Hoteldruid v3.0.5 - SQL Injection

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the nutenteagg parameter at /hoteldruid/interconnessioni.php. id: CVE-2023-43373 info: name: Hoteldruid v3.0.5 - SQL Injection author: ritikchaddha severity: critical description: | Hoteldruid v3.0.5 was discovered to...

Revive Adserver 5.4.1 - Cross-Site Scripting

A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and earlier versions. id: CVE-2023-38040 info: name: Revive Adserver 5.4.1 - Cross-Site Scripting author: ritikchaddha severity: medium description: | A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and earlier versions...

WordPress Core <=6.2 - Directory Traversal

WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wplang’ parameter. id: CVE-2023-2745 info: name: WordPress Core =6.2 - Directory Traversal author: nqdung2002 severity: medium description: | WordPress Core is vulnerable to Directory Traversal in...

Control iD iDSecure - Authentication Bypass

An authentication bypass vulnerability exists in Control iD iDSecure v4.7.32.0. The login routine used by iDS-Core.dll contains a "passwordCustom" option that allows an unauthenticated attacker to compute valid credentials that can be used to bypass authentication and act as an administrative use...

PrestaShop Theme Volty CMS Blog - SQL Injection

In the module 'Theme Volty CMS Blog' tvcmsblog up to versions 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions. id: CVE-2023-39650 info: name: PrestaShop Theme Volty CMS Blog - SQL Injection author: mastercho severity: critical description: | In the...

OPNsense - Cross-Site Scripting to RCE

There is a XSS in /ui/cron/item/open in the Cron component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 via openAction in app/controllers/OPNsense/Cron/ItemController.php. id: CVE-2023-39007 info: name: OPNsense - Cross-Site Scripting to RCE author: ritikchaddha...

Jeecg-Boot v3.5.1 - SQL Injection

SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData in jeecg-boot v3.5.1. id: CVE-2023-38992 info: name: Jeecg-Boot v3.5.1 - SQL Injection author: ritikchaddha severity: critical description: | SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData...

PyTorch TorchServe SSRF

TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to compromise the integrity...

EyouCms v1.6.2 - Cross-Site Scripting

EyouCms v1.6.2 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /admin/twitter.php?activet. id: CVE-2023-41597 info: name: EyouCms v1.6.2 - Cross-Site Scripting author: ritikchaddha severity: medium description: | EyouCms v1.6.2 was discovered to...

Bloofox v0.5.2.1 - SQL Injection

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit. id: CVE-2023-34754 info: name: Bloofox v0.5.2.1 - SQL Injection author: ritikchaddha severity: critical description: | bloofox v0.5.2.1 was...

SRS - Command Injection

SRS's v5.0.137v5.0.156, v6.0.18v6.0.47 api-server server is vulnerable to a drive-by command injection. id: CVE-2023-34105 info: name: SRS - Command Injection author: iamnoooob,rootxharsh,pdresearch severity: high description: | SRS's v5.0.137v5.0.156, v6.0.18v6.0.47 api-server server is vulnerab...

XWiki >= 13.10.8 - Cross-Site Scripting

Reflected XSS vulnerability in XWiki authenticate endpoints allows execution of arbitrary JavaScript. id: CVE-2023-29506 info: name: XWiki = 13.10.8 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Reflected XSS vulnerability in XWiki authenticate endpoints allows...

PrestaShop xipblog - SQL Injection

In the blog module xipblog, an anonymous user can perform SQL injection. Even though the module has been patched in version 2.0.1, the version number was not incremented at the time. id: CVE-2023-27847 info: name: PrestaShop xipblog - SQL Injection author: mastercho severity: critical description...

Qualitor <= 8.20 - Remote Code Execution

Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter. id: CVE-2023-47253 info: name: Qualitor = 8.20 - Remote Code Execution author: s4e-io severity: critical description: |...

Chaosblade < 1.7.4 - Remote Code Execution

exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command execution via the cmd parameter without authentication. id: CVE-2023-47105 info: name: Chaosblade 1.7.4 - Remote Code Execution author: s4e-io severity: high description: | exec.CommandContext in...

LG Simple Editor <= v3.21.0 - Command Injection

LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

GiveWP - PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. id: CVE-2024-5932 info: name: GiveWP - PHP Object Injection author:...

SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure

A vulnerability was identified in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, impacting the file handling functions. This flaw results in authenticated file disclosure, granting unauthorized access to sensitive files and directories. Although authentication is...

PerkinElmer ProcessPlus <= 1.11.6507.0 - Local File Inclusion

Files on the Windows system are accessible without authentication to external parties due to a local file inclusion in PerkinElmer ProcessPlus.This issue affects ProcessPlus through 1.11.6507.0. id: CVE-2024-6911 info: name: PerkinElmer ProcessPlus = 1.11.6507.0 - Local File Inclusion author:...

BerqWP <= 1.7.6 - Arbitrary File Upload

The BerqWP Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /api/storewebp.php file in all versions up to, and including, 1.7.6...