21 matches found
CVE-2026-28423
creationtimestamp| type| source ---|---|--- 2026-03-01 03:10:21+00:00| seen| https://gist.github.com/alon710/50bb89929f5a073708371f4c768a5227...
EUVD-2023-28423
Malicious code in bioql PyPI...
CVE-2023-28423
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Prism Tech Studios Modern Footnotes plugin = 1.4.15 versions...
Oracle Linux 8 : git-lfs (ELSA-2024-3346)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-3346 advisory. 3.4.1-2 - Rebuild with new Golang - Resolves: RHEL-32543, RHEL-28377, RHEL-28399, RHEL-28423 3.4.1-1 - Update to version 3.4.1 - Resolves: RHEL-17102...
ai-architecture-renderer (=0.1.1), airflow-diagrams (>=0.0.1 <=2.1.0rc1) +66 more potentially affected by CVE-2024-28423 via diagrams (>=0.20.0 <=0.6.5)
diagrams PYPI version =0.20.0, =0.0.1, =0.0.10, =0.1.0, =0.2.0, =1.0.0, =0.2.0, =0.8.111441, =1.0.8, =0.1.0, =2.0.503, =2.0.508 and more Source cves: CVE-2024-28423 Source advisory: OSV:PYSEC-2024-270...
CVE-2024-28423
Airflow-Diagrams v2.1.0 is affected by an arbitrary file upload vulnerability in the unsafe_load function (cli.py). The root cause is unsafe YAML loading, allowing an attacker to execute arbitrary code by uploading a crafted YAML file. Documents confirm the affected component and vulnerability pa...
CVE-2024-28423
Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...
CVE-2023-28423
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Prism Tech Studios Modern Footnotes plugin = 1.4.15 versions...
CVE-2023-28423
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Prism Tech Studios Modern Footnotes plugin = 1.4.15 versions...
CVE-2023-28423
CVE-2023-28423: Stored XSS in Prism Tech Studios Modern Footnotes WordPress plugin
WordPress Modern Footnotes Plugin <= 1.4.15 is vulnerable to Cross Site Scripting (XSS)
Software Modern Footnotes Type Plugin Vulnerable versions = 1.4.15 Fixed in 1.4.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28423 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 67046b66cdee Credits Rio Darmawan Require...
monorepo-publish (>=0.1.0 <=0.1.9) potentially affected by CVE-2020-28423 via monorepo-build (>=0.1.0 <=0.1.9)
monorepo-build NPM version =0.1.0, =0.1.0, =0.1.9 Source cves: CVE-2020-28423 Source advisory: OSV:GHSA-5VRC-7JFR-4642...
CVE-2020-28423
creationtimestamp| type| source ---|---|--- 2022-08-02 18:17:59+00:00| seen| https://t.me/cibsecurity/47414...
CVE-2020-28423
This affects all versions of package monorepo-build...
CVE-2020-28423 Command Injection
This affects all versions of package monorepo-build...
CVE-2020-28423
CVE-2020-28423 affects all versions of the npm package monorepo-build. The connected sources describe a command-injection vulnerability in the package (notably in the publish function) with PoC examples showing how arguments can inject and execute arbitrary commands. Exploitation details are prov...
CVE-2022-28423
creationtimestamp| type| source ---|---|--- 2022-04-22 00:27:25+00:00| seen| https://t.me/cibsecurity/41279...
CVE-2022-28423
CVE-2022-28423: Baby Care System v1.0 is affected by an SQL injection in the admin interface, with vectors reported as /admin/posts.php&action=delete (and variant /admin.php?id=posts in CNVD/CNNVD). Affected component is the web admin logic; root cause is unsafely handled input in the post-deleti...
CVE-2021-28423
creationtimestamp| type| source ---|---|--- 2021-07-01 18:32:20+00:00| seen| https://t.me/cibsecurity/25864...
CVE-2021-28423
CVE-2021-28423 affects Teachers Record Management System 1.0 through 2.1, with SQL injection via editid (in edit-subjects-detail.php, edit-teacher-detail.php) and searchdata (in search.php). The root cause is improper handling of user-supplied input leading to arbitrary SQL execution by remote au...