Lucene search
K

15492 matches found

CVE
CVE
added 2023/04/05 7:40 a.m.44 views

CVE-2023-1857

CVE-2023-1857 impacts SourceCodester Online Computer and Laptop Store 1.0. The vulnerability is a cross-site scripting flaw in the admin file for managing products, specifically /admin/?page=product/manage_product&id=2, where manipulating the Product Name parameter (due to insufficient input filt...

6.1CVSS4.7AI score0.00611EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/04/05 12:0 a.m.4 views

SourceCodester Online Computer and Laptop Store 跨站脚本漏洞

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. A cross-site scripting vulnerability exists in Online Computer and Laptop Store v1.0. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in...

6.1CVSS6.2AI score0.00611EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/04/04 9:0 a.m.30 views

CVE-2023-1826 SourceCodester Online Computer and Laptop Store index.php unrestricted upload

A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file php-ocls\admin\systeminfo\index.php. The manipulation of the argument img leads to unrestricted upload. It is possible to initiate the atta...

6.5CVSS9.8AI score0.04353EPSS
Exploits4References3
CVE
CVE
added 2023/04/04 9:0 a.m.56 views

CVE-2023-1826

CVE-2023-1826 concerns SourceCodester Online Computer and Laptop Store 1.0. The vulnerability affects an unknown portion of php-ocls\admin\system_info\index.php where the attacker can manipulate the non-sanitized img parameter to upload arbitrary files, enabling remote code execution. Public writ...

9.8CVSS7.9AI score0.04353EPSS
Exploits4References3Affected Software1
CNNVD
CNNVD
added 2023/04/04 12:0 a.m.5 views

Online Computer and Laptop Store 代码问题漏洞

Online Computer and Laptop Store is an online computer and laptop store from Carlo Montero's personal developer. Online Computer and Laptop Store v1.0 is vulnerable to arbitrary file uploads. The vulnerability stems from a lack of validation of uploaded files in the...

9.8CVSS7.9AI score0.04353EPSS
Exploits4References5
ATTACKERKB
ATTACKERKB
added 2023/04/03 2:15 p.m.2 views

CVE-2023-1765

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Akbim Computer Panon allows SQL Injection. This issue affects Panon: before 1.0.2...

9.8CVSS7.4AI score0.00704EPSS
Exploits0References3
NVD
NVD
added 2023/04/03 2:15 p.m.12 views

CVE-2023-1765

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Akbim Computer Panon allows SQL Injection. This issue affects Panon: before 1.0.2...

9.8CVSS9.9AI score0.00704EPSS
Exploits0References2
NVD
NVD
added 2023/04/03 2:15 p.m.13 views

CVE-2023-1766

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Akbim Computer Panon allows Reflected XSS. This issue affects Panon: before 1.0.2...

6.1CVSS6.3AI score0.00372EPSS
Exploits0References2
Prion
Prion
added 2023/04/03 2:15 p.m.12 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Akbim Computer Panon allows Reflected XSS.This issue affects Panon: before 1.0.2...

5.8CVSS6.3AI score0.00372EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/04/03 2:15 p.m.14 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Akbim Computer Panon allows SQL Injection.This issue affects Panon: before 1.0.2...

7.5CVSS9.7AI score0.00704EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/03 1:28 p.m.14 views

CVE-2023-1766 XSS in Panon

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Akbim Computer Panon allows Reflected XSS. This issue affects Panon: before 1.0.2...

6.1CVSS6.5AI score0.00372EPSS
Exploits0References2
CVE
CVE
added 2023/04/03 1:28 p.m.42 views

CVE-2023-1766

The CVE-2023-1766 entry concerns Akbim Computer Panon with a reflected XSS vulnerability caused by improper neutralization of input during web page generation. Affected versions are Panon before 1.0.2. The vulnerability could allow an attacker to execute script in a victim’s browser in contexts w...

6.1CVSS6.4AI score0.00372EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/03 1:27 p.m.25 views

CVE-2023-1765 SQLi in Panon

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Akbim Computer Panon allows SQL Injection. This issue affects Panon: before 1.0.2...

9.8CVSS10AI score0.00704EPSS
Exploits0References2
CVE
CVE
added 2023/04/03 1:27 p.m.45 views

CVE-2023-1765

CVE-2023-1765 affects Panon (Akbim Computer Panon) with an SQL injection vulnerability due to improper neutralization of a special element in SQL commands; affected versions are before 1.0.2. The CVSS 3.1 base score is 9.8 (CRITICAL) with Network attack vector, no privileges required, user intera...

9.8CVSS7.4AI score0.00704EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/03 1:27 p.m.7 views

CVE-2023-1765 SQLi in Panon

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Akbim Computer Panon allows SQL Injection. This issue affects Panon: before 1.0.2...

9.8CVSS7.4AI score0.00704EPSS
Exploits0References2
Schneier on Security
Schneier on Security
added 2023/04/03 11:5 a.m.13 views

UK Runs Fake DDoS-for-Hire Sites

Brian Krebs is reporting that the UKs National Crime Agency is setting up fake DDoS-for-hire sites as part of a sting operation: The NCA says all of its fake so-called "booter" or "stresser" sites -­ which have so far been accessed by several thousand people--have been created to look like they...

7AI score
Exploits0
OSV
OSV
added 2023/04/03 6:24 a.m.5 views

MAL-2023-607 Malicious code in mobilecoin-wallet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4739ef2ec2f66acd195041b4cc6c271f5158fb855ec4319ae141dc9e86b95d31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/04/03 6:1 a.m.6 views

MAL-2023-653 Malicious code in omnigodz_testpkg (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b71e35f587d48902bd1b3b26de78a66c82c7f28faf7e7d339b607497d40cc318 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/04/03 5:46 a.m.11 views

MAL-2023-470 Malicious code in gd-login (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 190b8c40ae199e301f0ec2e1364caac0d49271c7fd8cc7ea7192502f06e2945c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/04/03 5:46 a.m.4 views

Malicious code in gd-apply (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 28fa196d02660fc75efc9c71f8cf8ee2ddc35286c432de6b7aa4f801a00a0013 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
Rows per page
Query Builder