PT-2023-32703 · Byzoro +1 · Byzoro S210 +1

Name of the Vulnerable Software and Affected Versions: Byzoro S210 up to 20231123 Beijing Baichuo S210 up to 20231123 Description: A critical vulnerability affects the HTTP POST Request Handler component, specifically the file /Tool/uploadfile.php. The manipulation of the file upload argument lea...

CVE-2023-6466

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. This vulnerability affects unknown code of the file /planet of the component User Comment Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

PT-2023-30665 · Unknown · Restaurant Table Booking System

Name of the Vulnerable Software and Affected Versions: Restaurant Table Booking System version 1.0 Description: The issue is related to SQL Injection in the rtbs/admin/index.php file via the username parameter. This allows for potential exploitation of the system. Recommendations: For Restaurant...

CVE-2023-5247

Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in...

PT-2023-30526 · Pimcore · Pimcore Admin Classic Bundle

Name of the Vulnerable Software and Affected Versions: Pimcore Admin Classic Bundle versions prior to 1.2.1 Description: The issue allows an attacker to see the path to the webroot/file, which can be used in conjunction with other vulnerabilities, such as SQL Injection using the load file query, ...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick

PNG Image Generator This Python script generates a PNG image...

Moderate: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2023:7024 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Path Traversal

golang is vulnerable to Path Traversal. The vulnerability is due to a lack of file path validation in pathwindows.go. This can allows an attacker to access arbitrary locations on a Windows system...

Insecure Parsing Of File Path

go is vulnerable to Insecure Parsing Of File Path. The vulnerability is due to the IsLocal function which insufficiently determines if reserved file names such as COM1 are local. An attacker can inject filenames with trailing spaces and superscripts, which will incorrectly deem these paths as loc...

PrestaShop Authorization Issues Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts, and product image scaling. An authorization issue vulnerability exists in PrestaShop blockreassurance versions prior to 5.1.4. The...

Moderate: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2023:6494 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following...

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following...

CVE-2023-5355

CVE-2023-5355 affects the WordPress plugin Awesome Support (versions before 6.1.5). The vulnerability arises when deleting temporary attachment files, where file path sanitization is insufficient, allowing a ticket submitter (low privileges) to delete arbitrary server files. CVSS v3.1 reflects 8....

PT-2023-12543

Name of the Vulnerable Software and Affected Versions Ortus Solutions ColdBox Elixir version 3.1.6 Description A problematic vulnerability has been found in Ortus Solutions ColdBox Elixir, affecting the ENV Variable Handler component, specifically the file src/defaultConfig.js. This issue leads t...

CVE-2023-5514

The response messages received from the eSOMS report generation using certain parameter queries with full file path can be abused for enumerating the local file system structure...

CVE-2023-5514

The response messages received from the eSOMS report generation using certain parameter queries with full file path can be abused for enumerating the local file system structure...

CVE-2023-5514

Hitachi Energy eSOMS is affected (v6.3.13 and earlier). The vulnerability (CVE-2023-5514) allows the response messages from report generation using certain parameter queries with full file paths to be abused for enumerating the local file system structure. Impact is information disclosure with a ...