Lucene search
K

132 matches found

Cvelist
Cvelist
added 2023/12/13 7:0 p.m.30 views

CVE-2023-6772 OTCMS ind_backstage.php sql injection

A vulnerability, which was classified as critical, was found in OTCMS 7.01. Affected is an unknown function of the file /admin/indbackstage.php. The manipulation of the argument sqlContent leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

5.8CVSS7.6AI score0.00584EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/12/13 7:0 p.m.4 views

CVE-2023-6772 OTCMS ind_backstage.php sql injection

A vulnerability, which was classified as critical, was found in OTCMS 7.01. Affected is an unknown function of the file /admin/indbackstage.php. The manipulation of the argument sqlContent leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

5.8CVSS5.9AI score0.00584EPSS
Exploits1References3
CVE
CVE
added 2023/12/13 7:0 p.m.39 views

CVE-2023-6772

CVE-2023-6772 affects OTCMS 7.01; vulnerable component is an unknown function in /admin/ind_backstage.php where the sqlContent parameter enables SQL injection. Attack can be launched remotely and exploitation has been publicly disclosed. Documented impact is high (potential data exposure/integrit...

7.2CVSS6.1AI score0.00584EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2023/06/14 9:15 a.m.11 views

CVE-2023-3239

A vulnerability, which was classified as problematic, was found in OTCMS up to 6.62. Affected is an unknown function of the file admin/readDeal.php?mudi=readQrCode. The manipulation of the argument img leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be...

7.5CVSS5.1AI score0.00961EPSS
Exploits1References3
NVD
NVD
added 2023/06/14 9:15 a.m.8 views

CVE-2023-3241

A vulnerability was found in OTCMS up to 6.62 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/read.php?mudi=announContent. The manipulation of the argument url leads to path traversal. The exploit has been disclosed to the public and may be...

7.5CVSS5AI score0.00961EPSS
Exploits1References3
OSV
OSV
added 2023/06/14 9:15 a.m.4 views

CVE-2023-3240

A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNewsdeal.php. The manipulation of the argument file leads to path traversal: '../filedir'. The exploit has been disclosed to the public and...

6.5CVSS4.8AI score0.00964EPSS
Exploits1References3
NVD
NVD
added 2023/06/14 9:15 a.m.13 views

CVE-2023-3240

A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNewsdeal.php. The manipulation of the argument file leads to path traversal: '../filedir'. The exploit has been disclosed to the public and...

6.5CVSS4.8AI score0.00964EPSS
Exploits1References3
Prion
Prion
added 2023/06/14 9:15 a.m.16 views

Path traversal

A vulnerability, which was classified as problematic, was found in OTCMS up to 6.62. Affected is an unknown function of the file admin/readDeal.php?mudi=readQrCode. The manipulation of the argument img leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be...

2.7CVSS7.6AI score0.00961EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/06/14 9:15 a.m.15 views

Path traversal

A vulnerability was found in OTCMS up to 6.62 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/read.php?mudi=announContent. The manipulation of the argument url leads to path traversal. The exploit has been disclosed to the public and may be...

2.7CVSS7.5AI score0.00961EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/06/14 9:15 a.m.20 views

Path traversal

A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNewsdeal.php. The manipulation of the argument file leads to path traversal: '../filedir'. The exploit has been disclosed to the public and...

2.7CVSS6.6AI score0.00964EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/06/14 9:0 a.m.49 views

CVE-2023-3241

OTCMS up to version 6.62 contains a path traversal vulnerability in the file /admin/read.php?mudi=announContent via manipulation of the url parameter. Public exploit/abuse has been disclosed. Affected functionality is unknown, but the issue arises from improper handling of the url argument, enabl...

7.5CVSS5.6AI score0.00961EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/06/14 9:0 a.m.20 views

CVE-2023-3241 OTCMS path traversal

A vulnerability was found in OTCMS up to 6.62 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/read.php?mudi=announContent. The manipulation of the argument url leads to path traversal. The exploit has been disclosed to the public and may be...

3.5CVSS7.7AI score0.00961EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/06/14 8:31 a.m.17 views

CVE-2023-3240 OTCMS usersNews_deal.php path traversal

A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNewsdeal.php. The manipulation of the argument file leads to path traversal: '../filedir'. The exploit has been disclosed to the public and...

3.5CVSS6.8AI score0.00964EPSS
Exploits1References3
CVE
CVE
added 2023/06/14 8:31 a.m.53 views

CVE-2023-3240

CVE-2023-3240 affects OTCMS up to version 6.62, involving an issue in the file usersNews_deal.php where manipulating the file parameter enables path traversal via '../filedir'. Public exploitation has been disclosed. The vulnerability is described as a path traversal exposure; no remediation deta...

6.5CVSS4.8AI score0.00964EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/14 8:31 a.m.10 views

CVE-2023-3240 OTCMS usersNews_deal.php path traversal

A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNewsdeal.php. The manipulation of the argument file leads to path traversal: '../filedir'. The exploit has been disclosed to the public and...

3.5CVSS6.9AI score0.00964EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/06/14 8:31 a.m.16 views

CVE-2023-3239 OTCMS path traversal

A vulnerability, which was classified as problematic, was found in OTCMS up to 6.62. Affected is an unknown function of the file admin/readDeal.php?mudi=readQrCode. The manipulation of the argument img leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be...

3.5CVSS7.8AI score0.00961EPSS
Exploits1References3
CVE
CVE
added 2023/06/14 8:31 a.m.48 views

CVE-2023-3239

CVE-2023-3239 affects OTCMS up to version 6.62. Affected is an unknown function in admin/readDeal.php?mudi=readQrCode; manipulating the img parameter can trigger path traversal to ../filedir. The vulnerability has been publicly disclosed. Multiple connected sources (Red Hat, PRION, PT Security, C...

7.5CVSS5.7AI score0.00961EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/06/14 8:15 a.m.2 views

CVE-2023-3238

A vulnerability, which was classified as critical, has been found in OTCMS up to 6.62. This issue affects some unknown processing of the file /admin/read.php?mudi=getSignal. The manipulation of the argument signalUrl leads to server-side request forgery. The attack may be initiated remotely. The...

9.8CVSS6.2AI score
Exploits0References3
NVD
NVD
added 2023/06/14 8:15 a.m.15 views

CVE-2023-3238

A vulnerability, which was classified as critical, has been found in OTCMS up to 6.62. This issue affects some unknown processing of the file /admin/read.php?mudi=getSignal. The manipulation of the argument signalUrl leads to server-side request forgery. The attack may be initiated remotely. The...

9.8CVSS7.2AI score0.00738EPSS
Exploits1References3
NVD
NVD
added 2023/06/14 8:15 a.m.27 views

CVE-2023-3237

A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects unknown code. The manipulation of the argument username/password with the input admin leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier ...

9.8CVSS7.2AI score0.00932EPSS
Exploits1References3
Rows per page
Query Builder