CVE-2026-1733

A vulnerability was identified in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/storeintegral/order/detail/:uni. The manipulation of the argument orderid leads to improper authorization. The attack can be initiated remotely. The exploit is publicly...

CVE-2026-1733

CVE-2026-1733 affects Zhong Bang CRMEB up to v5.6.3, where in the detail/tidyOrder path (/api/store_integral/order/detail/:uni) an order_id parameter can be manipulated to bypass authorization. The issue is exploitable remotely and a public exploit exists. Red Hat and CVE listings confirm the sam...

EUVD-2026-1733

The NEX-Forms WordPress plugin before 9.1.8 does not sanitise and escape some of its settings. The NEX-Forms WordPress plugin before 9.1.8 can be configured in such a way that could allow subscribers to perform Stored Cross-Site Scripting...

EUVD-2020-0020

Malware in sbrugna...

CVE-2023-1733

A denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.4 and 15.10 to 15.10.1...

CVE-2013-2335

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733...

CVE-2013-1733

Cross-site request forgery CSRF vulnerability in processbug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token...

Linux Distros Unpatched Vulnerability : CVE-2022-1733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. CVE-2022-1733 Note that Nessus relies on the presence of the package as reported by t...

CVE-2024-1733

creationtimestamp| type| source ---|---|--- 2024-03-16 07:21:50+00:00| seen| https://t.me/ctinow/209376 2024-03-16 07:26:51+00:00| seen| https://t.me/ctinow/209383...

CVE-2024-1733

CVE-2024-1733 exists in Word Replacer Pro for WordPress (all versions up to 1.0). A missing capability check in word_replacer_ultra() permits unauthenticated attackers to modify arbitrary content on the site. Public details from Red Hat and Wordfence corroborate unauthorized content modification ...

CVE-2024-1733 Word Replacer Pro <= 1.0 - Missing Authorization to Unauthenticated Arbitrary Content Update

The Word Replacer Pro plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wordreplacerultra function in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to update arbitrary content on the...

VulnCheck KEV: CVE-2021-1733

Sysinternals PsExec Elevation of Privilege Vulnerability...

GitLab < 15.8.5 (SECURITY-RELEASE-GITLAB-15-10-1-RELEASED)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : Ansible vulnerabilities (USN-5315-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5315-1 advisory. It was discovered that Ansible did not properly manage directory permissions when running playbooks with an...

Cisco NX-OS Software NX-API Sandbox Cross-site Scripting (CVE-2019-1733)

A vulnerability in the NX API NX-API Sandbox interface for Cisco NX- OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of...

EulerOS Virtualization 3.0.2.0 : vim (EulerOS-SA-2023-1736)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read in vim/vim prior to 8.2. CVE-2022-0319 - Use After Free in GitHub repository vim/vim prior to 8.2. CVE-2022-0413,...

USN-5995-1: Vim vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to cras...

Amazon Linux AMI : jasper (ALAS-2023-1733)

The version of jasper installed on the remote host is prior to 1.900.1-21.12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1733 advisory. A flaw was found in the Jasper tool's jpc encoder. This flaw allows an attacker to craft input provided to Jasper,...

CVE-2023-1733

creationtimestamp| type| source ---|---|--- 2023-04-06 00:26:36+00:00| seen| https://t.me/cibsecurity/61509...

CVE-2023-1733

Removed by vendor...