🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-52173‼️

XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe0x3ADBD0.

📖 Read more

Via "National Vulnerability Database"

167 views00:34

‼️CVE-2023-52174‼️

XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe0x3125D6.

📖 Read more

Via "National Vulnerability Database"

163 views00:34

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-6939‼️

 Some Honor products are affected by type confusion vulnerability, successful exploitation could cause denial of service.

159 views00:34

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-7149‼️

A vulnerability was found in codeprojects QR Code Generator 1.0. It has been classified as problematic. This affects an unknown part of the file download.php?fileauthor.png. The manipulation of the argument file with the input " leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB249153 was assigned to this vulnerability.

150 views00:34

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-7150‼️

A vulnerability classified as critical was found in Campcodes Chic Beauty Salon 20230703. Affected by this vulnerability is an unknown functionality of the file productlist.php of the component Product Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB249157 was assigned to this vulnerability.

151 views00:34

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-31299‼️

Cross Site Scripting XSS vulnerability in Sesami Cash Point  Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code via the Barcode field of a container.

143 views00:34

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-7152‼️

A vulnerability, which was classified as critical, has been found in MicroPython 1.21.01.22.0preview. Affected by this issue is the function pollsetaddfd of the file extmodmodselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The patch is identified as 8b24aa36ba978eafc6114b6798b47b7bfecdca26. It is recommended to apply a patch to fix this issue. VDB249158 is the identifier assigned to this vulnerability.

142 views00:34

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-7155‼️

A vulnerability, which was classified as critical, was found in SourceCodester Free and Open Source Inventory Management System 1.0. This affects an unknown part of the file ampleappactioneditproduct.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB249177 was assigned to this vulnerability.

136 views00:34

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-31295‼️

CSV Injection vulnerability in Sesami Cash Point  Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the User Profile field.

137 views00:34

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-31300‼️

An issue was discovered in Sesami Cash Point  Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature.

138 views00:34

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-31302‼️

Cross Site Scripting XSS vulnerability in Sesami Cash Point  Transport Optimizer CPTO 6.3.8.6 718, allows remote attackers to execute arbitrary code via the Teller field.

135 views00:34

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-7156‼️

A vulnerability has been found in Campcodes Online College Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file index.php of the component Search. The manipulation of the argument category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB249178 is the identifier assigned to this vulnerability.

139 views00:35

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-7157‼️

A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file appajaxsellreturndata.php. The manipulation of the argument columns0data leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB249179.

129 views00:35

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-23634‼️

SQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the apidashboardactivity endpoint.

125 views00:35

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-7158‼️

A vulnerability was found in MicroPython up to 1.21.0. It has been classified as critical. Affected is the function sliceindices of the file objslice.c. The manipulation leads to heapbased buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.22.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB249180.

133 views00:35

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-7159‼️

A vulnerability was found in gopeak MasterLab up to 3.3.10. It has been declared as critical. Affected by this vulnerability is the function addupdate of the file appctrladminUser.php. The manipulation of the argument avatar leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB249181 was assigned to this vulnerability.

124 views00:35

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-7160‼️

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add Engineer Handler. The manipulation of the argument first namelast name with the input alert0 leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB249182 is the identifier assigned to this vulnerability.

118 views00:35

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-7161‼️

A vulnerability classified as critical has been found in Netentsec NSASG Application Security Gateway 6.3.1. This affects an unknown part of the file index.php?paraindex of the component Login. The manipulation of the argument checkVirtualSiteId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB249183.

122 views00:35

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-22676‼️

Missing Authorization vulnerability in Anders Thorborg.This issue affects Anders Thorborg from na through 1.4.12.

📖 Read more

Via "National Vulnerability Database"

117 views00:35

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-22677‼️

Improper Control of Generation of Code 'Code Injection' vulnerability in BinaryStash WP Booklet.This issue affects WP Booklet from na through 2.1.8.

124 views00:35

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-25054‼️

Improper Control of Generation of Code 'Code Injection' vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker from na through 10.6.6.

131 views00:35

About

Blog

Apps

Platform