CVE-2026-7203

creationtimestamp| type| source ---|---|--- 2026-04-28 01:43:53+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkjhikjy4z2f 2026-04-28 02:02:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkjijmcfkd2f 2026-04-28 03:30:34+00:00| seen|...

MAL-2025-7203 Malicious code in @crabas0npm/commodi-nisi-doloremque (npm)

The package @crabas0npm/commodi-nisi-doloremque was found to contain malicious code...

CVE-2023-41904

Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass for AuthToken generation in REST APIs...

CVE-2020-7203

A potential security vulnerability has been identified in HPE iLO Amplifier Pack server version 1.70. The vulnerability could be exploited to allow remote code execution...

CVE-2024-7203

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an authenticated attacker with administrator privileges to execute some operating system OS commands on a...

CVE-2024-24409

Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option...

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers

Zyxel has released software updates to address a critical security flaw impacting certain access point AP and security router versions that could result in the execution of unauthorized commands. Tracked as CVE-2024-7261 CVSS score: 9.8, the vulnerability has been described as a case of operating...

CVE-2024-7203

creationtimestamp| type| source ---|---|--- 2024-09-03 04:55:50+00:00| seen| https://t.me/cvedetector/4666 2024-09-04 12:00:00+00:00| seen| https://t.me/truesecator/6165 2024-09-05 08:37:49+00:00| seen| https://vulnerability.circl.lu/bundle/c854b418-a4e1-4135-958a-a523843c27f0...

PT-2024-20388 · Zoho · Zoho Manageengine Admanager Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADManager Plus versions 7203 and prior Description: The issue is related to a Privilege Escalation vulnerability in the Modify Computers option. This vulnerability allows for improper privilege management, which can lead...

CVE-2023-7203

creationtimestamp| type| source ---|---|--- 2024-02-27 10:26:14+00:00| seen| https://t.me/ctinow/194188...

CVE-2023-7203 Smart Forms < 2.6.87 - Subscriber+ Arbitrary Entry Deletion

The Smart Forms WordPress plugin before 2.6.87 does not have authorisation in various AJAX actions, which could allow users with a role as low as subscriber to call them and perform unauthorised actions such as deleting entries. The plugin also lacks CSRF checks in some places which could allow...

CVE-2023-7203

The Smart Forms WordPress plugin (versions prior to 2.6.87) suffers Broken Access Control via insufficient authorization on AJAX actions and missing CSRF checks, allowing a low-privilege role (subscriber) to trigger administrative actions such as deleting entries. Exploitation details appear in p...

WordPress Smart Forms Plugin < 2.6.87 is vulnerable to Broken Access Control

Software Smart Forms Type Plugin Vulnerable versions 2.6.87 Fixed in 2.6.87 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-7203 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 959e4abbd849 Credits Mohammad Reza Omrani Require...

Malicious code in wlwz-2312-7203 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eca988c947076e48f83a1f7313ba1e0977b7f91607c90e60189351028c247e9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-821 Malicious code in wlwz-2312-7203 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eca988c947076e48f83a1f7313ba1e0977b7f91607c90e60189351028c247e9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-41904

Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass for AuthToken generation in REST APIs...

CVE-2023-41904

Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass for AuthToken generation in REST APIs...

CVE-2023-41904

Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass for AuthToken generation in REST APIs...

ManageEngine ADManager Plus < Build 7203 File Disclosure

Zoho ManageEngine ADManager Plus before version 7.2 Build 7203 is affected by a file disclosure vulnerability that allows admin users to download any file from the server machine via directory traversal. Note that Nessus has not tested for this issue but has instead relied only on the application...