EUVD-2026-3023

EUVD-2026-3023...

CVE-2019-3023

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Stylesheet. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2025-3023

creationtimestamp| type| source ---|---|--- 2025-04-09 22:48:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11182 2025-04-10 03:33:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmgkzimysm2c...

CVE-2024-3023

The AnnounceKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

CVE-2024-3023 AnnounceKit <= 2.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting

The AnnounceKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

CVE-2024-3023

CVE-2024-3023 – The AnnounceKit plugin for WordPress is vulnerable to a Stored Cross-Site Scripting (XSS) in admin settings, affecting all versions up to 2.0.9. The issue arises from insufficient input sanitization and output escaping, allowing an authenticated attacker with at least administrato...

CVE-2019-3023

creationtimestamp| type| source ---|---|--- 2024-01-15 10:36:34+00:00| seen| https://t.me/ctinow/168266...

CVE-2023-3023

creationtimestamp| type| source ---|---|--- 2023-07-12 12:48:33+00:00| seen| https://t.me/cibsecurity/66508...

CVE-2023-3023 WP EasyCart <= 5.4.10 - Authenticated (Administrator+) SQL Injection via 'orderby'

The WP EasyCart plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in versions up to, and including, 5.4.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2023-3023

CVE-2023-3023 concerns the WP EasyCart WordPress plugin. The vulnerability is a time-based SQL Injection via the vulnerable parameter “orderby” in versions up to and including 5.4.10, caused by insufficient escaping of user input and lack of proper SQL query preparation. This can allow an authent...

WordPress WP EasyCart Plugin <= 5.4.10 is vulnerable to SQL Injection

Software WP EasyCart Type Plugin Vulnerable versions = 5.4.10 Fixed in 5.4.11 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-3023 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 7fe998afdaf8 Credits Alex Thomas Required privilege Administrator Publish...

CVE-2022-3023

creationtimestamp| type| source ---|---|--- 2022-11-04 15:28:00+00:00| seen| https://t.me/cibsecurity/52557 2025-05-02 14:15:52+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14486...

CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

CVE-2022-3023

The CVE-2022-3023 entry relates to a vulnerability in the PingCAP TiDB server where an externally controlled format string is used, affecting TiDB and specifically versions prior to 6.4.0 and prior to 6.1.3. The issue is described as a format-string vulnerability that can lead to unintended behav...

CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

SUSE: Security Advisory (SUSE-SU-2020:3023-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

moigirlseldoret.ac.ke Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1053482 Security Researcher devl00p Helped patch 3023 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting moigirlseldoret.ac.ke...

CVE-2019-3023

CVE-2019-3023 affects Oracle PeopleSoft Enterprise PeopleTools (Stylesheet) versions 8.56 and 8.57. The vulnerability is exploitable over HTTP by an unauthenticated attacker on the network and requires user interaction from a recipient, with the potential to cause unauthorized updates, inserts or...

CVE-2018-3023

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications subcomponent: Payments Core. Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via...