Latest vulnerabilities of Monday, November 13, 2023 + weekend

Latest vulnerabilities of Monday, November 13, 2023 + weekend
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Last update performed on 11/13/2023 at 11:57:02 PM

(6) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : jci.com

Vulnerability ID : CVE-2023-4804

First published on : 10-11-2023 23:15:07
Last modified on : 13-11-2023 03:16:20

Description :
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed.

CVE ID : CVE-2023-4804
Source : productsecurity@jci.com
CVSS Score : 10.0

References :
https://www.cisa.gov/news-events/ics-advisories/icsa-23-313-01 | source : productsecurity@jci.com
https://www.johnsoncontrols.com/cyber-solutions/security-advisories | source : productsecurity@jci.com

Vulnerability : CWE-489


Source : huntr.dev

Vulnerability ID : CVE-2023-6069

First published on : 10-11-2023 01:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Improper Input Validation in GitHub repository froxlor/froxlor prior to 2.1.0.

CVE ID : CVE-2023-6069
Source : security@huntr.dev
CVSS Score : 9.9

References :
https://github.com/froxlor/froxlor/commit/9e8f32f1e86016733b603b50c31b97f472e8dabc | source : security@huntr.dev
https://huntr.com/bounties/aac0627e-e59d-476e-9385-edb7ff53758c | source : security@huntr.dev

Vulnerability : CWE-20


Source : mitre.org

Vulnerability ID : CVE-2023-47246

First published on : 10-11-2023 06:15:30
Last modified on : 13-11-2023 17:28:37

Description :
In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.

CVE ID : CVE-2023-47246
Source : cve@mitre.org
CVSS Score : 9.8

References :
https://documentation.sysaid.com/docs/latest-version-installation-files | source : cve@mitre.org
https://documentation.sysaid.com/docs/on-premise-security-enhancements-2023 | source : cve@mitre.org
https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification | source : cve@mitre.org

Vulnerability : CWE-22

Vulnerable product(s) : cpe:2.3:a:sysaid:sysaid_on-premises:*:*:*:*:*:*:*:*


Source : incibe.es

Vulnerability ID : CVE-2023-6097

First published on : 13-11-2023 13:15:08
Last modified on : 13-11-2023 14:12:08

Description :
A SQL injection vulnerability has been found in ICS Business Manager, affecting version 7.06.0028.7089. This vulnerability could allow a remote user to send a specially crafted SQL query and retrieve all the information stored in the database. The data could also be modified or deleted, causing the application to malfunction.

CVE ID : CVE-2023-6097
Source : cve-coordination@incibe.es
CVSS Score : 9.4

References :
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-icssolution-ics-business-manager | source : cve-coordination@incibe.es

Vulnerability : CWE-89


Source : github.com

Vulnerability ID : CVE-2023-46729

First published on : 10-11-2023 01:15:07
Last modified on : 13-11-2023 03:16:20

Description :
sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This issue only affects users who have Next.js SDK tunneling feature enabled. The problem has been fixed in version 7.77.0.

CVE ID : CVE-2023-46729
Source : security-advisories@github.com
CVSS Score : 9.3

References :
https://github.com/getsentry/sentry-javascript/commit/ddbda3c02c35aba8c5235e0cf07fc5bf656f81be | source : security-advisories@github.com
https://github.com/getsentry/sentry-javascript/pull/9415 | source : security-advisories@github.com
https://github.com/getsentry/sentry-javascript/security/advisories/GHSA-2rmr-xw8m-22q9 | source : security-advisories@github.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-47128

First published on : 10-11-2023 18:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Piccolo is an object-relational mapping and query builder which supports asyncio. Prior to version 1.1.1, the handling of named transaction `savepoints` in all database implementations is vulnerable to SQL Injection via f-strings. While the likelihood of an end developer exposing a `savepoints` `name` parameter to a user is highly unlikely, it would not be unheard of. If a malicious user was able to abuse this functionality they would have essentially direct access to the database and the ability to modify data to the level of permissions associated with the database user. A non exhaustive list of actions possible based on database permissions is: Read all data stored in the database, including usernames and password hashes; insert arbitrary data into the database, including modifying existing records; and gain a shell on the underlying server. Version 1.1.1 fixes this issue.

CVE ID : CVE-2023-47128
Source : security-advisories@github.com
CVSS Score : 9.1

References :
https://github.com/piccolo-orm/piccolo/commit/82679eb8cd1449cf31d87c9914a072e70168b6eb | source : security-advisories@github.com
https://github.com/piccolo-orm/piccolo/security/advisories/GHSA-xq59-7jf3-rjc6 | source : security-advisories@github.com

Vulnerability : CWE-89


(28) HIGH VULNERABILITIES [7.0, 8.9]

Source : qnapsecurity.com.tw

Vulnerability ID : CVE-2023-39295

First published on : 10-11-2023 16:15:32
Last modified on : 13-11-2023 03:16:20

Description :
An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.3 and later

CVE ID : CVE-2023-39295
Source : security@qnapsecurity.com.tw
CVSS Score : 8.8

References :
https://www.qnap.com/en/security-advisory/qsa-23-50 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-78


Vulnerability ID : CVE-2023-41284

First published on : 10-11-2023 16:15:32
Last modified on : 13-11-2023 03:16:20

Description :
A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.4 and later

CVE ID : CVE-2023-41284
Source : security@qnapsecurity.com.tw
CVSS Score : 7.4

References :
https://www.qnap.com/en/security-advisory/qsa-23-50 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-41285

First published on : 10-11-2023 16:15:32
Last modified on : 13-11-2023 03:16:20

Description :
A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.4 and later

CVE ID : CVE-2023-41285
Source : security@qnapsecurity.com.tw
CVSS Score : 7.4

References :
https://www.qnap.com/en/security-advisory/qsa-23-50 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-89


Source : patchstack.com

Vulnerability ID : CVE-2023-26516

First published on : 13-11-2023 00:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in WPIndeed Debug Assistant plugin <= 1.4 versions.

CVE ID : CVE-2023-26516
Source : audit@patchstack.com
CVSS Score : 8.8

References :
https://patchstack.com/database/vulnerability/debug-assistant/wordpress-debug-assistant-plugin-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-35041

First published on : 13-11-2023 03:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability leading to Local File Inclusion (LF) in Webpushr Web Push Notifications Web Push Notifications – Webpushr plugin <= 4.34.0 versions.

CVE ID : CVE-2023-35041
Source : audit@patchstack.com
CVSS Score : 8.8

References :
https://patchstack.com/database/vulnerability/webpushr-web-push-notifications/wordpress-web-push-notifications-webpushr-plugin-4-34-0-csrf-leading-to-lfi-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-23800

First published on : 13-11-2023 03:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin — Shortcodes Ultimate.This issue affects WP Shortcodes Plugin — Shortcodes Ultimate: from n/a through 5.12.6.

CVE ID : CVE-2023-23800
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/shortcodes-ultimate/wordpress-shortcodes-ultimate-plugin-5-12-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-46634

First published on : 13-11-2023 04:15:08
Last modified on : 13-11-2023 14:12:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in phoeniixx Custom My Account for Woocommerce allows Cross-Site Scripting (XSS).This issue affects Custom My Account for Woocommerce: from n/a through 2.1.

CVE ID : CVE-2023-46634
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/custom-my-account-for-woocommerce/wordpress-custom-my-account-for-woocommerce-plugin-2-1-csrf-to-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-47516

First published on : 13-11-2023 04:15:08
Last modified on : 13-11-2023 14:12:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Stark Digital Category Post List Widget allows Stored XSS.This issue affects Category Post List Widget: from n/a through 2.0.

CVE ID : CVE-2023-47516
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/category-post-list-widget/wordpress-category-post-list-widget-plugin-2-0-csrf-to-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-47652

First published on : 13-11-2023 04:15:08
Last modified on : 13-11-2023 14:12:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links allows Stored XSS.This issue affects Auto Affiliate Links: from n/a through 6.4.2.4.

CVE ID : CVE-2023-47652
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/wp-auto-affiliate-links/wordpress-auto-affiliate-links-plugin-6-4-2-3-csrf-lead-to-stored-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-46201

First published on : 13-11-2023 05:15:08
Last modified on : 13-11-2023 14:12:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration allows Stored XSS.This issue affects Auto Login New User After Registration: from n/a through 1.9.6.

CVE ID : CVE-2023-46201
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/auto-login-new-user-after-registration/wordpress-auto-login-new-user-after-registration-plugin-1-9-6-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-40335

First published on : 13-11-2023 10:15:07
Last modified on : 13-11-2023 14:12:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Jeremy O'Connell Cleverwise Daily Quotes allows Stored XSS.This issue affects Cleverwise Daily Quotes: from n/a through 3.2.

CVE ID : CVE-2023-40335
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/cleverwise-daily-quotes/wordpress-cleverwise-daily-quotes-plugin-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-46092

First published on : 13-11-2023 10:15:07
Last modified on : 13-11-2023 14:12:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.Com Webmaster Tools allows Stored XSS.This issue affects Webmaster Tools: from n/a through 2.0.

CVE ID : CVE-2023-46092
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/webmaster-tools/wordpress-webmaster-tools-plugin-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-35877

First published on : 13-11-2023 17:15:07
Last modified on : 13-11-2023 18:44:54

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Vadym K. Extra User Details allows Stored XSS.This issue affects Extra User Details: from n/a through 0.5.

CVE ID : CVE-2023-35877
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/extra-user-details/wordpress-extra-user-details-plugin-0-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-39166

First published on : 13-11-2023 17:15:07
Last modified on : 13-11-2023 18:44:54

Description :
Cross-Site Request Forgery (CSRF) vulnerability in tagDiv tagDiv Composer allows Cross-Site Scripting (XSS).This issue affects tagDiv Composer: from n/a before 4.4.

CVE ID : CVE-2023-39166
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/td-composer/wordpress-tagdiv-composer-plugin-4-1-csrf-to-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-31230

First published on : 13-11-2023 18:15:07
Last modified on : 13-11-2023 18:44:54

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Haoqisir Baidu Tongji generator allows Stored XSS.This issue affects Baidu Tongji generator: from n/a through 1.0.2.

CVE ID : CVE-2023-31230
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/baidu-tongji-generator/wordpress-baidu-tongji-generator-plugin-1-0-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-32123

First published on : 13-11-2023 18:15:07
Last modified on : 13-11-2023 18:44:54

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Dream-Theme The7 allows Stored XSS.This issue affects The7: from n/a through 11.7.3.

CVE ID : CVE-2023-32123
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/dt-the7/wordpress-the7-website-and-ecommerce-builder-for-wordpress-theme-11-0-3-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Source : github.com

Vulnerability ID : CVE-2023-47621

First published on : 13-11-2023 20:15:28
Last modified on : 13-11-2023 20:15:28

Description :
Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files. This may lead to code execution on the server by authenticated users. This vulnerability is fixed in v3.1.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-47621
Source : security-advisories@github.com
CVSS Score : 8.8

References :
https://github.com/duncanmcclean/guest-entries/commit/a8e17b4413bfbbc337a887761a6c858ef1ddb4da | source : security-advisories@github.com
https://github.com/duncanmcclean/guest-entries/security/advisories/GHSA-rw82-mhmx-grmj | source : security-advisories@github.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-47129

First published on : 10-11-2023 19:15:16
Last modified on : 13-11-2023 03:16:20

Description :
Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just _any_ arbitrary form. This does not affect the control panel. This issue has been patched in 3.4.13 and 4.33.0.

CVE ID : CVE-2023-47129
Source : security-advisories@github.com
CVSS Score : 8.3

References :
https://github.com/statamic/cms/commit/098ef8024d97286ca501273c18ae75b646262d75 | source : security-advisories@github.com
https://github.com/statamic/cms/commit/f6c688154f6bdbd0b67039f8f11dcd98ba061e77 | source : security-advisories@github.com
https://github.com/statamic/cms/security/advisories/GHSA-72hg-5wr5-rmfc | source : security-advisories@github.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-47120

First published on : 10-11-2023 16:15:33
Last modified on : 13-11-2023 03:16:20

Description :
Discourse is an open source platform for community discussion. In versions 3.1.0 through 3.1.2 of the `stable` branch and versions 3.1.0,beta6 through 3.2.0.beta2 of the `beta` and `tests-passed` branches, Redis memory can be depleted by crafting a site with an abnormally long favicon URL and drafting multiple posts which Onebox it. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds.

CVE ID : CVE-2023-47120
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/discourse/discourse/commit/95a82d608d6377faf68a0e2c5d9640b043557852 | source : security-advisories@github.com
https://github.com/discourse/discourse/commit/e910dd09140cb4abc3a563b95af4a137ca7fa0ce | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-77cw-xhj8-hfp3 | source : security-advisories@github.com

Vulnerability : CWE-770


Vulnerability ID : CVE-2023-47108

First published on : 10-11-2023 19:15:16
Last modified on : 13-11-2023 03:16:20

Description :
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`.

CVE ID : CVE-2023-47108
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/open-telemetry/opentelemetry-go-contrib/blob/9d4eb7e7706038b07d33f83f76afbe13f53d171d/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go#L327 | source : security-advisories@github.com
https://github.com/open-telemetry/opentelemetry-go-contrib/blob/instrumentation/google.golang.org/grpc/otelgrpc/v0.45.0/instrumentation/google.golang.org/grpc/otelgrpc/config.go#L138 | source : security-advisories@github.com
https://github.com/open-telemetry/opentelemetry-go-contrib/commit/b44dfc9092b157625a5815cb437583cee663333b | source : security-advisories@github.com
https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4322 | source : security-advisories@github.com
https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-8pgv-569h-w5rw | source : security-advisories@github.com
https://pkg.go.dev/go.opentelemetry.io/otel/metric/noop#NewMeterProvider | source : security-advisories@github.com

Vulnerability : CWE-770


Vulnerability ID : CVE-2023-47117

First published on : 13-11-2023 21:15:08
Last modified on : 13-11-2023 21:15:08

Description :
Label Studio is an open source data labeling tool. In all current versions of Label Studio prior to 1.9.2post0, the application allows users to insecurely set filters for filtering tasks. An attacker can construct a filter chain to filter tasks based on sensitive fields for all user accounts on the platform by exploiting Django's Object Relational Mapper (ORM). Since the results of query can be manipulated by the ORM filter, an attacker can leak these sensitive fields character by character. In addition, Label Studio had a hard coded secret key that an attacker can use to forge a session token of any user by exploiting this ORM Leak vulnerability to leak account password hashes. This vulnerability has been addressed in commit `f931d9d129` which is included in the 1.9.2post0 release. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-47117
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/HumanSignal/label-studio/commit/f931d9d129002f54a495995774ce7384174cef5c | source : security-advisories@github.com
https://github.com/HumanSignal/label-studio/security/advisories/GHSA-6hjj-gq77-j4qw | source : security-advisories@github.com

Vulnerability : CWE-200


Source : google.com

Vulnerability ID : CVE-2023-4949

First published on : 10-11-2023 17:15:07
Last modified on : 13-11-2023 03:16:20

Description :
An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.

CVE ID : CVE-2023-4949
Source : cve-coordination@google.com
CVSS Score : 8.1

References :
https://xenbits.xenproject.org/xsa/advisory-443.html | source : cve-coordination@google.com

Vulnerability : CWE-119
Vulnerability : CWE-190


Source : kaspersky.com

Vulnerability ID : CVE-2023-47611

First published on : 10-11-2023 17:15:07
Last modified on : 13-11-2023 03:16:20

Description :
A CWE-269: Improper Privilege Management vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to elevate privileges to "manufacturer" level on the targeted system.

CVE ID : CVE-2023-47611
Source : vulnerability@kaspersky.com
CVSS Score : 7.8

References :
https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-216-telit-cinterion-thales-gemalto-modules-improper-privilege-management-vulnerability/ | source : vulnerability@kaspersky.com

Vulnerability : CWE-269


Source : microsoft.com

Vulnerability ID : CVE-2023-36014

First published on : 10-11-2023 00:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE ID : CVE-2023-36014
Source : secure@microsoft.com
CVSS Score : 7.3

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36014 | source : secure@microsoft.com


Vulnerability ID : CVE-2023-36024

First published on : 10-11-2023 00:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE ID : CVE-2023-36024
Source : secure@microsoft.com
CVSS Score : 7.1

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36024 | source : secure@microsoft.com


Vulnerability ID : CVE-2023-36027

First published on : 10-11-2023 20:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE ID : CVE-2023-36027
Source : secure@microsoft.com
CVSS Score : 7.1

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36027 | source : secure@microsoft.com


Source : vuldb.com

Vulnerability ID : CVE-2023-6099

First published on : 13-11-2023 16:15:28
Last modified on : 13-11-2023 18:44:54

Description :
A vulnerability classified as critical has been found in Shenzhen Youkate Industrial Facial Love Cloud Payment System up to 1.0.55.0.0.1. This affects an unknown part of the file /SystemMng.ashx of the component Account Handler. The manipulation of the argument operatorRole with the input 00 leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-245061 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-6099
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/gatsby2003/Shenzhen-Youkate-Industrial-Co.-Ltd/blob/main/Shenzhen%20Youkate%20Industrial%20Co.%2C%20Ltd.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.245061 | source : cna@vuldb.com
https://vuldb.com/?id.245061 | source : cna@vuldb.com

Vulnerability : CWE-269


Source : fc9afe74-3f80-4fb7-a313-e6f036a89882

Vulnerability ID : CVE-2023-5747

First published on : 13-11-2023 08:15:26
Last modified on : 13-11-2023 14:12:08

Description :
Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution during the installation of Wave on the camera device. The Wave server application in camera device was vulnerable to command injection allowing an attacker to run arbitrary code. HanwhaVision has released patched firmware for the highlighted flaw. Please refer to the hanwhavision security report for more information and solution."

CVE ID : CVE-2023-5747
Source : fc9afe74-3f80-4fb7-a313-e6f036a89882
CVSS Score : 7.2

References :
https://www.hanwhavision.com/wp-content/uploads/2023/11/Camera-Vulnerability-Report-CVE-2023-5747_20231113.pdf | source : fc9afe74-3f80-4fb7-a313-e6f036a89882

Vulnerability : CWE-345
Vulnerability : CWE-347


(78) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : github.com

Vulnerability ID : CVE-2023-46733

First published on : 10-11-2023 18:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, `SessionStrategyListener` does not migrate the session after every successful login. It does so only in case the logged in user changes by means of checking the user identifier. In some use cases, the user identifier doesn't change between the verification phase and the successful login, while the token itself changes from one type (partially-authenticated) to another (fully-authenticated). When this happens, the session id should be regenerated to prevent possible session fixations, which is not the case at the moment. As of versions 5.4.31 and 6.3.8, Symfony now checks the type of the token in addition to the user identifier before deciding whether the session id should be regenerated.

CVE ID : CVE-2023-46733
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/symfony/symfony/commit/7467bd7e3f888b333102bc664b5e02ef1e7f88b9 | source : security-advisories@github.com
https://github.com/symfony/symfony/commit/dc356499d5ceb86f7cf2b4c7f032eca97061ed74 | source : security-advisories@github.com
https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx | source : security-advisories@github.com

Vulnerability : CWE-384


Vulnerability ID : CVE-2023-46734

First published on : 10-11-2023 18:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 2.0.0, 5.0.0, and 6.0.0 and prior to versions 4.4.51, 5.4.31, and 6.3.8, some Twig filters in CodeExtension use `is_safe=html` but don't actually ensure their input is safe. As of versions 4.4.51, 5.4.31, and 6.3.8, Symfony now escapes the output of the affected filters.

CVE ID : CVE-2023-46734
Source : security-advisories@github.com
CVSS Score : 6.1

References :
https://github.com/symfony/symfony/commit/5d095d5feb1322b16450284a04d6bb48d1198f54 | source : security-advisories@github.com
https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c | source : security-advisories@github.com
https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3 | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-46735

First published on : 10-11-2023 18:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in version 6.0.0 and prior to version 6.3.8, the error message in `WebhookController` returns unescaped user-submitted input. As of version 6.3.8, `WebhookController` now doesn't return any user-submitted input in its response.

CVE ID : CVE-2023-46735
Source : security-advisories@github.com
CVSS Score : 6.1

References :
https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962 | source : security-advisories@github.com
https://github.com/symfony/symfony/security/advisories/GHSA-72x2-5c85-6wmr | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-42813

First published on : 13-11-2023 21:15:07
Last modified on : 13-11-2023 21:15:07

Description :
Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch attestations. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild.

CVE ID : CVE-2023-42813
Source : security-advisories@github.com
CVSS Score : 6.1

References :
https://github.com/kyverno/kyverno/security/advisories/GHSA-wc3x-5rfv-hh5v | source : security-advisories@github.com

Vulnerability : CWE-400


Vulnerability ID : CVE-2023-42816

First published on : 13-11-2023 21:15:08
Last modified on : 13-11-2023 21:15:08

Description :
Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch signatures. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild.

CVE ID : CVE-2023-42816
Source : security-advisories@github.com
CVSS Score : 6.1

References :
https://github.com/kyverno/kyverno/security/advisories/GHSA-4mp4-46gq-hv3r | source : security-advisories@github.com

Vulnerability : CWE-345


Vulnerability ID : CVE-2023-47119

First published on : 10-11-2023 15:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds.

CVE ID : CVE-2023-47119
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/discourse/discourse/commit/628b293ff53fb617b3464dd27268aec84388cc09 | source : security-advisories@github.com
https://github.com/discourse/discourse/commit/d78357917c6a917a8a27af68756228e89c69321c | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-j95w-5hvx-jp5w | source : security-advisories@github.com

Vulnerability : CWE-74


Vulnerability ID : CVE-2023-45806

First published on : 10-11-2023 15:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, if a user has been quoted and uses a `|` in their full name, they might be able to trigger a bug that generates a lot of duplicate content in all the posts they've been quoted by updating their full name again. Version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches contain a patch for this issue. No known workaround exists, although one can stop the "bleeding" by ensuring users only use alphanumeric characters in their full name field.

CVE ID : CVE-2023-45806
Source : security-advisories@github.com
CVSS Score : 4.3

References :
https://github.com/discourse/discourse/commit/2ec25105179199cf80912bf011c18b8b870e1863 | source : security-advisories@github.com
https://github.com/discourse/discourse/commit/7d484864fe91ff79c478f57e7ddb1235d701921e | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-hcgf-hg2g-mw78 | source : security-advisories@github.com

Vulnerability : CWE-1333


Vulnerability ID : CVE-2023-46130

First published on : 10-11-2023 15:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some theme components allow users to add svgs with unlimited `height` attributes, and this can affect the availability of subsequent replies in a topic. Most Discourse instances are unaffected, only instances with the svgbob or the mermaid theme component are within scope. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. As a workaround, disable or remove the relevant theme components.

CVE ID : CVE-2023-46130
Source : security-advisories@github.com
CVSS Score : 4.3

References :
https://github.com/discourse/discourse/commit/6183d9633de873ac2b1e9cdb6ac1c94b4ffae9cb | source : security-advisories@github.com
https://github.com/discourse/discourse/commit/89a2e60706ce22e4afc463d03af2f34c53291800 | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-c876-638r-vfcg | source : security-advisories@github.com

Vulnerability : CWE-770


Vulnerability ID : CVE-2023-47122

First published on : 10-11-2023 22:15:14
Last modified on : 13-11-2023 03:16:20

Description :
Gitsign is software for keyless Git signing using Sigstore. In versions of gitsign starting with 0.6.0 and prior to 0.8.0, Rekor public keys were fetched via the Rekor API, instead of through the local TUF client. If the upstream Rekor server happened to be compromised, gitsign clients could potentially be tricked into trusting incorrect signatures. There is no known compromise the default public good instance (`rekor.sigstore.dev`) - anyone using this instance is unaffected. This issue was fixed in v0.8.0. No known workarounds are available.

CVE ID : CVE-2023-47122
Source : security-advisories@github.com
CVSS Score : 4.2

References :
https://docs.sigstore.dev/about/threat-model/#sigstore-threat-model | source : security-advisories@github.com
https://github.com/sigstore/gitsign/commit/cd66ccb03c86a3600955f0c15f6bfeb75f697236 | source : security-advisories@github.com
https://github.com/sigstore/gitsign/pull/399 | source : security-advisories@github.com
https://github.com/sigstore/gitsign/security/advisories/GHSA-xvrc-2wvh-49vc | source : security-advisories@github.com

Vulnerability : CWE-347


Source : patchstack.com

Vulnerability ID : CVE-2023-41239

First published on : 13-11-2023 03:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Server-Side Request Forgery (SSRF) vulnerability in Blubrry PowerPress Podcasting plugin by Blubrry.This issue affects PowerPress Podcasting plugin by Blubrry: from n/a through 11.0.6.

CVE ID : CVE-2023-41239
Source : audit@patchstack.com
CVSS Score : 6.4

References :
https://patchstack.com/database/vulnerability/powerpress/wordpress-powerpress-podcasting-plugin-by-blubrry-plugin-11-0-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-32583

First published on : 13-11-2023 02:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Prashant Walke WP All Backup plugin <= 2.4.3 versions.

CVE ID : CVE-2023-32583
Source : audit@patchstack.com
CVSS Score : 6.3

References :
https://patchstack.com/database/vulnerability/wp-all-backup/wordpress-wp-all-backup-plugin-2-4-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2022-45835

First published on : 13-11-2023 03:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Payment Solutions.This issue affects PhonePe Payment Solutions: from n/a through 1.0.15.

CVE ID : CVE-2022-45835
Source : audit@patchstack.com
CVSS Score : 5.8

References :
https://patchstack.com/database/vulnerability/phonepe-payment-solutions/wordpress-phonepe-payment-solutions-plugin-1-0-15-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-38515

First published on : 13-11-2023 03:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Server-Side Request Forgery (SSRF) vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 3.7.56.

CVE ID : CVE-2023-38515
Source : audit@patchstack.com
CVSS Score : 5.5

References :
https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-3-7-56-server-side-request-forgery-ssrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-28497

First published on : 12-11-2023 22:15:28
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery LITE plugin <= 1.7.6 versions.

CVE ID : CVE-2023-28497
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/slideshow-gallery/wordpress-slideshow-gallery-lite-plugin-1-7-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28618

First published on : 12-11-2023 22:15:29
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Marios Alexandrou Enhanced Plugin Admin plugin <= 1.16 versions.

CVE ID : CVE-2023-28618
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/enhanced-plugin-admin/wordpress-enhanced-plugin-admin-plugin-1-16-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28694

First published on : 12-11-2023 22:15:29
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Wbcom Designs Wbcom Designs – BuddyPress Activity Social Share plugin <= 3.5.0 versions.

CVE ID : CVE-2023-28694
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/bp-activity-social-share/wordpress-wbcom-designs-buddypress-activity-social-share-plugin-3-4-0-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-29425

First published on : 12-11-2023 22:15:30
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in plainware.Com ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions.

CVE ID : CVE-2023-29425
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/shiftcontroller/wordpress-shiftcontroller-employee-shift-scheduling-plugin-4-9-23-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27611

First published on : 12-11-2023 23:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in audrasjb Reusable Blocks Extended plugin <= 0.9 versions.

CVE ID : CVE-2023-27611
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/reusable-blocks-extended/wordpress-reusable-blocks-extended-plugin-0-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27623

First published on : 12-11-2023 23:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Jens Törnell WP Page Numbers plugin <= 0.5 versions.

CVE ID : CVE-2023-27623
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/wp-page-numbers/wordpress-wp-page-numbers-plugin-0-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27632

First published on : 12-11-2023 23:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in mmrs151 Daily Prayer Time plugin <= 2023.03.08 versions.

CVE ID : CVE-2023-27632
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/daily-prayer-time-for-mosques/wordpress-daily-prayer-time-plugin-2023-02-21-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28167

First published on : 12-11-2023 23:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital CF7 Invisible reCAPTCHA plugin <= 1.3.3 versions.

CVE ID : CVE-2023-28167
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/cf7-invisible-recaptcha/wordpress-cf7-invisible-recaptcha-plugin-1-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28172

First published on : 12-11-2023 23:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in flippercode WordPress Plugin for Google Maps – WP MAPS (formerly WP Google Map Plugin) plugin <= 4.4.2 versions.

CVE ID : CVE-2023-28172
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/wp-google-map-plugin/wordpress-wp-maps-plugin-4-4-2-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28419

First published on : 12-11-2023 23:15:10
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Stranger Studios Force First and Last Name as Display Name plugin <= 1.2 versions.

CVE ID : CVE-2023-28419
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/force-first-last/wordpress-force-first-and-last-name-as-display-name-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28420

First published on : 12-11-2023 23:15:10
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Leo Caseiro Custom Options Plus plugin <= 1.8.1 versions.

CVE ID : CVE-2023-28420
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/custom-options-plus/wordpress-custom-options-plus-plugin-1-8-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-26514

First published on : 13-11-2023 00:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in WPGrim Dynamic XML Sitemaps Generator for Google plugin <= 1.3.3 versions.

CVE ID : CVE-2023-26514
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/xml-sitemap-generator-for-google/wordpress-xml-sitemap-generator-for-google-plugin-1-2-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-26518

First published on : 13-11-2023 00:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes WP TFeed plugin <= 1.6.9 versions.

CVE ID : CVE-2023-26518
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/accesspress-twitter-feed/wordpress-wp-tfeed-plugin-1-6-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27436

First published on : 13-11-2023 00:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Louis Reingold Elegant Custom Fonts plugin <= 1.0 versions.

CVE ID : CVE-2023-27436
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/elegant-custom-fonts/wordpress-elegant-custom-fonts-plugin-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27441

First published on : 13-11-2023 00:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in gl_SPICE New Adman plugin <= 1.6.8 versions.

CVE ID : CVE-2023-27441
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/new-adman/wordpress-new-adman-plugin-1-6-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27445

First published on : 13-11-2023 00:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Meril Inc. Blog Floating Button plugin <= 1.4.12 versions.

CVE ID : CVE-2023-27445
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/blog-floating-button/wordpress-blog-floating-button-plugin-1-4-12-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-26531

First published on : 13-11-2023 01:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in ??? ?????????????-??Baidu/Google/Bing/IndexNow/Yandex/?? plugin <= 4.2.7 versions.

CVE ID : CVE-2023-26531
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/baidu-submit-link/wordpress-baidu-google-bing-indexnow-yandex-plugin-4-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-46619

First published on : 13-11-2023 01:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in WebDorado WDSocialWidgets plugin <= 1.0.15 versions.

CVE ID : CVE-2023-46619
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/spider-facebook/wordpress-wdsocialwidgets-plugin-1-0-15-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-46636

First published on : 13-11-2023 01:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in David Stöckl Custom Header Images plugin <= 1.2.1 versions.

CVE ID : CVE-2023-46636
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/custom-header-images/wordpress-custom-header-images-plugin-1-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-47230

First published on : 13-11-2023 01:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.6.0 versions.

CVE ID : CVE-2023-47230
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/contact-forms/wordpress-wordpress-contact-forms-by-cimatti-plugin-1-6-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-34384

First published on : 13-11-2023 02:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Kebo Kebo Twitter Feed plugin <= 1.5.12 versions.

CVE ID : CVE-2023-34384
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/kebo-twitter-feed/wordpress-kebo-twitter-feed-plugin-1-5-12-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-47669

First published on : 13-11-2023 02:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin <= 3.10.3 versions.

CVE ID : CVE-2023-47669
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/profile-builder/wordpress-user-profile-builder-plugin-3-10-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-23684

First published on : 13-11-2023 03:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Server-Side Request Forgery (SSRF) vulnerability in WPGraphQL.This issue affects WPGraphQL: from n/a through 1.14.5.

CVE ID : CVE-2023-23684
Source : audit@patchstack.com
CVSS Score : 4.4

References :
https://patchstack.com/database/vulnerability/wp-graphql/wordpress-wp-graphql-plugin-1-14-5-server-side-request-forgery-ssrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-34013

First published on : 13-11-2023 03:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Server-Side Request Forgery (SSRF) vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll Plugin: from n/a through 4.6.2.

CVE ID : CVE-2023-34013
Source : audit@patchstack.com
CVSS Score : 4.4

References :
https://patchstack.com/database/vulnerability/poll-maker/wordpress-poll-maker-plugin-4-6-2-server-side-request-forgery-ssrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-37978

First published on : 13-11-2023 03:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTTP Headers.This issue affects HTTP Headers: from n/a through 1.18.11.

CVE ID : CVE-2023-37978
Source : audit@patchstack.com
CVSS Score : 4.4

References :
https://patchstack.com/database/vulnerability/http-headers/wordpress-http-headers-plugin-1-18-11-server-side-request-forgery-ssrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-28495

First published on : 12-11-2023 22:15:28
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop WP Shortcode by MyThemeShop plugin <= 1.4.16 versions.

CVE ID : CVE-2023-28495
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/wp-shortcode/wordpress-wp-shortcode-by-mythemeshop-plugin-1-4-16-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28498

First published on : 12-11-2023 22:15:29
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in MotoPress Hotel Booking Lite plugin <= 4.6.0 versions.

CVE ID : CVE-2023-28498
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/motopress-hotel-booking-lite/wordpress-hotel-booking-lite-plugin-4-6-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28696

First published on : 12-11-2023 22:15:29
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Harish Chouhan, Themeist I Recommend Tplugin <= 3.9.0 versions.

CVE ID : CVE-2023-28696
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/i-recommend-this/wordpress-i-recommend-this-plugin-3-8-3-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28930

First published on : 12-11-2023 22:15:29
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Robin Phillips Mobile Banner plugin <= 1.5 versions.

CVE ID : CVE-2023-28930
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/mobile-banner/wordpress-mobile-banner-plugin-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28987

First published on : 12-11-2023 22:15:29
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Wpmet Wp Ultimate Review plugin <= 2.0.3 versions.

CVE ID : CVE-2023-28987
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/wp-ultimate-review/wordpress-wp-ultimate-review-plugin-2-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-29238

First published on : 12-11-2023 22:15:30
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Whydonate Whydonate – FREE Donate button – Crowdfunding – Fundraising plugin <= 3.12.15 versions.

CVE ID : CVE-2023-29238
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/wp-whydonate/wordpress-whydonate-plugin-3-12-13-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27417

First published on : 12-11-2023 23:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Timo Reith Affiliate Super Assistent plugin <= 1.5.1 versions.

CVE ID : CVE-2023-27417
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/amazonsimpleadmin/wordpress-affiliate-super-assistent-plugin-1-5-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27418

First published on : 12-11-2023 23:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Menu Lite – add sticky fixed buttons plugin <= 4.0 versions.

CVE ID : CVE-2023-27418
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/side-menu-lite/wordpress-side-menu-lite-plugin-4-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27431

First published on : 12-11-2023 23:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk Big Store theme <= 1.9.3 versions.

CVE ID : CVE-2023-27431
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/big-store/wordpress-big-store-theme-1-9-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28173

First published on : 12-11-2023 23:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Images plugin <= 2.1.3 versions.

CVE ID : CVE-2023-28173
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/google-image-sitemap/wordpress-google-xml-sitemap-for-images-plugin-2-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-26524

First published on : 13-11-2023 00:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.10 versions.

CVE ID : CVE-2023-26524
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/quiz-master-next/wordpress-quiz-and-survey-master-plugin-8-0-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27434

First published on : 13-11-2023 00:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in WPGrim Classic Editor and Classic Widgets plugin <= 1.2.5 versions.

CVE ID : CVE-2023-27434
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/classic-editor-and-classic-widgets/wordpress-classic-editor-and-classic-widgets-plugin-1-2-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27438

First published on : 13-11-2023 00:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Evgen Yurchenko WP Translitera plugin <= p1.2.5 versions.

CVE ID : CVE-2023-27438
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/wp-translitera/wordpress-wp-translitera-plugin-p1-2-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-26543

First published on : 13-11-2023 01:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Aleksandr Guidrevitch WP Meteor Website Speed Optimization Addon plugin <= 3.1.4 versions.

CVE ID : CVE-2023-26543
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/wp-meteor/wordpress-wp-meteor-page-speed-optimization-topping-plugin-3-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-46618

First published on : 13-11-2023 01:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Bala Krishna, Sergey Yakovlev Category SEO Meta Tags plugin <= 2.5 versions.

CVE ID : CVE-2023-46618
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/category-seo-meta-tags/wordpress-category-seo-meta-tags-plugin-2-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-46620

First published on : 13-11-2023 01:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Fluenx DeepL API translation plugin <= 2.3.9.1 versions.

CVE ID : CVE-2023-46620
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/wpdeepl/wordpress-deepl-api-translation-plugin-2-3-6-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-46625

First published on : 13-11-2023 01:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in DAEXT Autolinks Manager plugin <= 1.10.04 versions.

CVE ID : CVE-2023-46625
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/daext-autolinks-manager/wordpress-autolinks-manager-plugin-1-10-04-multiple-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-46629

First published on : 13-11-2023 01:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in themelocation Remove Add to Cart WooCommerce plugin <= 1.4.4.

CVE ID : CVE-2023-46629
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/remove-add-to-cart-woocommerce/wordpress-remove-add-to-cart-woocommerce-plugin-1-4-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-46638

First published on : 13-11-2023 01:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Webcodin WCP OpenWeather plugin <= 2.5.0 versions.

CVE ID : CVE-2023-46638
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/wcp-openweather/wordpress-wcp-openweather-plugin-2-5-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-32588

First published on : 13-11-2023 02:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in BRANDbrilliance Post State Tags plugin <= 2.0.6 versions.

CVE ID : CVE-2023-32588
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/post-state-tags/wordpress-post-state-tags-plugin-2-0-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-33207

First published on : 13-11-2023 02:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Krzysztof Wielogórski Stop Referrer Spam plugin <= 1.3.0 versions.

CVE ID : CVE-2023-33207
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/stop-referrer-spam/wordpress-stop-referrer-spam-plugin-1-2-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-34378

First published on : 13-11-2023 02:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in scriptburn.Com WP Hide Post plugin <= 2.0.10 versions.

CVE ID : CVE-2023-34378
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/wp-hide-post/wordpress-wp-hide-post-plugin-2-0-10-cross-site-request-forgery-csrf-leading-to-post-status-change-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-31219

First published on : 13-11-2023 03:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Server-Side Request Forgery (SSRF) vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.1.

CVE ID : CVE-2023-31219
Source : audit@patchstack.com
CVSS Score : 4.1

References :
https://patchstack.com/database/vulnerability/download-monitor/wordpress-download-monitor-plugin-4-8-1-server-side-request-forgery-ssrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-46207

First published on : 13-11-2023 03:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Server-Side Request Forgery (SSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing.This issue affects Motors – Car Dealer, Classifieds & Listing: from n/a through 1.4.6.

CVE ID : CVE-2023-46207
Source : audit@patchstack.com
CVSS Score : 4.1

References :
https://patchstack.com/database/vulnerability/motors-car-dealership-classified-listings/wordpress-motors-car-dealer-classifieds-listing-plugin-1-4-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-918


Source : wordfence.com

Vulnerability ID : CVE-2023-4775

First published on : 13-11-2023 08:15:25
Last modified on : 13-11-2023 14:12:08

Description :
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'advanced_iframe' shortcode in versions up to, and including, 2023.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-4775
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/advanced-iframe/trunk/includes/advanced-iframe-main-iframe.php?rev=2961394#L419 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/advanced-iframe/trunk/includes/advanced-iframe-main-iframe.php?rev=2961394#L552 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2993602/advanced-iframe | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/e9944443-2e71-45c4-8a19-d76863cf66df?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5741

First published on : 13-11-2023 08:15:26
Last modified on : 13-11-2023 14:12:08

Description :
The POWR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'powr-powr-pack' shortcode in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5741
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/powr-pack/trunk/src/pack.php?rev=2821707#L198 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/powr-pack/trunk/src/pack.php?rev=2821707#L201 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/c2967eae-82bb-4556-a21a-c5bb6b905c62?source=cve | source : security@wordfence.com


Source : vuldb.com

Vulnerability ID : CVE-2023-6074

First published on : 10-11-2023 15:15:09
Last modified on : 13-11-2023 03:16:20

Description :
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. This issue affects some unknown processing of the file check-status.php of the component Booking Reservation Handler. The manipulation leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-244943.

CVE ID : CVE-2023-6074
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://vuldb.com/?ctiid.244943 | source : cna@vuldb.com
https://vuldb.com/?id.244943 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-6084

First published on : 12-11-2023 11:15:07
Last modified on : 13-11-2023 03:16:20

Description :
A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file general/vehicle/checkup/delete.php. The manipulation of the argument VU_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-244994 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-6084
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/T1ANGzy/cve/blob/main/sql.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.244994 | source : cna@vuldb.com
https://vuldb.com/?id.244994 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-6076

First published on : 10-11-2023 16:15:34
Last modified on : 13-11-2023 03:16:20

Description :
A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file booking-details.php of the component Reservation Status Handler. The manipulation of the argument bid leads to information disclosure. The attack can be launched remotely. The identifier VDB-244945 was assigned to this vulnerability.

CVE ID : CVE-2023-6076
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://vuldb.com/?ctiid.244945 | source : cna@vuldb.com
https://vuldb.com/?id.244945 | source : cna@vuldb.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-6100

First published on : 13-11-2023 16:15:28
Last modified on : 13-11-2023 18:44:54

Description :
A vulnerability classified as problematic was found in Maiwei Safety Production Control Platform 4.1. This vulnerability affects unknown code of the file /api/DataDictionary/GetItemList. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-245062 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-6100
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://vuldb.com/?ctiid.245062 | source : cna@vuldb.com
https://vuldb.com/?id.245062 | source : cna@vuldb.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-6101

First published on : 13-11-2023 16:15:28
Last modified on : 13-11-2023 18:44:54

Description :
A vulnerability, which was classified as problematic, has been found in Maiwei Safety Production Control Platform 4.1. This issue affects some unknown processing of the file /TC/V2.7/ha.html of the component Intelligent Monitoring. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-245063. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-6101
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://vuldb.com/?ctiid.245063 | source : cna@vuldb.com
https://vuldb.com/?id.245063 | source : cna@vuldb.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-6102

First published on : 13-11-2023 18:15:08
Last modified on : 13-11-2023 18:44:54

Description :
A vulnerability, which was classified as problematic, was found in Maiwei Safety Production Control Platform 4.1. Affected is an unknown function of the file /Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-245064. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-6102
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://vuldb.com/?ctiid.245064 | source : cna@vuldb.com
https://vuldb.com/?id.245064 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-5959

First published on : 11-11-2023 09:15:26
Last modified on : 13-11-2023 03:16:20

Description :
A vulnerability, which was classified as problematic, was found in Beijing Baichuo Smart S85F Management Platform V31R02B10-01. Affected is an unknown function of the file /login.php. The manipulation of the argument txt_newpwd leads to weak password recovery. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244992. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-5959
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://github.com/Changboqian/cve/blob/main/reset_password_improperly.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.244992 | source : cna@vuldb.com
https://vuldb.com/?id.244992 | source : cna@vuldb.com

Vulnerability : CWE-640


Source : incibe.es

Vulnerability ID : CVE-2023-6098

First published on : 13-11-2023 13:15:08
Last modified on : 13-11-2023 14:12:08

Description :
An XSS vulnerability has been discovered in ICS Business Manager affecting version 7.06.0028.7066. A remote attacker could send a specially crafted string exploiting the obdd_act parameter, allowing the attacker to steal an authenticated user's session, and perform actions within the application.

CVE ID : CVE-2023-6098
Source : cve-coordination@incibe.es
CVSS Score : 6.3

References :
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-icssolution-ics-business-manager | source : cve-coordination@incibe.es

Vulnerability : CWE-79


Source : us.ibm.com

Vulnerability ID : CVE-2023-45167

First published on : 10-11-2023 04:15:07
Last modified on : 13-11-2023 03:16:20

Description :
IBM AIX's 7.3 Python implementation could allow a non-privileged local user to exploit a vulnerability to cause a denial of service. IBM X-Force ID: 267965.

CVE ID : CVE-2023-45167
Source : psirt@us.ibm.com
CVSS Score : 6.2

References :
https://aix.software.ibm.com/aix/efixes/security/python_advisory6.asc | source : psirt@us.ibm.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/267965 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7068084 | source : psirt@us.ibm.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-38364

First published on : 13-11-2023 02:15:08
Last modified on : 13-11-2023 03:16:20

Description :
IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 260821.

CVE ID : CVE-2023-38364
Source : psirt@us.ibm.com
CVSS Score : 6.1

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/260821 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7066429 | source : psirt@us.ibm.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-43057

First published on : 11-11-2023 16:15:31
Last modified on : 13-11-2023 03:16:20

Description :
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 267484.

CVE ID : CVE-2023-43057
Source : psirt@us.ibm.com
CVSS Score : 4.6

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/267484 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7070736 | source : psirt@us.ibm.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-38363

First published on : 13-11-2023 02:15:08
Last modified on : 13-11-2023 17:15:07

Description :
IBM CICS TX Advanced 10.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 260818.

CVE ID : CVE-2023-38363
Source : psirt@us.ibm.com
CVSS Score : 4.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/260818 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7067987 | source : psirt@us.ibm.com


Source : asrg.io

Vulnerability ID : CVE-2023-6073

First published on : 10-11-2023 08:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Attacker can perform a Denial of Service attack to crash the ICAS 3 IVI ECU in a Volkswagen ID.3 (and other vehicles of the VW Group with the same hardware) and spoof volume setting commands to irreversibly turn on audio volume to maximum via REST API calls.

CVE ID : CVE-2023-6073
Source : cve@asrg.io
CVSS Score : 5.7

References :
https://asrg.io/cve-2023-6073-dos-and-control-of-volume-settings-for-vw-id-3-icas3-ivi-ecu/ | source : cve@asrg.io

Vulnerability : CWE-20
Vulnerability : CWE-284


Source : qnapsecurity.com.tw

Vulnerability ID : CVE-2023-23367

First published on : 10-11-2023 15:15:08
Last modified on : 13-11-2023 03:16:20

Description :
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2376 build 20230421 and later QuTS hero h5.0.1.2376 build 20230421 and later QuTScloud c5.1.0.2498 and later

CVE ID : CVE-2023-23367
Source : security@qnapsecurity.com.tw
CVSS Score : 4.7

References :
https://www.qnap.com/en/security-advisory/qsa-23-24 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-78


(8) LOW VULNERABILITIES [0.1, 3.9]

Source : vuldb.com

Vulnerability ID : CVE-2023-6075

First published on : 10-11-2023 15:15:09
Last modified on : 13-11-2023 03:16:20

Description :
A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file index.php of the component Reservation Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-244944.

CVE ID : CVE-2023-6075
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://vuldb.com/?ctiid.244944 | source : cna@vuldb.com
https://vuldb.com/?id.244944 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-6103

First published on : 13-11-2023 18:15:08
Last modified on : 13-11-2023 18:44:54

Description :
A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /WiFi.html of the component SSID Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-245065 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-6103
Source : cna@vuldb.com
CVSS Score : 2.4

References :
https://vuldb.com/?ctiid.245065 | source : cna@vuldb.com
https://vuldb.com/?id.245065 | source : cna@vuldb.com
https://www.youtube.com/watch?v=BFoGAuEGpvI | source : cna@vuldb.com

Vulnerability : CWE-79


Source : github.com

Vulnerability ID : CVE-2023-47121

First published on : 10-11-2023 16:15:33
Last modified on : 13-11-2023 03:16:20

Description :
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, the embedding feature is susceptible to server side request forgery. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. As a workaround, disable the Embedding feature.

CVE ID : CVE-2023-47121
Source : security-advisories@github.com
CVSS Score : 3.4

References :
https://github.com/discourse/discourse/commit/24cca10da731734af4e9748de99a508d586e59f1 | source : security-advisories@github.com
https://github.com/discourse/discourse/commit/5f20748e402223b265e6fee381472c14e2604da6 | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-hp24-94qf-8cgc | source : security-advisories@github.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-45816

First published on : 10-11-2023 15:15:08
Last modified on : 13-11-2023 03:16:20

Description :
Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, there is an edge case where a bookmark reminder is sent and an unread notification is generated, but the underlying bookmarkable (e.g. post, topic, chat message) security has changed, making it so the user can no longer access the underlying resource. As of version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, bookmark reminders are now no longer sent if the user does not have access to the underlying bookmarkable, and also the unread bookmark notifications are always filtered by access. There are no known workarounds.

CVE ID : CVE-2023-45816
Source : security-advisories@github.com
CVSS Score : 3.3

References :
https://github.com/discourse/discourse/commit/2c45b949ea0e9d6fa8e5af2dd07f6521ede08bf1 | source : security-advisories@github.com
https://github.com/discourse/discourse/commit/3c5fb871c0f54af47679ae71ad449666b01d8216 | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-v9r6-92wp-f6cf | source : security-advisories@github.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-42814

First published on : 13-11-2023 21:15:07
Last modified on : 13-11-2023 21:15:07

Description :
Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch attestations. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild.

CVE ID : CVE-2023-42814
Source : security-advisories@github.com
CVSS Score : 3.1

References :
https://github.com/kyverno/kyverno/security/advisories/GHSA-9g37-h7p2-2c6r | source : security-advisories@github.com

Vulnerability : CWE-835


Vulnerability ID : CVE-2023-42815

First published on : 13-11-2023 21:15:07
Last modified on : 13-11-2023 21:15:07

Description :
Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary verifier. An attacker would need control over the registry from which Kyverno would fetch signatures. With such a position, the attacker could return a malicious response to Kyverno, when Kyverno would send a request to the registry. The malicious response would cause denial of service of Kyverno, such that other users' admission requests would be blocked from being processed. This is a vulnerability in a new component released in v1.11.0. The only users affected by this are those that have been building Kyverno from source at the main branch which is not encouraged. Users consuming official Kyverno releases are not affected. There are no known cases of this vulnerability being exploited in the wild.

CVE ID : CVE-2023-42815
Source : security-advisories@github.com
CVSS Score : 3.1

References :
https://github.com/kyverno/kyverno/security/advisories/GHSA-hjpv-68f4-2262 | source : security-advisories@github.com

Vulnerability : CWE-835


Vulnerability ID : CVE-2023-47625

First published on : 13-11-2023 21:15:08
Last modified on : 13-11-2023 21:15:08

Description :
PX4 autopilot is a flight control solution for drones. In affected versions a global buffer overflow vulnerability exists in the CrsfParser_TryParseCrsfPacket function in /src/drivers/rc/crsf_rc/CrsfParser.cpp:298 due to the invalid size check. A malicious user may create an RC packet remotely and that packet goes into the device where the _rcs_buf reads. The global buffer overflow vulnerability will be triggered and the drone can behave unexpectedly. This issue has been addressed in version 1.14.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-47625
Source : security-advisories@github.com
CVSS Score : 2.9

References :
https://github.com/PX4/PX4-Autopilot/commit/d1fcd39a44e6312582c6ab02b0d5ee2599fb55aa | source : security-advisories@github.com
https://github.com/PX4/PX4-Autopilot/security/advisories/GHSA-qpw7-65ww-wj82 | source : security-advisories@github.com

Vulnerability : CWE-120


Source : kaspersky.com

Vulnerability ID : CVE-2023-47614

First published on : 10-11-2023 16:15:33
Last modified on : 13-11-2023 03:16:20

Description :
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to disclose hidden virtual paths and file names on the targeted system.

CVE ID : CVE-2023-47614
Source : vulnerability@kaspersky.com
CVSS Score : 3.3

References :
https://ics-cert.kaspersky.com/advisories/2023/11/08/klcert-22-210-telit-cinterion-thales-gemalto-modules-exposure-of-sensitive-information-to-an-unauthorized-actor-vulnerability/ | source : vulnerability@kaspersky.com

Vulnerability : CWE-200


(30) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2023-39796

First published on : 10-11-2023 06:15:30
Last modified on : 13-11-2023 03:16:20

Description :
SQL injection vulnerability in the miniform module in WBCE CMS v.1.6.0 allows remote unauthenticated attacker to execute arbitrary code via the DB_RECORD_TABLE parameter.

CVE ID : CVE-2023-39796
Source : cve@mitre.org
CVSS Score : /

References :
https://forum.wbce.org/viewtopic.php?pid=42046#p42046 | source : cve@mitre.org
https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.1 | source : cve@mitre.org
https://pastebin.com/PBw5AvGp | source : cve@mitre.org


Vulnerability ID : CVE-2023-47800

First published on : 10-11-2023 07:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL services.

CVE ID : CVE-2023-47800
Source : cve@mitre.org
CVSS Score : /

References :
https://partner.natus.com/m/7cd3bcca88e446d4/original/NeuroWorks-SleepWorks-Product-Security-Bulletin.pdf | source : cve@mitre.org
https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2023-006.txt | source : cve@mitre.org


Vulnerability ID : CVE-2023-47390

First published on : 11-11-2023 18:15:14
Last modified on : 13-11-2023 03:16:20

Description :
Headscale through 0.22.3 writes bearer tokens to info-level logs.

CVE ID : CVE-2023-47390
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/juanfont/headscale/issues/1259 | source : cve@mitre.org


Vulnerability ID : CVE-2023-47801

First published on : 13-11-2023 09:15:25
Last modified on : 13-11-2023 14:12:08

Description :
An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security Administrators) could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password Record API Key to Copy/Move private password records.

CVE ID : CVE-2023-47801
Source : cve@mitre.org
CVSS Score : /

References :
https://www.clickstudios.com.au/security/advisories/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-48058

First published on : 13-11-2023 16:15:28
Last modified on : 13-11-2023 18:44:54

Description :
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/task/run

CVE ID : CVE-2023-48058
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/CP1379767017/cms/blob/main/CSRF%20exists%20at%20the%20task%20management%20execution%20task%20location.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-48060

First published on : 13-11-2023 16:15:28
Last modified on : 13-11-2023 18:44:54

Description :
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/task/add

CVE ID : CVE-2023-48060
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/CP1379767017/cms/blob/main/CSRF%20exists%20at%20the%20location%20where%20task%20management%20adds%20tasks.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-48063

First published on : 13-11-2023 16:15:28
Last modified on : 13-11-2023 18:44:54

Description :
An issue was discovered in dreamer_cms 4.1.3. There is a CSRF vulnerability that can delete a theme project via /admin/category/delete.

CVE ID : CVE-2023-48063
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/CP1379767017/cms/blob/dreamcms_vul/There%20is%20a%20CSRF%20vulnerability%20at%20th%20menu%20management%20location.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-48068

First published on : 13-11-2023 16:15:28
Last modified on : 13-11-2023 18:44:54

Description :
DedeCMS v6.2 was discovered to contain a Cross-site Scripting (XSS) vulnerability via spec_add.php.

CVE ID : CVE-2023-48068
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/CP1379767017/cms/blob/dreamcms_vul/dedevCMS/dedeCMS_XSS.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-46014

First published on : 13-11-2023 22:15:07
Last modified on : 13-11-2023 22:15:07

Description :
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters.

CVE ID : CVE-2023-46014
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability | source : cve@mitre.org


Vulnerability ID : CVE-2023-46015

First published on : 13-11-2023 22:15:07
Last modified on : 13-11-2023 22:15:07

Description :
Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL.

CVE ID : CVE-2023-46015
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ersinerenler/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability | source : cve@mitre.org


Vulnerability ID : CVE-2023-46016

First published on : 13-11-2023 22:15:07
Last modified on : 13-11-2023 22:15:07

Description :
Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL.

CVE ID : CVE-2023-46016
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ersinerenler/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability | source : cve@mitre.org


Vulnerability ID : CVE-2023-46017

First published on : 13-11-2023 22:15:07
Last modified on : 13-11-2023 22:15:07

Description :
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters.

CVE ID : CVE-2023-46017
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ersinerenler/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability | source : cve@mitre.org


Vulnerability ID : CVE-2023-46018

First published on : 13-11-2023 22:15:07
Last modified on : 13-11-2023 22:15:07

Description :
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter.

CVE ID : CVE-2023-46018
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ersinerenler/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability | source : cve@mitre.org


Vulnerability ID : CVE-2023-47346

First published on : 13-11-2023 22:15:07
Last modified on : 13-11-2023 22:15:07

Description :
Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages.

CVE ID : CVE-2023-47346
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/free5gc/free5gc/issues/482 | source : cve@mitre.org


Source : jpcert.or.jp

Vulnerability ID : CVE-2023-47164

First published on : 10-11-2023 09:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Cross-site scripting vulnerability in HOTELDRUID 3.0.5 and earlier allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.

CVE ID : CVE-2023-47164
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://jvn.jp/en/jp/JVN99177549/ | source : vultures@jpcert.or.jp
https://www.hoteldruid.com/ | source : vultures@jpcert.or.jp
https://www.hoteldruid.com/en/download.html | source : vultures@jpcert.or.jp


Vulnerability ID : CVE-2023-47163

First published on : 13-11-2023 03:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Remarshal prior to v0.17.1 expands YAML alias nodes unlimitedly, hence Remarshal is vulnerable to Billion Laughs Attack. Processing untrusted YAML files may cause a denial-of-service (DoS) condition.

CVE ID : CVE-2023-47163
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://github.com/remarshal-project/remarshal/commit/fd6ac799a02f533c3fc243b49cdd6d21aa7ee494 | source : vultures@jpcert.or.jp
https://github.com/remarshal-project/remarshal/releases/tag/v0.17.1 | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN86156389/ | source : vultures@jpcert.or.jp


Source : patchstack.com

Vulnerability ID : CVE-2023-29426

First published on : 10-11-2023 14:15:35
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Robert Schulz (sprd.Net AG) Spreadshop plugin <= 1.6.5 versions.

CVE ID : CVE-2023-29426
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/spreadshop/wordpress-spreadshop-plugin-plugin-1-6-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-29428

First published on : 10-11-2023 14:15:35
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins Superb Social Media Share Buttons and Follow Buttons for WordPress plugin <= 1.1.3 versions.

CVE ID : CVE-2023-29428
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/superb-social-share-and-follow-buttons/wordpress-superb-social-media-share-buttons-and-follow-buttons-plugin-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-29440

First published on : 10-11-2023 14:15:35
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Job Board plugin <= 2.10.3 versions.

CVE ID : CVE-2023-29440
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/simple-job-board/wordpress-simple-job-board-plugin-2-10-3-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-30478

First published on : 10-11-2023 14:15:35
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters plugin <= 4.8.8 versions.

CVE ID : CVE-2023-30478
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/newsletters-lite/wordpress-newsletters-plugin-4-8-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-31077

First published on : 10-11-2023 14:15:35
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in ReCorp Export WP Page to Static HTML/CSS plugin <= 2.1.9 versions.

CVE ID : CVE-2023-31077
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/export-wp-page-to-static-html/wordpress-export-wp-page-to-static-html-css-plugin-2-1-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-31078

First published on : 10-11-2023 14:15:35
Last modified on : 13-11-2023 03:16:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Marco Steinbrecher WP BrowserUpdate plugin <= 4.4.1 versions.

CVE ID : CVE-2023-31078
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/wp-browser-update/wordpress-wp-browserupdate-plugin-4-4-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Source : openvpn.net

Vulnerability ID : CVE-2023-46849

First published on : 11-11-2023 01:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.

CVE ID : CVE-2023-46849
Source : security@openvpn.net
CVSS Score : /

References :
https://community.openvpn.net/openvpn/wiki/CVE-2023-46849 | source : security@openvpn.net
https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/ | source : security@openvpn.net

Vulnerability : CWE-369


Vulnerability ID : CVE-2023-46850

First published on : 11-11-2023 01:15:07
Last modified on : 13-11-2023 03:16:20

Description :
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.

CVE ID : CVE-2023-46850
Source : security@openvpn.net
CVSS Score : /

References :
https://community.openvpn.net/openvpn/wiki/CVE-2023-46850 | source : security@openvpn.net
https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/ | source : security@openvpn.net

Vulnerability : CWE-416


Source : apache.org

Vulnerability ID : CVE-2023-42781

First published on : 12-11-2023 14:15:25
Last modified on : 13-11-2023 03:16:20

Description :
Apache Airflow, versions before 2.7.3, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. This is a different issue than CVE-2023-42663 but leading to similar outcome. Users of Apache Airflow are advised to upgrade to version 2.7.3 or newer to mitigate the risk associated with this vulnerability.

CVE ID : CVE-2023-42781
Source : security@apache.org
CVSS Score : /

References :
http://www.openwall.com/lists/oss-security/2023/11/12/2 | source : security@apache.org
https://github.com/apache/airflow/pull/34939 | source : security@apache.org
https://lists.apache.org/thread/7dnl8nszdxqyns57f3dw0sloy5dfl9o1 | source : security@apache.org

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-47037

First published on : 12-11-2023 14:15:25
Last modified on : 13-11-2023 03:16:20

Description :
We failed to apply CVE-2023-40611 in 2.7.1 and this vulnerability was marked as fixed then. Apache Airflow, versions before 2.7.3, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have them alter details such as configuration parameters, start date, etc. Users should upgrade to version 2.7.3 or later which has removed the vulnerability.

CVE ID : CVE-2023-47037
Source : security@apache.org
CVSS Score : /

References :
http://www.openwall.com/lists/oss-security/2023/11/12/1 | source : security@apache.org
https://github.com/apache/airflow/pull/33413 | source : security@apache.org
https://lists.apache.org/thread/04y4vrw1t2xl030gswtctc4nt1w90cb0 | source : security@apache.org

Vulnerability : CWE-863


Source : checkpoint.com

Vulnerability ID : CVE-2023-28134

First published on : 12-11-2023 23:15:09
Last modified on : 13-11-2023 03:16:20

Description :
Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE ID : CVE-2023-28134
Source : cve@checkpoint.com
CVSS Score : /

References :
https://support.checkpoint.com/results/sk/sk181597 | source : cve@checkpoint.com

Vulnerability : CWE-732


Source : fc9afe74-3f80-4fb7-a313-e6f036a89882

Vulnerability ID : CVE-2023-5037

First published on : 13-11-2023 08:15:26
Last modified on : 13-11-2023 08:15:26

Description :
Rejected reason: CVE number will be reassigned.

CVE ID : CVE-2023-5037
Source : fc9afe74-3f80-4fb7-a313-e6f036a89882
CVSS Score : /

References :


Source : wordfence.com

Vulnerability ID : CVE-2023-6104

First published on : 13-11-2023 12:15:08
Last modified on : 13-11-2023 16:15:29

Description :
Rejected reason: The CVE Record was published by accident.

CVE ID : CVE-2023-6104
Source : security@wordfence.com
CVSS Score : /

References :


Vulnerability ID : CVE-2023-5999

First published on : 13-11-2023 20:15:29
Last modified on : 13-11-2023 21:15:08

Description :
Rejected reason: This is a duplicate.

CVE ID : CVE-2023-5999
Source : security@wordfence.com
CVSS Score : /

References :


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.