‼ CVE-2023-5926 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, was found in Campcodes Simple Student Information System 1.0. Affected is an unknown function of the file /admin/students/update_status.php. The manipulation of the argument student_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-244326 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5928 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Campcodes Simple Student Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/departments/manage_department.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244328.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5930 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Campcodes Simple Student Information System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/students/manage_academic.php. The manipulation of the argument student_id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-244330 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5927 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been found in Campcodes Simple Student Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/courses/manage_course.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-244327.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5929 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Campcodes Simple Student Information System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/students/manage_academic.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-244329 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-46176 ‼
📖 Read
via "National Vulnerability Database".
IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. IBM X-Force ID: 269535.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31102 ‼
📖 Read
via "National Vulnerability Database".
7-Zip through 22.01 on Linux allows an integer underflow and code execution via a crafted 7Z archive.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28407 ‼
📖 Read
via "National Vulnerability Database".
In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36029 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Spoofing Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-34261 ‼
📖 Read
via "National Vulnerability Database".
Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-42029 ‼
📖 Read
via "National Vulnerability Database".
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266059.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36034 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36620 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is used to authenticate requests to the API.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-35896 ‼
📖 Read
via "National Vulnerability Database".
IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 259247.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-42027 ‼
📖 Read
via "National Vulnerability Database".
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 266057.📖 Read
via "National Vulnerability Database".
‼ CVE-2017-7252 ‼
📖 Read
via "National Vulnerability Database".
bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-46954 ‼
📖 Read
via "National Vulnerability Database".
SQL Injection vulnerability in Relativity ODA LLC RelativityOne v.12.1.537.3 Patch 2 and earlier allows a remote attacker to execute arbitrary code via the name parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36022 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-43018 ‼
📖 Read
via "National Vulnerability Database".
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 266163.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36621 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in the Boomerang Parental Control application through 13.83 for Android. The child can use Safe Mode to remove all restrictions temporarily or uninstall the application without the parents noticing.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-34260 ‼
📖 Read
via "National Vulnerability Database".
Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow a denial of service (service outage) via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory.📖 Read
via "National Vulnerability Database".