Lucene search
K

6611 matches found

CNNVD
CNNVD
added 2023/03/28 12:0 a.m.3 views

MK-Auth 代码问题漏洞

Mk-Auth is a Brazilian ISP management system from Mk-Auth Inc. It is used to control client access and permissions through a web interface panel. A security vulnerability exists in MK-Auth version 23.01K4.9. An attacker can exploit the vulnerability to execute arbitrary code by uploading an...

8.8CVSS8.5AI score0.008EPSS
Exploits0References2
CVE
CVE
added 2023/03/28 12:0 a.m.47 views

CVE-2023-27246

Summary of CVE-2023-27246: An arbitrary file upload vulnerability exists in the Virtual Disk component of MK-Auth 23.01K4.9 that allows an attacker to execute arbitrary code by uploading a crafted .htaccess file. The public references describe MK-Auth 23.01K4.9 as affected, with the vulnerability...

8.8CVSS8.8AI score0.008EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/28 12:0 a.m.7 views

CVE-2023-27246

An arbitrary file upload vulnerability in the Virtual Disk of MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted .htaccess file...

8.8AI score0.008EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/28 12:0 a.m.3 views

PT-2023-21028 · Mk-Auth · Mk-Auth

Name of the Vulnerable Software and Affected Versions: MK-Auth version 23.01K4.9 Description: An arbitrary file upload vulnerability in the Virtual Disk of MK-Auth allows attackers to execute arbitrary code via uploading a crafted .htaccess file. Recommendations: For MK-Auth version 23.01K4.9,...

8.8CVSS7.9AI score0.008EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/03/28 12:0 a.m.6 views

PT-2023-14675 · Xiongmaitech · Mbd6304T Firmware +1

exploit 1. CVE-2024-0012/CVE-2024-9474: Auth Bypass in PAN-OS Web Interface https://t.co/SgNOxX5gde 2. CVE-2025-23369: GitHub Entreprise Server SAML auth bypass https://t.co/iCGbLYz9rt 3. CVE-2022-45460: ROPing our way to RCE https://t.co/GzC2JZCb2N...

9.8CVSS8.2AI score0.99698EPSS
Exploits21References7
CVE
CVE
added 2023/03/27 2:5 p.m.54 views

CVE-2023-22707

CVE-2023-22707 affects WordPress Greenshift – animation and page builder blocks plugin versions

5.9CVSS5.3AI score0.00404EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2023/03/27 12:0 a.m.274 views

Aero CMS v0.0.1 - PHP Code Injection (auth) Vulnerability

Exploit Title: Aero CMS v0.0.1 - PHP Code Injection auth Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using XAMPP, Apache/2.4.48 Win...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/24 12:0 a.m.261 views

Linksys AX3200 1.1.00 Command Injection

Exploit Title: Linksys AX3200 V1.1.00 - Command Injection Date: 2022-09-19 Exploit Author: Ahmed Alroky Author: Linksys Version: 1.1.00 Authentication Required: YES CVE : CVE-2022-38841 Tested on: Windows Proof Of Concept: 1 - login into AX3200 webui 2 - go to diagnostics page 3 - put...

8.8AI score0.1067EPSS
Exploits4
CVE
CVE
added 2023/03/23 4:48 p.m.66 views

CVE-2023-26008

CVE-2023-26008 affects the WordPress plugin Top 10 – Popular posts (

5.9CVSS5AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/03/23 4:18 p.m.54 views

CVE-2023-25992

CVE-2023-25992 : Affected product is the WordPress plugin CM Answers

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/03/23 12:44 p.m.58 views

CVE-2023-23864

CVE-2023-23864 affects the WordPress plugin Very Simple Google Maps (Michael Aronoff) and is due to an XSS flaw in the plugin’s handling of shortcode attributes. Concretely, versions up to and including 2.8.4 are vulnerable; exploitation requires authenticated access from contributors or higher. ...

6.5CVSS5.4AI score0.00393EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/03/23 12:40 p.m.59 views

CVE-2023-23650

Summary: CVE-2023-23650 affects the WordPress plugin MainWP Code Snippets Extension for versions

6.5CVSS5.4AI score0.00383EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/23 12:35 p.m.18 views

CVE-2023-22712 WordPress TemplatesNext ToolKit Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in TemplatesNext TemplatesNext ToolKit plugin = 3.2.7 versions...

6.5CVSS6AI score0.00383EPSS
Exploits0References1
CVE
CVE
added 2023/03/23 12:31 p.m.61 views

CVE-2023-22715

WP-CommentNavi (WordPress)

5.9CVSS5AI score0.00392EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/03/23 12:15 p.m.57 views

CVE-2023-22716

CVE-2023-22716 affects WordPress OOPSpam Anti-Spam plugin, versions

5.9CVSS5AI score0.00392EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/03/23 12:15 p.m.11 views

CVE-2022-45843

Auth. contributor+ Stored Cross-Site Scripting vulnerability in Nextend Smart Slider 3 plugin = 3.5.1.9 versions...

5.4CVSS5.3AI score0.00383EPSS
Exploits0References1
CVE
CVE
added 2023/03/23 11:33 a.m.56 views

CVE-2022-44742

The CVE-2022-44742 entry concerns the WordPress Community Events plugin, affected versions are = 1.4.9) when available, and monitor for updated advisories from the plugin maintainers.

4.8CVSS4.9AI score0.00392EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2023/03/23 12:0 a.m.270 views

WorkOrder CMS 0.1.0 - SQL Injection Vulnerability

Exploit Title: WorkOrder CMS 0.1.0 - SQL Injection Exploit Author: Chokri Hammedi Vendor Homepage: https://github.com/romzes13/WorkOrderCMS Software Link: https://github.com/romzes13/WorkOrderCMS/archive/refs/tags/v0.1.0.zip Version: 0.1.0 Tested on: Linux Auth Bypass: username:' or '1'='1...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2023/03/23 12:0 a.m.162 views

WorkOrder CMS 0.1.0 - SQL Injection

Exploit Title: WorkOrder CMS 0.1.0 - SQL Injection Date: Sep 22, 2022 Exploit Author: Chokri Hammedi Vendor Homepage: https://github.com/romzes13/WorkOrderCMS Software Link: https://github.com/romzes13/WorkOrderCMS/archive/refs/tags/v0.1.0.zip Version: 0.1.0 Tested on: Linux Auth Bypass: username...

7.4AI score
Exploits0
CVE
CVE
added 2023/03/21 5:57 a.m.55 views

CVE-2022-41785

CVE-2022-41785 concerns a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Gallery Images Ape (Galleryape Gallery Images Ape) , affecting versions

5.4CVSS5.3AI score0.00383EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder