.5

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/419213 | source : cve@gitlab.com
https://hackerone.com/reports/2071411 | source : cve@gitlab.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-2233

First published on : 29-09-2023 07:15:12
Last modified on : 29-09-2023 12:45:33

Description :
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting from 16.4 before 16.4.1. It allows a project reporter to leak the owner's Sentry instance projects.

CVE ID : CVE-2023-2233
Source : cve@gitlab.com
CVSS Score : 3.1

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/408359 | source : cve@gitlab.com
https://hackerone.com/reports/1947211 | source : cve@gitlab.com

Vulnerability : CWE-285


Vulnerability ID : CVE-2023-3979

First published on : 29-09-2023 07:15:13
Last modified on : 29-09-2023 12:45:25

Description :
An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that upstream members to collaborate with you on your branch get permission to write to the merge requestโ€™s source branch.

CVE ID : CVE-2023-3979
Source : cve@gitlab.com
CVSS Score : 3.1

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/419972 | source : cve@gitlab.com
https://hackerone.com/reports/2082560 | source : cve@gitlab.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-3922

First published on : 29-09-2023 08:15:09
Last modified on : 29-09-2023 12:45:25

Description :
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page.

CVE ID : CVE-2023-3922
Source : cve@gitlab.com
CVSS Score : 3.0

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/394770 | source : cve@gitlab.com
https://hackerone.com/reports/1887323 | source : cve@gitlab.com

Vulnerability : CWE-74


Source : vuldb.com

Vulnerability ID : CVE-2023-5257

First published on : 29-09-2023 11:15:41
Last modified on : 29-09-2023 12:45:25

Description :
A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. It has been rated as problematic. Affected by this issue is the function handleFileRequest of the file src/main/java/com/feihong/ldap/HTTPServer.java. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. VDB-240866 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-5257
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/WhiteHSBG/JNDIExploit/issues/10 | source : cna@vuldb.com
https://vuldb.com/?ctiid.240866 | source : cna@vuldb.com
https://vuldb.com/?id.240866 | source : cna@vuldb.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2023-5273

First published on : 29-09-2023 17:15:48
Last modified on : 29-09-2023 17:27:25

Description :
A vulnerability classified as problematic was found in SourceCodester Best Courier Management System 1.0. This vulnerability affects unknown code of the file manage_parcel_status.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-240886 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-5273
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/E1CHO/cve_hub/blob/main/Best%20courier%20management%20system/Best%20courier%20management%20system%20project%20in%20php%20-%20vuln%206.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.240886 | source : cna@vuldb.com
https://vuldb.com/?id.240886 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5286

First published on : 29-09-2023 20:15:10
Last modified on : 29-09-2023 20:15:10

Description :
A vulnerability, which was classified as problematic, has been found in SourceCodester Expense Tracker App v1. Affected by this issue is some unknown functionality of the file add_category.php of the component Category Handler. The manipulation of the argument category_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-240914 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-5286
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/xcodeOn1/XSS-Stored-Expense-Tracker-App | source : cna@vuldb.com
https://vuldb.com/?ctiid.240914 | source : cna@vuldb.com
https://vuldb.com/?id.240914 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5259

First published on : 29-09-2023 12:15:13
Last modified on : 29-09-2023 12:45:25

Description :
A vulnerability classified as problematic was found in ForU CMS. This vulnerability affects unknown code of the file /admin/cms_admin.php. The manipulation of the argument del leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-240868.

CVE ID : CVE-2023-5259
Source : cna@vuldb.com
CVSS Score : 2.7

References :
https://github.com/RCEraser/cve/blob/main/ForU-CMS.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.240868 | source : cna@vuldb.com
https://vuldb.com/?id.240868 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2023-5287

First published on : 29-09-2023 21:15:10
Last modified on : 29-09-2023 21:15:10

Description :
** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in BEECMS 4.0. This affects an unknown part of the file /admin/admin_content_tag.php?action=save_content. The manipulation of the argument tag leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240915. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE ID : CVE-2023-5287
Source : cna@vuldb.com
CVSS Score : 2.4

References :
https://github.com/zhenjiaqi/CVE/issues/1 | source : cna@vuldb.com
https://vuldb.com/?ctiid.240915 | source : cna@vuldb.com
https://vuldb.com/?id.240915 | source : cna@vuldb.com

Vulnerability : CWE-79


(7) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2023-44464

First published on : 29-09-2023 05:15:46
Last modified on : 29-09-2023 12:45:33

Description :
pretix before 2023.7.2 allows Pillow to parse EPS files.

CVE ID : CVE-2023-44464
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/pretix/pretix/commit/8583bfb7d97263e9e923ad5d7f123ca1cadc8f2e | source : cve@mitre.org
https://github.com/pretix/pretix/compare/v2023.7.1...v2023.7.2 | source : cve@mitre.org
https://github.com/pretix/pretix/tags | source : cve@mitre.org
https://pretix.eu/about/en/ticketing | source : cve@mitre.org


Vulnerability ID : CVE-2023-44466

First published on : 29-09-2023 06:15:11
Last modified on : 29-09-2023 12:45:33

Description :
An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in ceph_decode_32.

CVE ID : CVE-2023-44466
Source : cve@mitre.org
CVSS Score : /

References :
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a282a2f10539dce2aa619e71e1817570d557fc97 | source : cve@mitre.org
https://github.com/google/security-research/security/advisories/GHSA-jg27-jx6w-xwph | source : cve@mitre.org
https://github.com/torvalds/linux/commit/a282a2f10539dce2aa619e71e1817570d557fc97 | source : cve@mitre.org
https://www.spinics.net/lists/ceph-devel/msg57909.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-44469

First published on : 29-09-2023 07:15:14
Last modified on : 29-09-2023 12:45:25

Description :
A Server-Side Request Forgery issue in the OpenID Connect Issuer in LemonLDAP::NG before 2.17.1 allows authenticated remote attackers to send GET requests to arbitrary URLs through the request_uri authorization parameter. This is similar to CVE-2020-10770.

CVE ID : CVE-2023-44469
Source : cve@mitre.org
CVSS Score : /

References :
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2998 | source : cve@mitre.org
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/releases/v2.17.1 | source : cve@mitre.org
https://security.lauritz-holtmann.de/post/sso-security-ssrf/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-43909

First published on : 29-09-2023 13:15:10
Last modified on : 29-09-2023 15:52:15

Description :
Hospital Management System thru commit 4770d was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php.

CVE ID : CVE-2023-43909
Source : cve@mitre.org
CVSS Score : /

References :
https://www.notion.so/SQL-Injection-vulnerability-in-app_contact-parameter-on-appsearch-php-directory-2e3daa8975164ee18217c52c43ae1a22 | source : cve@mitre.org


Vulnerability ID : CVE-2023-43944

First published on : 29-09-2023 13:15:10
Last modified on : 29-09-2023 15:52:15

Description :
A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list.

CVE ID : CVE-2023-43944
Source : cve@mitre.org
CVSS Score : /

References :
https://purring-climb-52a.notion.site/Reflected-Cross-site-scripting-b6fd50b94b464313847bb52d4049154f?pvs=4 | source : cve@mitre.org


Vulnerability ID : CVE-2022-35908

First published on : 29-09-2023 21:15:09
Last modified on : 29-09-2023 21:15:09

Description :
Cambium Enterprise Wi-Fi System Software before 6.4.2 does not sanitize the ping host argument in device-agent.

CVE ID : CVE-2022-35908
Source : cve@mitre.org
CVSS Score : /

References :
https://community.cambiumnetworks.com/t/enterprise-wi-fi-system-software-release-6-4-2/87229 | source : cve@mitre.org
https://www.cambiumnetworks.com/support/security/ | source : cve@mitre.org


Source : apache.org

Vulnerability ID : CVE-2023-39410

First published on : 29-09-2023 17:15:46
Last modified on : 29-09-2023 18:15:09

Description :
When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should update to apache-avro version 1.11.3 which addresses this issue.

CVE ID : CVE-2023-39410
Source : security@apache.org
CVSS Score : /

References :
http://www.openwall.com/lists/oss-security/2023/09/29/6 | source : security@apache.org
https://lists.apache.org/thread/q142wj99cwdd0jo5lvdoxzoymlqyjdds | source : security@apache.org

Vulnerability : CWE-20


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.