‼️CVE-2023-52286‼️
📖 Read more
Via "National Vulnerability Database"
Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database credentials via an index.phpapiinstallgetdbinfo request, a related issue to CVE202342387.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7130‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability has been found in codeprojects College Notes Gallery 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument user leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB249133 was assigned to this vulnerability.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-39157‼️
📖 Read more
Via "National Vulnerability Database"
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor from na through 2.6.10. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52181‼️
📖 Read more
Via "National Vulnerability Database"
Deserialization of Untrusted Data vulnerability in Presslabs Theme per user.This issue affects Theme per user from na through 1.0.1. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52182‼️
📖 Read more
Via "National Vulnerability Database"
Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz WordPress Quizzes Builder.This issue affects ARI Stream Quiz WordPress Quizzes Builder from na through 1.3.0. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-6093‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability has been identified in OnCell G3150ALTE Series firmware versions v1.3 and prior. The vulnerability result from incorrectly restricts frame objects, which lead to user confusion about which interface the user is interacting with. This vulnerability may lead attacker to trick user into interacting with the application. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-6094‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability has been identified in OnCell G3150ALTE Series firmware versions v1.3 and prior. The vulnerability results from a lack of protection for sensitive information during transmission. An attacker eavesdropping on the traffic between the web browser and server may obtain sensitive information. This type of attack could be executed to gather sensitive information or to facilitate a subsequent attack against the target. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-49777‼️
📖 Read more
Via "National Vulnerability Database"
Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product AddOns.This issue affects YITH WooCommerce Product AddOns from na through 4.3.0. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52180‼️
📖 Read more
Via "National Vulnerability Database"
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes.This issue affects Recipe Maker For Your Food Blog from Zip Recipes from na through 8.1.0. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7183‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability has been found in 7card Fakabao up to 1.0build20230805 and classified as critical. Affected by this vulnerability is an unknown functionality of the file shopalipaynotify.php. The manipulation of the argument outtradeno leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB249385 was assigned to this vulnerability. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7184‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in 7card Fakabao up to 1.0build20230805 and classified as critical. Affected by this issue is some unknown functionality of the file shopnotify.php. The manipulation of the argument outtradeno leads to sql injection. The exploit has been disclosed to the public and may be used. VDB249386 is the identifier assigned to this vulnerability. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7185‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in 7card Fakabao up to 1.0build20230805. It has been classified as critical. This affects an unknown part of the file shopwxpaynotify.php. The manipulation of the argument outtradeno leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB249387. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7186‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in 7card Fakabao up to 1.0build20230805. It has been declared as critical. This vulnerability affects unknown code of the file membernotify.php. The manipulation of the argument outtradeno leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB249388. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7187‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in Totolink N350RT 9.3.5u.6139B20201216. It has been rated as critical. This issue affects some unknown processing of the file cgibincstecgi.cgi?actionloginflagie8 of the component HTTP POST Request Handler. The manipulation leads to stackbased buffer overflow. The exploit has been disclosed to the public and may be used. The identifier VDB249389 was assigned to this vulnerability. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7188‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability classified as critical has been found in Shipping 100 Fahuo100 up to 1.1. Affected is an unknown function of the file memberlogin.php. The manipulation of the argument Mpwd leads to sql injection. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB249390 is the identifier assigned to this vulnerability. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7189‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability classified as critical was found in SCMS up to 2.0build2022052920231006. Affected by this vulnerability is an unknown functionality of the file sindex.php?actionstatistics. The manipulation of the argument lid leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB249391. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7190‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability, which was classified as critical, has been found in SCMS up to 2.0build2022052920231006. Affected by this issue is some unknown functionality of the file memberad.php?actionad. The manipulation of the argument AtextAurlAcontact leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB249392. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7191‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability, which was classified as critical, was found in SCMS up to 2.0build2022052920231006. This affects an unknown part of the file memberreg.php. The manipulation of the argument MloginMemail leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB249393 was assigned to this vulnerability. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52134‼️
📖 Read more
Via "National Vulnerability Database"
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress from na through 4.0.2. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52185‼️
📖 Read more
Via "National Vulnerability Database"
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup WordPress Cloud Backup, Migration, Restore Cloning Plugin.This issue affects Everest Backup WordPress Cloud Backup, Migration, Restore Cloning Plugin from na through 2.1.9. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7193‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in MTab Bookmark up to 1.2.6 and classified as critical. This issue affects some unknown processing of the file publicinstall.php of the component Installation. The manipulation leads to improper access controls. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB249395. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"