682 matches found
NewStart CGSL MAIN 6.06 : python-cryptography Multiple Vulnerabilities (NS-SA-2023-0140)
The remote NewStart CGSL host, running version MAIN 6.06, has python-cryptography packages installed that are affected by multiple vulnerabilities: - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations...
CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component...
CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component...
Rocky Linux 8 : python27:2.7 (RLSA-2022:1821)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1821 advisory. - There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such as web browser...
Exploit for Cross-site Scripting in Wondercms
CVE-2023-41425 Description Cross Site Scripting vulnerabil...
CVE-2023-46981
SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /common/log/list...
CVE-2023-46981
SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /common/log/list...
Sql injection
SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /common/log/list...
CVE-2023-46981
SQL injection vulnerability in Novel-Plus v.4.2.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /common/log/list...
CVE-2023-46980
An issue in Best Courier Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the userID parameter...
Design/Logic Flaw
An issue in Best Courier Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the userID parameter...
CVE-2023-46980
An issue in Best Courier Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the userID parameter...
CVE-2023-46980
An issue in Best Courier Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the userID parameter...
Best Courier Management System Security Vulnerability
Best Courier Management System is a courier management system by Mayuri K. Individual developer. A security vulnerability exists in Best Courier Management System version v.1.0 that could allow a remote attacker to execute arbitrary code and prompt for privileges via the userID parameter using a...
CVE-2023-46958
An issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file...
CVE-2023-46958
An issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file...
CVE-2023-46958
An issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file...
Design/Logic Flaw
An issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file...
lmxcms Security Vulnerabilities
lmxcms dream cms is a website builder from China Dream Cms lmxcms company. A security vulnerability exists in lmxcms version v.1.41, which originated from a vulnerability that allows remote attackers to execute arbitrary code via a carefully crafted script...
CVE-2023-46958
An issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file...