#ExploitObserverAlert
CVE-2023-51067
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51067. An unauthenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 allows attackers to execute arbitrary javascript on a victim's browser via a crafted link.
CVE-2023-51067
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51067. An unauthenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 allows attackers to execute arbitrary javascript on a victim's browser via a crafted link.
#ExploitObserverAlert
CVE-2024-21654
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-21654. Rubygems.org is the Ruby community's gem hosting service. Rubygems.org users with MFA enabled would normally be protected from account takeover in the case of email account takeover. However, a workaround on the forgotten password form allows an attacker to bypass the MFA requirement and takeover the account. This vulnerability has been patched in commit 0b3272a.
CVE-2024-21654
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-21654. Rubygems.org is the Ruby community's gem hosting service. Rubygems.org users with MFA enabled would normally be protected from account takeover in the case of email account takeover. However, a workaround on the forgotten password form allows an attacker to bypass the MFA requirement and takeover the account. This vulnerability has been patched in commit 0b3272a.
#ExploitObserverAlert
CVE-2023-31714
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2023-31714. Chitor-CMS before v1.1.2 was discovered to contain multiple SQL injection vulnerabilities.
FIRST-EPSS: 0.005350000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-31714
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2023-31714. Chitor-CMS before v1.1.2 was discovered to contain multiple SQL injection vulnerabilities.
FIRST-EPSS: 0.005350000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-26876
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2020-26876. The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step (for course videos and materials) by using the /wp-json REST API, as exploited in the wild in September 2020. This occurs because show_in_rest is enabled for custom post types (e.g., /wp-json/wp/v2/course and /wp-json/wp/v2/lesson exist).
FIRST-EPSS: 0.019880000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-26876
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2020-26876. The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended payment step (for course videos and materials) by using the /wp-json REST API, as exploited in the wild in September 2020. This occurs because show_in_rest is enabled for custom post types (e.g., /wp-json/wp/v2/course and /wp-json/wp/v2/lesson exist).
FIRST-EPSS: 0.019880000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-14408
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2020-14408. An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector.
FIRST-EPSS: 0.001130000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2020-14408
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2020-14408. An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector.
FIRST-EPSS: 0.001130000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2023-51790
DESCRIPTION: Exploit Observer has 2 entries in 1 file formats related to CVE-2023-51790. Cross Site Scripting vulnerability in piwigo v.14.0.0 allows a remote attacker to obtain sensitive information via the lang parameter in the Admin Tools plug-in component.
CVE-2023-51790
DESCRIPTION: Exploit Observer has 2 entries in 1 file formats related to CVE-2023-51790. Cross Site Scripting vulnerability in piwigo v.14.0.0 allows a remote attacker to obtain sensitive information via the lang parameter in the Admin Tools plug-in component.
#ExploitObserverAlert
CVE-2019-13462
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2019-13462. Lansweeper before 7.1.117.4 allows unauthenticated SQL injection.
FIRST-EPSS: 0.475050000
NVD-IS: 5.2
NVD-ES: 3.9
CVE-2019-13462
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2019-13462. Lansweeper before 7.1.117.4 allows unauthenticated SQL injection.
FIRST-EPSS: 0.475050000
NVD-IS: 5.2
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-51063
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51063. QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discovered to contain a DOM Based Reflected Cross Site Scripting (XSS) vulnerability within the component qnme-ajax?method=tree_level.
CVE-2023-51063
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51063. QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discovered to contain a DOM Based Reflected Cross Site Scripting (XSS) vulnerability within the component qnme-ajax?method=tree_level.
#ExploitObserverAlert
GHSA-g273-wppx-82w4
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-G273-WPPX-82W4. An authenticated and unauthorized user can access the GDPR data extraction feature and query over the information returned, leading to customer data exposure.
GHSS: 6.5
GHSA-g273-wppx-82w4
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-G273-WPPX-82W4. An authenticated and unauthorized user can access the GDPR data extraction feature and query over the information returned, leading to customer data exposure.
GHSS: 6.5
#ExploitObserverAlert
CVE-2021-30497
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to CVE-2021-30497. Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can obtain sensitive information via the C:/Windows/system32/config/system.sav value.
FIRST-EPSS: 0.963550000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-30497
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to CVE-2021-30497. Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath parameter processed by the /AvalancheWeb/image endpoint is not verified to be within the scope of the image folder, e.g., the attacker can obtain sensitive information via the C:/Windows/system32/config/system.sav value.
FIRST-EPSS: 0.963550000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-38180
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2023-38180. .NET and Visual Studio Denial of Service Vulnerability
FIRST-EPSS: 0.010490000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2023-38180
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2023-38180. .NET and Visual Studio Denial of Service Vulnerability
FIRST-EPSS: 0.010490000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-36883
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to CVE-2022-36883. A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
FIRST-EPSS: 0.013280000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-36883
DESCRIPTION: Exploit Observer has 5 entries in 3 file formats related to CVE-2022-36883. A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
FIRST-EPSS: 0.013280000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2019-3912
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2019-3912. An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary web sites.
FIRST-EPSS: 0.001600000
NVD-IS: 2.7
NVD-ES: 2.8
CVE-2019-3912
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2019-3912. An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary web sites.
FIRST-EPSS: 0.001600000
NVD-IS: 2.7
NVD-ES: 2.8
#ExploitObserverAlert
CVE-2021-33807
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2021-33807. Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.
FIRST-EPSS: 0.023310000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2021-33807
DESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2021-33807. Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.
FIRST-EPSS: 0.023310000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2003-0681
DESCRIPTION: Exploit Observer has 41 entries in 3 file formats related to CVE-2003-0681. A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
FIRST-EPSS: 0.008310000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2003-0681
DESCRIPTION: Exploit Observer has 41 entries in 3 file formats related to CVE-2003-0681. A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
FIRST-EPSS: 0.008310000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2023-46219
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2023-46219. When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.
FIRST-EPSS: 0.000520000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-46219
DESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2023-46219. When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.
FIRST-EPSS: 0.000520000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-42916
DESCRIPTION: Exploit Observer has 22 entries in 2 file formats related to CVE-2022-42916. In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion, e.g., using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26.
FIRST-EPSS: 0.001100000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2022-42916
DESCRIPTION: Exploit Observer has 22 entries in 2 file formats related to CVE-2022-42916. In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion, e.g., using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26.
FIRST-EPSS: 0.001100000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2021-37538
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2021-37538. Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the id_category parameter to the controllers/front/category.php category controller.
FIRST-EPSS: 0.028190000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2021-37538
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2021-37538. Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the id_category parameter to the controllers/front/category.php category controller.
FIRST-EPSS: 0.028190000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2020-35338
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2020-35338. The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server 20.2.8 and earlier has a default account with a password of "pokon."
FIRST-EPSS: 0.256160000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2020-35338
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2020-35338. The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server 20.2.8 and earlier has a default account with a password of "pokon."
FIRST-EPSS: 0.256160000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-51804
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51804. An issue in rymcu forest v.0.02 allows a remote attacker to obtain sensitive information via manipulation of the HTTP body URL in the com.rymcu.forest.web.api.common.UploadController file.
CVE-2023-51804
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51804. An issue in rymcu forest v.0.02 allows a remote attacker to obtain sensitive information via manipulation of the HTTP body URL in the com.rymcu.forest.web.api.common.UploadController file.
#ExploitObserverAlert
CVE-2023-51070
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51070. An access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to arbitrarily adjust sensitive SMB settings on the QStar Server.
CVE-2023-51070
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51070. An access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to arbitrarily adjust sensitive SMB settings on the QStar Server.