#ExploitObserverAlert
CVE-2023-45573
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-45573. Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the n parameter of the mrclfile_del.asp function.
FIRST-EPSS: 0.002020000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-45573
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-45573. Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the n parameter of the mrclfile_del.asp function.
FIRST-EPSS: 0.002020000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2018-8097
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2018-8097. io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter.
FIRST-EPSS: 0.009270000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2018-8097
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2018-8097. io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter.
FIRST-EPSS: 0.009270000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-43786
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-43786. A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2023-43786
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-43786. A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2017-6884
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2017-6884. A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.
FIRST-EPSS: 0.973780000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2017-6884
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2017-6884. A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. The vulnerability is located in the diagnostic tools, specifically the nslookup function. A malicious user may exploit numerous vectors to execute arbitrary commands on the router, such as the ping_ip parameter to the expert/maintenance/diagnostic/nslookup URI.
FIRST-EPSS: 0.973780000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-7208
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-7208. A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-249742 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-7208
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-7208. A vulnerability classified as critical was found in Totolink X2000R_V2 2.0.0-B20230727.10434. This vulnerability affects the function formTmultiAP of the file /bin/boa. The manipulation leads to buffer overflow. VDB-249742 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
#ExploitObserverAlert
CVE-2021-44026
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2021-44026. Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.
FIRST-EPSS: 0.008420000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-44026
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2021-44026. Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.
FIRST-EPSS: 0.008420000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-22265
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-22265. An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution.
FIRST-EPSS: 0.000690000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2022-22265
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-22265. An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution.
FIRST-EPSS: 0.000690000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-3138
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-3138. A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.
FIRST-EPSS: 0.000470000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-3138
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-3138. A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.
FIRST-EPSS: 0.000470000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-43785
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-43785. A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2023-43785
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-43785. A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2021-39174
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2021-39174. Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (`APP_KEY`) and various passwords (email, database, etc). This issue was addressed in version 2.5.1 by improving `UpdateConfigCommandHandler` and preventing the use of nested variables in the resulting dotenv configuration file. As a workaround, only allow trusted source IP addresses to access to the administration dashboard.
FIRST-EPSS: 0.002440000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2021-39174
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2021-39174. Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (`APP_KEY`) and various passwords (email, database, etc). This issue was addressed in version 2.5.1 by improving `UpdateConfigCommandHandler` and preventing the use of nested variables in the resulting dotenv configuration file. As a workaround, only allow trusted source IP addresses to access to the administration dashboard.
FIRST-EPSS: 0.002440000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2019-12553
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2019-12553. In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the StrCat function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution.
FIRST-EPSS: 0.003970000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2019-12553
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2019-12553. In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the StrCat function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution.
FIRST-EPSS: 0.003970000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-24429
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-24429. The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when booking an appointment, allowing low privilege users such as subscriber to set JavaScript in them, leading to a Stored Cross-Site Scripting (XSS) vulnerability. The Payload will then be triggered when an admin visits the "Calendar" page and the malicious script is executed in the admin context.
FIRST-EPSS: 0.000780000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2021-24429
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-24429. The Salon booking system WordPress plugin before 6.3.1 does not properly sanitise and escape the First Name field when booking an appointment, allowing low privilege users such as subscriber to set JavaScript in them, leading to a Stored Cross-Site Scripting (XSS) vulnerability. The Payload will then be triggered when an admin visits the "Calendar" page and the malicious script is executed in the admin context.
FIRST-EPSS: 0.000780000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-1178
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-1178. Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4.
FIRST-EPSS: 0.051470000
NVD-IS: 2.7
NVD-ES: 2.3
CVE-2022-1178
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-1178. Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4.
FIRST-EPSS: 0.051470000
NVD-IS: 2.7
NVD-ES: 2.3
#ExploitObserverAlert
CVE-2023-34104
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-34104. fast-xml-parser is an open source, pure javascript xml parser. fast-xml-parser allows special characters in entity names, which are not escaped or sanitized. Since the entity name is used for creating a regex for searching and replacing entities in the XML body, an attacker can abuse it for denial of service (DoS) attacks. By crafting an entity name that results in an intentionally bad performing regex and utilizing it in the entity replacement step of the parser, this can cause the parser to stall for an indefinite amount of time. This problem has been resolved in v4.2.4. Users are advised to upgrade. Users unable to upgrade should avoid using DOCTYPE parsing by setting the `processEntities: false` option.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-34104
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2023-34104. fast-xml-parser is an open source, pure javascript xml parser. fast-xml-parser allows special characters in entity names, which are not escaped or sanitized. Since the entity name is used for creating a regex for searching and replacing entities in the XML body, an attacker can abuse it for denial of service (DoS) attacks. By crafting an entity name that results in an intentionally bad performing regex and utilizing it in the entity replacement step of the parser, this can cause the parser to stall for an indefinite amount of time. This problem has been resolved in v4.2.4. Users are advised to upgrade. Users unable to upgrade should avoid using DOCTYPE parsing by setting the `processEntities: false` option.
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-2205
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-2205. Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.7-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Marketing accessible data as well as unauthorized access to critical data or complete access to all Oracle Marketing accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
FIRST-EPSS: 0.001940000
NVD-IS: 5.2
NVD-ES: 3.9
CVE-2021-2205
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-2205. Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.7-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Marketing accessible data as well as unauthorized access to critical data or complete access to all Oracle Marketing accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
FIRST-EPSS: 0.001940000
NVD-IS: 5.2
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-24379
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-24379. The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user (even unauthenticated) to add unlimited like/dislike to any comment. The plugin appears to have some Restriction modes, such as Cookie Restriction, IP Restrictions, Logged In User Restriction, however, they do not prevent such attack as they only check client side
FIRST-EPSS: 0.001090000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2021-24379
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-24379. The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user (even unauthenticated) to add unlimited like/dislike to any comment. The plugin appears to have some Restriction modes, such as Cookie Restriction, IP Restrictions, Logged In User Restriction, however, they do not prevent such attack as they only check client side
FIRST-EPSS: 0.001090000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-5840
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-5840. Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9.
FIRST-EPSS: 0.000870000
NVD-IS: 5.9
NVD-ES: 2.8
CVE-2023-5840
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-5840. Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9.
FIRST-EPSS: 0.000870000
NVD-IS: 5.9
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-50269
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-50269. Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.
FIRST-EPSS: 0.001190000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-50269
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-50269. Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.
FIRST-EPSS: 0.001190000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-24113
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-24113. Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
FIRST-EPSS: 0.001780000
NVD-IS: 2.5
NVD-ES: 2.8
CVE-2021-24113
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-24113. Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
FIRST-EPSS: 0.001780000
NVD-IS: 2.5
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2022-48116
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-48116. AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.
FIRST-EPSS: 0.001420000
NVD-IS: 5.9
NVD-ES: 1.2
CVE-2022-48116
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-48116. AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.
FIRST-EPSS: 0.001420000
NVD-IS: 5.9
NVD-ES: 1.2
#ExploitObserverAlert
CVE-2022-1386
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-1386. The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.
FIRST-EPSS: 0.349690000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2022-1386
DESCRIPTION: Exploit Observer has 9 entries related to CVE-2022-1386. The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.
FIRST-EPSS: 0.349690000
NVD-IS: 5.9
NVD-ES: 3.9