โผ CVE-2023-42474 โผ
๐ Read
via "National Vulnerability Database".
SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-44826 โผ
๐ Read
via "National Vulnerability Database".
Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows a local attacker to obtain sensitive information via a crafted script.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-18336 โผ
๐ Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability found in Typora v.0.9.65 allows a remote attacker to obtain sensitive information via the PDF file exporting function.๐ Read
via "National Vulnerability Database".
๐1
โผ CVE-2023-42477 โผ
๐ Read
via "National Vulnerability Database".
SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50,ร allows an attacker to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-42475 โผ
๐ Read
via "National Vulnerability Database".
The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-44848 โผ
๐ Read
via "National Vulnerability Database".
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_template.php component.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-41850 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Morris Bryant, Ruben Sargsyan Outbound Link Manager plugin <=ร 1.2 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-44259 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Mediavine Mediavine Control Panel plugin <=ร 2.10.2 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-41854 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Ltd. WpCentral plugin <=ร 1.5.7 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-41853 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in WP iCal Availability plugin <=ร 1.0.3 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-41858 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <=ร 1.2 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-41851 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Dotsquares WP Custom Post Template <=ร 1.0 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-44257 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Hometory Mang Board WP plugin <=ร 1.7.6 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-41852 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailMunch รขโฌโ Grow your Email List plugin <=ร 3.1.2 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-45208 โผ
๐ Read
via "National Vulnerability Database".
A command injection in the parsing_xml_stasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 through 1.01b05-01 allows attackers (within range of the repeater) to run shell commands as root during the setup process of the repeater, via a crafted SSID. Also, network names containing single quotes (in the range of the repeater) can result in a denial of service.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-41694 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Realbig Team Realbig For WordPress plugin <=ร 1.0.3 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-5468 โผ
๐ Read
via "National Vulnerability Database".
The Slick Contact Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dcscf-link' shortcode in versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-5467 โผ
๐ Read
via "National Vulnerability Database".
The GEO my WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.๐ Read
via "National Vulnerability Database".
๐1
โผ CVE-2023-41730 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in SendPress Newsletters plugin <=ร 1.22.3.31 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-41876 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Hardik Kalathiya WP Gallery Metabox plugin <=ร 1.0.0 versions.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-41697 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Nikunj Soni Easy WP Cleaner plugin <=ร 1.9 versions.๐ Read
via "National Vulnerability Database".