Lucene search
K

2125 matches found

Packet Storm
Packet Storm
added 2023/07/13 12:0 a.m.313 views

Bigware-Shop CMS 2.1 Insecure Direct Object Reference

==================================================================================================================================== | Title : Bigware-Shop CMS v2.1 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | |...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/07/13 12:0 a.m.5 views

The vulnerability of the 1Panel Linux server’s control panel, related to the failure to eliminate special elements used in the operating system commands, allows a hacker to execute arbitrary commands.

The vulnerability of the 1Panel Linux server control panel is related to the lack of measures taken to neutralize special elements used in the operating system’s command line. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS8AI score0.01989EPSS
Exploits1References5Affected Software1
Kaspersky
Kaspersky
added 2023/07/11 12:0 a.m.49 views

KLA50771 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability...

8.8CVSS8.7AI score0.01976EPSS
Exploits0References10
Kaspersky
Kaspersky
added 2023/07/11 12:0 a.m.19 views

KLA50772 PE vulnerability in Microsoft System Center

An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2023-33156 Related products Windows-Defender CVE list CVE-2023-33156 high KB list Solution Install necessary updates from the KB...

7CVSS7.8AI score0.00268EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/06/19 3:21 p.m.39 views

New Mystic Stealer Malware Targets 40 Web Browsers and 70 Browser Extensions

A new information-stealing malware called Mystic Stealer has been found to steal data from about 40 different web browsers and over 70 web browser extensions. First advertised on April 25, 2023, for $150 per month, the malware also targets cryptocurrency wallets, Steam, and Telegram, and employs...

7.6AI score
Exploits0
OSV
OSV
added 2023/06/15 7:15 p.m.2 views

CVE-2023-21126

In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/15 7:15 p.m.2 views

CVE-2023-21126

In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.3AI score0.00086EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.6 views

PT-2023-17917 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible launch of arbitrary activity under SysUI due to an Unsafe Intent in the bindOutputSwitcherAndBroadcastButton function of MediaControlPanel.java. This could lead to...

7.8CVSS7AI score0.00086EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/06/15 12:0 a.m.4 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to an Unsafe Intent in the bindPlayer of MediaControlPanel.java. An attacker can exploit this vulnerability to elevate privileges...

7.8CVSS7AI score0.00083EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/15 12:0 a.m.8 views

CVE-2023-21126

In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

6.8AI score0.00086EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.5 views

PT-2023-17931 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible launch of arbitrary activity in SysUI due to an Unsafe Intent in the bindPlayer function of MediaControlPanel.java. This could lead to local escalation of privilege...

7.8CVSS7.2AI score0.00083EPSS
Exploits0References5
OSV
OSV
added 2023/05/30 8:15 p.m.3 views

CVE-2022-36244

Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting XSS vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za...

5.4CVSS5.7AI score0.00334EPSS
Exploits0References1
NVD
NVD
added 2023/05/30 8:15 p.m.18 views

CVE-2022-36244

Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting XSS vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za...

5.4CVSS5.4AI score0.00334EPSS
Exploits0References1
Prion
Prion
added 2023/05/30 8:15 p.m.15 views

Cross site scripting

Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting XSS vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za...

4.9CVSS5.4AI score0.00334EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/05/30 8:15 p.m.16 views

Code injection

Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za...

6.4CVSS9.1AI score0.0053EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/30 12:0 a.m.13 views

CVE-2022-36247 Shop Beat Services Vulnerable To IDOR

Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za...

9.4AI score0.0053EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/30 12:0 a.m.4 views

Shop Beat Media Player 跨站脚本漏洞

Shop Beat is a media player from Shop Beat, Inc. A security vulnerability exists in Shop Beat Media Player versions 2.5.95 through 3.2.57 that stems from multiple cross-site scripting vulnerabilities in the Shop Beat control panel...

5.4CVSS5.4AI score0.00334EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.4 views

PT-2023-13463 · Unknown · Shop Beat Media Player

Name of the Vulnerable Software and Affected Versions: Shop Beat Media Player versions 2.5.95 through 3.2.57 Description: The issue concerns Multiple Stored Cross-Site Scripting XSS vulnerabilities. These vulnerabilities can be exploited via the Shop Beat Control Panel, which is accessible at...

5.4CVSS6.1AI score0.00334EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/30 12:0 a.m.9 views

CVE-2022-36244 Multiple Stored Cross-Site Scripting Vulnerabilities on Shop Beat Services

Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting XSS vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za...

5.5AI score0.00334EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/05/29 10:29 a.m.8 views

CVE-2022-36244

Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting XSS vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za...

5.4CVSS6AI score0.00334EPSS
Exploits0References2
Rows per page
Query Builder