‼️CVE-2023-6094‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability has been identified in OnCell G3150ALTE Series firmware versions v1.3 and prior. The vulnerability results from a lack of protection for sensitive information during transmission. An attacker eavesdropping on the traffic between the web browser and server may obtain sensitive information. This type of attack could be executed to gather sensitive information or to facilitate a subsequent attack against the target. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-49777‼️
📖 Read more
Via "National Vulnerability Database"
Deserialization of Untrusted Data vulnerability in YITH YITH WooCommerce Product AddOns.This issue affects YITH WooCommerce Product AddOns from na through 4.3.0. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52180‼️
📖 Read more
Via "National Vulnerability Database"
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes.This issue affects Recipe Maker For Your Food Blog from Zip Recipes from na through 8.1.0. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7183‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability has been found in 7card Fakabao up to 1.0build20230805 and classified as critical. Affected by this vulnerability is an unknown functionality of the file shopalipaynotify.php. The manipulation of the argument outtradeno leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB249385 was assigned to this vulnerability. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7184‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in 7card Fakabao up to 1.0build20230805 and classified as critical. Affected by this issue is some unknown functionality of the file shopnotify.php. The manipulation of the argument outtradeno leads to sql injection. The exploit has been disclosed to the public and may be used. VDB249386 is the identifier assigned to this vulnerability. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7185‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in 7card Fakabao up to 1.0build20230805. It has been classified as critical. This affects an unknown part of the file shopwxpaynotify.php. The manipulation of the argument outtradeno leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB249387. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7186‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in 7card Fakabao up to 1.0build20230805. It has been declared as critical. This vulnerability affects unknown code of the file membernotify.php. The manipulation of the argument outtradeno leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB249388. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7187‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in Totolink N350RT 9.3.5u.6139B20201216. It has been rated as critical. This issue affects some unknown processing of the file cgibincstecgi.cgi?actionloginflagie8 of the component HTTP POST Request Handler. The manipulation leads to stackbased buffer overflow. The exploit has been disclosed to the public and may be used. The identifier VDB249389 was assigned to this vulnerability. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7188‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability classified as critical has been found in Shipping 100 Fahuo100 up to 1.1. Affected is an unknown function of the file memberlogin.php. The manipulation of the argument Mpwd leads to sql injection. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB249390 is the identifier assigned to this vulnerability. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7189‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability classified as critical was found in SCMS up to 2.0build2022052920231006. Affected by this vulnerability is an unknown functionality of the file sindex.php?actionstatistics. The manipulation of the argument lid leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB249391. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7190‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability, which was classified as critical, has been found in SCMS up to 2.0build2022052920231006. Affected by this issue is some unknown functionality of the file memberad.php?actionad. The manipulation of the argument AtextAurlAcontact leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB249392. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7191‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability, which was classified as critical, was found in SCMS up to 2.0build2022052920231006. This affects an unknown part of the file memberreg.php. The manipulation of the argument MloginMemail leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB249393 was assigned to this vulnerability. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52134‼️
📖 Read more
Via "National Vulnerability Database"
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress from na through 4.0.2. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52185‼️
📖 Read more
Via "National Vulnerability Database"
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup WordPress Cloud Backup, Migration, Restore Cloning Plugin.This issue affects Everest Backup WordPress Cloud Backup, Migration, Restore Cloning Plugin from na through 2.1.9. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7193‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in MTab Bookmark up to 1.2.6 and classified as critical. This issue affects some unknown processing of the file publicinstall.php of the component Installation. The manipulation leads to improper access controls. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB249395. NOTE The vendor was contacted early about this disclosure but did not respond in any way.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-51423‼️
📖 Read more
Via "National Vulnerability Database"
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saleswonder Team Webinar Plugin Create liveevergreenautomatedinstant webinars, stream Zoom Meetings WebinarIgnition.This issue affects Webinar Plugin Create liveevergreenautomatedinstant webinars, stream Zoom Meetings WebinarIgnition from na through 3.05.0. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-51469‼️
📖 Read more
Via "National Vulnerability Database"
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mestres do WP Checkout Mestres WP.This issue affects Checkout Mestres WP from na through 7.1.9.6. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-51503‼️
📖 Read more
Via "National Vulnerability Database"
Authorization Bypass Through UserControlled Key vulnerability in Automattic WooPayments Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments Fully Integrated Solution Built and Supported by Woo from na through 6.9.2. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-51547‼️
📖 Read more
Via "National Vulnerability Database"
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPManageNinja LLC Fluent Support WordPress Helpdesk and Customer Support Ticket Plugin.This issue affects Fluent Support WordPress Helpdesk and Customer Support Ticket Plugin from na through 1.7.6. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52131‼️
📖 Read more
Via "National Vulnerability Database"
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Zinc Page Generator.This issue affects Page Generator from na through 1.7.1. 📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52132‼️
📖 Read more
Via "National Vulnerability Database"
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Jewel Theme WP Adminify.This issue affects WP Adminify from na through 3.1.6. 📖 Read more
Via "National Vulnerability Database"